Repository: Proteas/apple-cve Branch: master Commit: f915f89da5c1 Files: 34 Total size: 6.7 MB Directory structure: gitextract_69hxtqe0/ ├── .gitignore ├── 2011/ │ ├── 2011.json │ └── README.md ├── 2012/ │ ├── 2012.json │ └── README.md ├── 2013/ │ ├── 2013.json │ └── README.md ├── 2014/ │ ├── 2014.json │ └── README.md ├── 2015/ │ ├── 2015.json │ └── README.md ├── 2016/ │ ├── 2016.json │ └── README.md ├── 2017/ │ ├── 2017.json │ └── README.md ├── 2018/ │ ├── 2018.json │ └── README.md ├── 2019/ │ ├── 2019.json │ └── README.md ├── 2020/ │ ├── 2020.json │ └── README.md ├── 2021/ │ ├── 2021.json │ └── README.md ├── 2022/ │ ├── 2022.json │ └── README.md ├── 2023/ │ ├── 2023.json │ └── README.md ├── 2024/ │ ├── 2024.json │ └── README.md ├── 2025/ │ ├── 2025.json │ └── README.md ├── 2026/ │ ├── 2026.json │ └── README.md └── README.md ================================================ FILE CONTENTS ================================================ ================================================ FILE: .gitignore ================================================ # Xcode # # gitignore contributors: remember to update Global/Xcode.gitignore, Objective-C.gitignore & Swift.gitignore ## Build generated build/ DerivedData/ ## Various settings *.pbxuser !default.pbxuser *.mode1v3 !default.mode1v3 *.mode2v3 !default.mode2v3 *.perspectivev3 !default.perspectivev3 xcuserdata/ ## Other *.moved-aside *.xccheckout *.xcscmblueprint ## Obj-C/Swift specific *.hmap *.ipa *.dSYM.zip *.dSYM # CocoaPods # # We recommend against adding the Pods directory to your .gitignore. However # you should judge for yourself, the pros and cons are mentioned at: # https://guides.cocoapods.org/using/using-cocoapods.html#should-i-check-the-pods-directory-into-source-control # # Pods/ # Carthage # # Add this line if you want to avoid checking in source code from Carthage dependencies. # Carthage/Checkouts Carthage/Build # fastlane # # It is recommended to not store the screenshots in the git repo. Instead, use fastlane to re-generate the # screenshots whenever they are needed. # For more information about the recommended setup visit: # https://docs.fastlane.tools/best-practices/source-control/#source-control fastlane/report.xml fastlane/Preview.html fastlane/screenshots/**/*.png fastlane/test_output # Code Injection # # After new code Injection tools there's a generated folder /iOSInjectionProject # https://github.com/johnno1962/injectionforxcode iOSInjectionProject/ ================================================ FILE: 2011/2011.json ================================================ [ { "available": [ "Mac OS X v10.6 through v10.6.6, Mac OS X Server v10.6 through v10.6.6" ], "credit": "", "description": "PHP is updated to version 5.3.4 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the PHP website at", "id": "CVE-2006-7243", "impact": "Multiple vulnerabilities in PHP 5.3.3", "links": [ "http://support.apple.com/en-us/HT4581" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5 or later, Windows 7, Vista, XP SP2 or later" ], "credit": "Francisco Amato of Infobyte Security Research", "description": "iTunes periodically checks for software updates using an HTTP request to Apple. This request may cause iTunes to indicate that an update is available. If Apple Software Update for Windows is not installed, clicking the Download iTunes button may open the URL from the HTTP response in the user's default browser. This issue has been mitigated by using a secured connection when checking for available updates. For OS X systems, the user's default browser is not used because Apple Software Update is included with OS X, however this change adds additional defense-in-depth.", "id": "CVE-2008-3434", "impact": "A man-in-the-middle attacker may offer software that appears to originate from Apple", "links": [ "http://support.apple.com/en-us/HT5030" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7" ], "credit": "", "description": "Multiple vulnerabilities existed in OpenSSL, the most serious of which may lead to arbitrary code execution. These issues are addressed by updating OpenSSL to version 0.9.8r.", "id": "CVE-2009-3245", "impact": "Multiple vulnerabilities in OpenSSL", "links": [ "http://support.apple.com/en-us/HT4723" ], "module": "OpenSSL", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8" ], "credit": "", "description": "Multiple denial of service issues existed in BIND. These issues are addressed by updating BIND to version 9.6-ESV-R4-P3.", "id": "CVE-2009-4022", "impact": "Multiple vulnerabilities in BIND", "links": [ "http://support.apple.com/en-us/HT5002" ], "module": "BIND", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8" ], "credit": "", "description": "Multiple denial of service issues existed in BIND. These issues are addressed by updating BIND to version 9.6-ESV-R4-P3.", "id": "CVE-2010-0097", "impact": "Multiple vulnerabilities in BIND", "links": [ "http://support.apple.com/en-us/HT5002" ], "module": "BIND", "rsr": "", "update": "" }, { "available": [ "Mac OS X Server v10.5.8, Mac OS X Server v10.6.6", "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6 through v10.6.6, Mac OS X Server v10.6 through v10.6.6" ], "credit": "", "description": "An integer overflow issue existed in bzip2's handling of bzip2 compressed files. Using the command line bzip2 or bunzip2 tool to decompress a bzip2 file may result in an unexpected application termination or arbitrary code execution.", "id": "CVE-2010-0405", "impact": "Using the command line bzip2 or bunzip2 tool to decompress a bzip2 file may result in an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4581" ], "module": "bzip2", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7" ], "credit": "", "description": "Multiple vulnerabilities existed in OpenSSL, the most serious of which may lead to arbitrary code execution. These issues are addressed by updating OpenSSL to version 0.9.8r.", "id": "CVE-2010-0740", "impact": "Multiple vulnerabilities in OpenSSL", "links": [ "http://support.apple.com/en-us/HT4723" ], "module": "OpenSSL", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8" ], "credit": "", "description": "Tomcat is updated to version 6.0.32 to address multiple vulnerabilities, the most serious of which may lead to a cross site scripting attack. Tomcat is only provided on Mac OS X Server systems. This issue does not affect OS X Lion systems. Further information is available via the Tomcat site at", "id": "CVE-2010-1157", "impact": "Multiple vulnerabilities in Tomcat 6.0.24", "links": [ "http://support.apple.com/en-us/HT5002" ], "module": "Tomcat", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later" ], "credit": "", "description": "libpng is updated to version 1.4.3 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. For Mac OS X v10.5 systems, this is addressed in Security Update 2010-007. Further information is available via the libpng website at", "id": "CVE-2010-1205", "impact": "Multiple vulnerabilities in libpng", "links": [ "http://support.apple.com/en-us/HT4554" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6 through v10.6.6, Mac OS X Server v10.6 through v10.6.6" ], "credit": "", "description": "Multiple cryptographic issues existed in MIT Kerberos 5. Only CVE-2010-1323 affects Mac OS X v10.5. Further information on the issues and the patches applied is available via the MIT Kerberos website at", "id": "CVE-2010-1323", "impact": "Multiple vulnerabilities in MIT Kerberos 5", "links": [ "http://support.apple.com/en-us/HT4581" ], "module": "Kerberos", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6 through v10.6.6, Mac OS X Server v10.6 through v10.6.6" ], "credit": "", "description": "Multiple cryptographic issues existed in MIT Kerberos 5. Only CVE-2010-1323 affects Mac OS X v10.5. Further information on the issues and the patches applied is available via the MIT Kerberos website at", "id": "CVE-2010-1324", "impact": "Multiple vulnerabilities in MIT Kerberos 5", "links": [ "http://support.apple.com/en-us/HT4581" ], "module": "Kerberos", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later" ], "credit": "Takehiro Takahashi of IBM X-Force Research", "description": "The NTLM authentication protocol is susceptible to a replay attack referred to as credential reflection. Authenticating to a maliciously crafted website may lead to arbitrary code execution. To mitigate this issue, Safari has been updated to utilize protection mechanisms recently added to Windows. This issue does not affect Mac OS X systems.", "id": "CVE-2010-1383", "impact": "Authenticating to a maliciously crafted website may lead to arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4808" ], "module": "CFNetwork", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later" ], "credit": "Hidetake Jo working with Microsoft Vulnerability Research (MSVR), Neal Poole of Matasano Security", "description": "In certain situations, Safari may treat a file as HTML, even if it is served with the 'text/plain' content type. This may lead to a cross-site scripting attack on sites that allow untrusted users to post text files. This issue is addressed through improved handling of 'text/plain' content.", "id": "CVE-2010-1420", "impact": "Visiting a maliciously crafted website may lead to a cross-site scripting attack", "links": [ "http://support.apple.com/en-us/HT4808" ], "module": "CFNetwork", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6 through v10.6.6, Mac OS X Server v10.6 through v10.6.6" ], "credit": "", "description": "Apache is updated to version 2.2.17 to address several vulnerabilities, the most serious of which may lead to a denial of service. Further information is available via the Apache web site at", "id": "CVE-2010-1452", "impact": "Multiple vulnerabilities in Apache 2.2.15", "links": [ "http://support.apple.com/en-us/HT4581" ], "module": "Apache", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1" ], "credit": "", "description": "Multiple vulnerabilities existed in python, the most serious of which may lead to arbitrary code execution. This update addresses the issues by applying patches from the python project. Further information is available via the python site at", "id": "CVE-2010-1634", "impact": "Multiple vulnerabilities in python", "links": [ "http://support.apple.com/en-us/HT5002" ], "module": "python", "rsr": "", "update": "" }, { "available": [ "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "", "description": "Multiple memory corruption issues exist in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2010-1792", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4564" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later" ], "credit": "David Weston of Microsoft and Microsoft Vulnerability Research (MSVR), wushi of team509, and Yong Li of Research In Motion Ltd.", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2010-1823", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution.", "links": [ "http://support.apple.com/en-us/HT4808", "http://support.apple.com/en-us/HT4981" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "kuzzcc, and wushi of team509 working with TippingPoint's Zero Day Initiative", "description": "Multiple memory corruption issues exist in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2010-1824", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4554", "http://support.apple.com/en-us/HT4564" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6 through v10.6.6, Mac OS X Server v10.6 through v10.6.6" ], "credit": "", "description": "Apache is updated to version 2.2.17 to address several vulnerabilities, the most serious of which may lead to a denial of service. Further information is available via the Apache web site at", "id": "CVE-2010-2068", "impact": "Multiple vulnerabilities in Apache 2.2.15", "links": [ "http://support.apple.com/en-us/HT4581" ], "module": "Apache", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1" ], "credit": "", "description": "Multiple vulnerabilities existed in python, the most serious of which may lead to arbitrary code execution. This update addresses the issues by applying patches from the python project. Further information is available via the python site at", "id": "CVE-2010-2089", "impact": "Multiple vulnerabilities in python", "links": [ "http://support.apple.com/en-us/HT5002" ], "module": "python", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8" ], "credit": "", "description": "Tomcat is updated to version 6.0.32 to address multiple vulnerabilities, the most serious of which may lead to a cross site scripting attack. Tomcat is only provided on Mac OS X Server systems. This issue does not affect OS X Lion systems. Further information is available via the Tomcat site at", "id": "CVE-2010-2227", "impact": "Multiple vulnerabilities in Tomcat 6.0.24", "links": [ "http://support.apple.com/en-us/HT5002" ], "module": "Tomcat", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later" ], "credit": "", "description": "libpng is updated to version 1.4.3 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. For Mac OS X v10.5 systems, this is addressed in Security Update 2010-007. Further information is available via the libpng website at", "id": "CVE-2010-2249", "impact": "Multiple vulnerabilities in libpng", "links": [ "http://support.apple.com/en-us/HT4554" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7" ], "credit": "Maksymilian Arciemowicz", "description": "Applications which use the glob(3) API may be vulnerable to a denial of service. If the glob pattern comes from untrusted input, the application may hang or use excessive CPU resources. This issue is addressed through improved validation of glob patterns.", "id": "CVE-2010-2632", "impact": "Applications which use the glob(3) API may be vulnerable to a denial of service", "links": [ "http://support.apple.com/en-us/HT4723" ], "module": "Libsystem", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6 through v10.6.6, Mac OS X Server v10.6 through v10.6.6" ], "credit": "", "description": "PHP is updated to version 5.3.4 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the PHP website at", "id": "CVE-2010-2950", "impact": "Multiple vulnerabilities in PHP 5.3.3", "links": [ "http://support.apple.com/en-us/HT4581" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8", "Mac OS X v10.6 through v10.6.6, Mac OS X Server v10.6 through v10.6.6" ], "credit": "", "description": "A stack buffer overflow existed in Samba's handling of Windows Security IDs. If SMB file sharing is enabled, a remote attacker may cause a denial of service or arbitrary code execution. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X 10.6.7.", "id": "CVE-2010-3069", "impact": "If SMB file sharing is enabled, a remote attacker may cause a denial of service or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4581", "http://support.apple.com/en-us/HT4723" ], "module": "Samba", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6 through v10.6.6, Mac OS X Server v10.6 through v10.6.6" ], "credit": "", "description": "Multiple cross-site scripting issues existed in Mailman 2.1.13. These issues are addressed by updating Mailman to version 2.1.14. Further information is available via the Mailman site at", "id": "CVE-2010-3089", "impact": "Multiple vulnerabilities in Mailman 2.1.13", "links": [ "http://support.apple.com/en-us/HT4581" ], "module": "Mailman", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6 through v10.6.6, Mac OS X Server v10.6 through v10.6.6" ], "credit": "", "description": "Subversion servers that use the non-default \"SVNPathAuthz short_circuit\" mod_dav_svn configuration setting may allow unauthorized users to access portions of the repository. This issue is addressed by updating Subversion to version 1.6.13. This issue does not affect systems prior to Mac OS X v10.6.", "id": "CVE-2010-3315", "impact": "Subversion servers that use the non-default \"SVNPathAuthz short_circuit\" mod_dav_svn configuration setting may allow unauthorized users to access portions of the repository", "links": [ "http://support.apple.com/en-us/HT4581" ], "module": "Subversion", "rsr": "", "update": "" }, { "available": [ "Mac OS X Server v10.5.8, Mac OS X Server v10.6.6" ], "credit": "", "description": "Multiple vulnerabilities exist in ClamAV, the most serious of which may lead to arbitrary code execution. This update addresses the issues by updating ClamAV to version 0.96.5. ClamAV is distributed only with Mac OS X Server systems. Further information is available via the ClamAV website at", "id": "CVE-2010-3434", "impact": "Multiple vulnerabilities in ClamAV", "links": [ "http://support.apple.com/en-us/HT4581" ], "module": "ClamAV", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8", "Mac OS X v10.6.8, Mac OS X Server v10.6.8" ], "credit": "", "description": "PHP is updated to version 5.3.6 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. This issues do not affect OS X Lion systems. Further information is available via the PHP website at", "id": "CVE-2010-3436", "impact": "Multiple vulnerabilities in PHP 5.3.4", "links": [ "http://support.apple.com/en-us/HT4581", "http://support.apple.com/en-us/HT5002" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8" ], "credit": "", "description": "Multiple denial of service issues existed in BIND. These issues are addressed by updating BIND to version 9.6-ESV-R4-P3.", "id": "CVE-2010-3613", "impact": "Multiple vulnerabilities in BIND", "links": [ "http://support.apple.com/en-us/HT5002" ], "module": "BIND", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8" ], "credit": "", "description": "Multiple denial of service issues existed in BIND. These issues are addressed by updating BIND to version 9.6-ESV-R4-P3.", "id": "CVE-2010-3614", "impact": "Multiple vulnerabilities in BIND", "links": [ "http://support.apple.com/en-us/HT5002" ], "module": "BIND", "rsr": "", "update": "" }, { "available": [ "Mac OS X Server v10.5.8, Mac OS X Server v10.6 through v10.6.7" ], "credit": "", "description": "MySQL is updated to version 5.0.92 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. MySQL is only provided with Mac OS X Server systems.", "id": "CVE-2010-3677", "impact": "Multiple vulnerabilities in MySQL 5.0.91", "links": [ "http://support.apple.com/en-us/HT4723" ], "module": "MySQL", "rsr": "", "update": "" }, { "available": [ "Mac OS X Server v10.5.8, Mac OS X Server v10.6 through v10.6.7" ], "credit": "", "description": "MySQL is updated to version 5.0.92 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. MySQL is only provided with Mac OS X Server systems.", "id": "CVE-2010-3682", "impact": "Multiple vulnerabilities in MySQL 5.0.91", "links": [ "http://support.apple.com/en-us/HT4723" ], "module": "MySQL", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8", "Mac OS X v10.6 through v10.6.6, Mac OS X Server v10.6 through v10.6.6" ], "credit": "", "description": "PHP is updated to version 5.3.4 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the PHP website at", "id": "CVE-2010-3709", "impact": "Multiple vulnerabilities in PHP 5.3.3", "links": [ "http://support.apple.com/en-us/HT4581" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6 through v10.6.6, Mac OS X Server v10.6 through v10.6.6" ], "credit": "", "description": "PHP is updated to version 5.3.4 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the PHP website at", "id": "CVE-2010-3710", "impact": "Multiple vulnerabilities in PHP 5.3.3", "links": [ "http://support.apple.com/en-us/HT4581" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8" ], "credit": "", "description": "Tomcat is updated to version 6.0.32 to address multiple vulnerabilities, the most serious of which may lead to a cross site scripting attack. Tomcat is only provided on Mac OS X Server systems. This issue does not affect OS X Lion systems. Further information is available via the Tomcat site at", "id": "CVE-2010-3718", "impact": "Multiple vulnerabilities in Tomcat 6.0.24", "links": [ "http://support.apple.com/en-us/HT5002" ], "module": "Tomcat", "rsr": "", "update": "" }, { "available": [ "iOS", "iWork 9.0 through 9.0.5" ], "credit": "Apple", "description": "A buffer overflow existed in the handling of Excel files. Opening a maliciously crafted Excel file in Numbers may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2010-3785", "impact": "Opening a maliciously crafted Excel file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4830", "http://support.apple.com/en-us/HT5004" ], "module": "Numbers", "rsr": "", "update": "" }, { "available": [ "iOS", "iWork 9.0 through 9.0.5." ], "credit": "Tobias Klein, working with VeriSign iDefense Labs", "description": "A memory corruption issue existed in the handling of Excel files. Opening a maliciously crafted Excel file in Numbers may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2010-3786", "impact": "Opening a maliciously crafted Excel file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4830", "http://support.apple.com/en-us/HT5004" ], "module": "Numbers", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7" ], "credit": "Subreption LLC working with TippingPoint's Zero Day Initiative", "description": "A buffer overflow existed in QuickTime's handling of PICT images. Viewing a maliciously crafted PICT image may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2010-3790", "impact": "Viewing a maliciously crafted PICT image may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4723" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6 through v10.6.6, Mac OS X Server v10.6 through v10.6.6" ], "credit": "Damian Put working with TippingPoint's Zero Day Initiative, and Rodrigo Rubira Branco from the Check Point Vulnerability Discovery Team", "description": "A memory corruption issue existed in QuickTime's handling of FlashPix images. Viewing a maliciously crafted FlashPix image may lead to an unexpected application termination or arbitrary code execution. For Mac OS X v10.5 this issue was addressed in QuickTime 7.6.9.", "id": "CVE-2010-3801", "impact": "Viewing a maliciously crafted FlashPix image may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4581" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6 through v10.6.6, Mac OS X Server v10.6 through v10.6.6" ], "credit": "an anonymous researcher working with TippingPoint's Zero Day Initiative", "description": "A memory corruption issue existed in QuickTime's handling of panorama atoms in QTVR (QuickTime Virtual Reality) movie files. Viewing a maliciously crafted QTVR movie file may lead to an unexpected application termination or arbitrary code execution. For Mac OS X v10.5 this issue was addressed in QuickTime 7.6.9.", "id": "CVE-2010-3802", "impact": "Viewing a maliciously crafted QTVR movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4581" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6 through v10.6.6, Mac OS X Server v10.6 through v10.6.6" ], "credit": "", "description": "Multiple vulnerabilities existed in FreeType, the most serious of which may lead to arbitrary code execution when processing a maliciously crafted font. These issues are addressed by updating FreeType to version 2.4.4. Further information is available via the FreeType site at http://www.freetype.org/", "id": "CVE-2010-3814", "impact": "Multiple vulnerabilities in FreeType", "links": [ "http://support.apple.com/en-us/HT4581" ], "module": "X11", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later" ], "credit": "Mike Cardwell of Cardwell IT Ltd.", "description": "DNS prefetching was enabled by default in WebKit. Applications that use WebKit, such a s mail clients, may connect to an arbitrary DNS server upon processing HTML content. This update addresses the issue by requiring applications to opt in to DNS prefetching.", "id": "CVE-2010-3829", "impact": "Applications that use WebKit, such as mail clients, may connect to an arbitrary DNS server upon processing HTML content", "links": [ "http://support.apple.com/en-us/HT4808" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X Server v10.5.8, Mac OS X Server v10.6 through v10.6.7" ], "credit": "", "description": "MySQL is updated to version 5.0.92 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. MySQL is only provided with Mac OS X Server systems.", "id": "CVE-2010-3833", "impact": "Multiple vulnerabilities in MySQL 5.0.91", "links": [ "http://support.apple.com/en-us/HT4723" ], "module": "MySQL", "rsr": "", "update": "" }, { "available": [ "Mac OS X Server v10.5.8, Mac OS X Server v10.6 through v10.6.7" ], "credit": "", "description": "MySQL is updated to version 5.0.92 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. MySQL is only provided with Mac OS X Server systems.", "id": "CVE-2010-3834", "impact": "Multiple vulnerabilities in MySQL 5.0.91", "links": [ "http://support.apple.com/en-us/HT4723" ], "module": "MySQL", "rsr": "", "update": "" }, { "available": [ "Mac OS X Server v10.5.8, Mac OS X Server v10.6 through v10.6.7" ], "credit": "", "description": "MySQL is updated to version 5.0.92 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. MySQL is only provided with Mac OS X Server systems.", "id": "CVE-2010-3835", "impact": "Multiple vulnerabilities in MySQL 5.0.91", "links": [ "http://support.apple.com/en-us/HT4723" ], "module": "MySQL", "rsr": "", "update": "" }, { "available": [ "Mac OS X Server v10.5.8, Mac OS X Server v10.6 through v10.6.7" ], "credit": "", "description": "MySQL is updated to version 5.0.92 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. MySQL is only provided with Mac OS X Server systems.", "id": "CVE-2010-3836", "impact": "Multiple vulnerabilities in MySQL 5.0.91", "links": [ "http://support.apple.com/en-us/HT4723" ], "module": "MySQL", "rsr": "", "update": "" }, { "available": [ "Mac OS X Server v10.5.8, Mac OS X Server v10.6 through v10.6.7" ], "credit": "", "description": "MySQL is updated to version 5.0.92 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. MySQL is only provided with Mac OS X Server systems.", "id": "CVE-2010-3837", "impact": "Multiple vulnerabilities in MySQL 5.0.91", "links": [ "http://support.apple.com/en-us/HT4723" ], "module": "MySQL", "rsr": "", "update": "" }, { "available": [ "Mac OS X Server v10.5.8, Mac OS X Server v10.6 through v10.6.7" ], "credit": "", "description": "MySQL is updated to version 5.0.92 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. MySQL is only provided with Mac OS X Server systems.", "id": "CVE-2010-3838", "impact": "Multiple vulnerabilities in MySQL 5.0.91", "links": [ "http://support.apple.com/en-us/HT4723" ], "module": "MySQL", "rsr": "", "update": "" }, { "available": [ "Apple TV 4.0 and 4.1", "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6 through v10.6.6, Mac OS X Server v10.6 through v10.6.6", "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad", "iOS 3.0 through 4.3.3 for iPhone 3GS and iPhone 4 (GSM model), iOS 3.1 through 4.3.3 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.3 for iPad", "iOS 4.2.5 through 4.2.8 for iPhone 4 (CDMA model)" ], "credit": "", "description": "A buffer overflow exists in FreeType's handling of TrueType font files. Viewing a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2010-3855", "impact": "Viewing a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4564", "http://support.apple.com/en-us/HT4565", "http://support.apple.com/en-us/HT4581", "http://support.apple.com/en-us/HT4802", "http://support.apple.com/en-us/HT4803" ], "module": "CoreGraphics", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7" ], "credit": "", "description": "Multiple vulnerabilities existed in OpenSSL, the most serious of which may lead to arbitrary code execution. These issues are addressed by updating OpenSSL to version 0.9.8r.", "id": "CVE-2010-3864", "impact": "Multiple vulnerabilities in OpenSSL", "links": [ "http://support.apple.com/en-us/HT4723" ], "module": "OpenSSL", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6 through v10.6.6, Mac OS X Server v10.6 through v10.6.6" ], "credit": "", "description": "PHP is updated to version 5.3.4 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the PHP website at", "id": "CVE-2010-3870", "impact": "Multiple vulnerabilities in PHP 5.3.3", "links": [ "http://support.apple.com/en-us/HT4581" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6 through v10.6.6, Mac OS X Server v10.6 through v10.6.6", "Windows 7, Vista, XP SP2 or later" ], "credit": "Bui Quang Minh from Bkis (www.bkis.com)", "description": "A memory corruption issue existed in libxml's XPath handling. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2010-4008", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4554", "http://support.apple.com/en-us/HT4581" ], "module": "libxml", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6 through v10.6.6, Mac OS X Server v10.6 through v10.6.6" ], "credit": "Honggang Ren of Fortinet's FortiGuard Labs", "description": "An integer overflow existed in QuickTime's handling of movie files. Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution. For Mac OS X v10.5 this issue was addressed in QuickTime 7.6.9.", "id": "CVE-2010-4009", "impact": "Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4581" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6 through v10.6.5, Mac OS X Server v10.6 through v10.6.5" ], "credit": "Aaron Sigel of vtty.com", "description": "A format string issue exists in PackageKit's handling of distribution scripts. A man-in-the-middle attacker may be able to cause an unexpected application termination or arbitrary code execution when Software Update checks for new updates. This issue is addressed through improved validation of distribution scripts. This issue does not affect systems prior to Mac OS X v10.6.", "id": "CVE-2010-4013", "impact": "A man-in-the-middle attacker may be able to cause an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4498" ], "module": "PackageKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6 through v10.6.6, Mac OS X Server v10.6 through v10.6.6" ], "credit": "", "description": "Multiple cryptographic issues existed in MIT Kerberos 5. Only CVE-2010-1323 affects Mac OS X v10.5. Further information on the issues and the patches applied is available via the MIT Kerberos website at", "id": "CVE-2010-4020", "impact": "Multiple vulnerabilities in MIT Kerberos 5", "links": [ "http://support.apple.com/en-us/HT4581" ], "module": "Kerberos", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6 through v10.6.6, Mac OS X Server v10.6 through v10.6.6" ], "credit": "", "description": "Multiple cryptographic issues existed in MIT Kerberos 5. Only CVE-2010-1323 affects Mac OS X v10.5. Further information on the issues and the patches applied is available via the MIT Kerberos website at", "id": "CVE-2010-4021", "impact": "Multiple vulnerabilities in MIT Kerberos 5", "links": [ "http://support.apple.com/en-us/HT4581" ], "module": "Kerberos", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8", "Mac OS X v10.6 through v10.6.6, Mac OS X Server v10.6 through v10.6.6" ], "credit": "", "description": "PHP is updated to version 5.3.4 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the PHP website at", "id": "CVE-2010-4150", "impact": "Multiple vulnerabilities in PHP 5.3.3", "links": [ "http://support.apple.com/en-us/HT4581" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8" ], "credit": "", "description": "Tomcat is updated to version 6.0.32 to address multiple vulnerabilities, the most serious of which may lead to a cross site scripting attack. Tomcat is only provided on Mac OS X Server systems. This issue does not affect OS X Lion systems. Further information is available via the Tomcat site at", "id": "CVE-2010-4172", "impact": "Multiple vulnerabilities in Tomcat 6.0.24", "links": [ "http://support.apple.com/en-us/HT5002" ], "module": "Tomcat", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7" ], "credit": "", "description": "Multiple vulnerabilities existed in OpenSSL, the most serious of which may lead to arbitrary code execution. These issues are addressed by updating OpenSSL to version 0.9.8r.", "id": "CVE-2010-4180", "impact": "Multiple vulnerabilities in OpenSSL", "links": [ "http://support.apple.com/en-us/HT4723" ], "module": "OpenSSL", "rsr": "", "update": "" }, { "available": [ "Mac OS X Server v10.5.8, Mac OS X Server v10.6.6" ], "credit": "", "description": "Multiple vulnerabilities exist in ClamAV, the most serious of which may lead to arbitrary code execution. This update addresses the issues by updating ClamAV to version 0.96.5. ClamAV is distributed only with Mac OS X Server systems. Further information is available via the ClamAV website at", "id": "CVE-2010-4260", "impact": "Multiple vulnerabilities in ClamAV", "links": [ "http://support.apple.com/en-us/HT4581" ], "module": "ClamAV", "rsr": "", "update": "" }, { "available": [ "Mac OS X Server v10.5.8, Mac OS X Server v10.6.6" ], "credit": "", "description": "Multiple vulnerabilities exist in ClamAV, the most serious of which may lead to arbitrary code execution. This update addresses the issues by updating ClamAV to version 0.96.5. ClamAV is distributed only with Mac OS X Server systems. Further information is available via the ClamAV website at", "id": "CVE-2010-4261", "impact": "Multiple vulnerabilities in ClamAV", "links": [ "http://support.apple.com/en-us/HT4581" ], "module": "ClamAV", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6 through v10.6.6, Mac OS X Server v10.6 through v10.6.6" ], "credit": "", "description": "PHP is updated to version 5.3.4 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the PHP website at", "id": "CVE-2010-4409", "impact": "Multiple vulnerabilities in PHP 5.3.3", "links": [ "http://support.apple.com/en-us/HT4581" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8", "Mac OS X v10.6.6, Mac OS X Server v10.6.6" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_22, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_24. Further information is available via the Java website at", "id": "CVE-2010-4422", "impact": "Multiple vulnerabilities in Java 1.6.0_22", "links": [ "http://support.apple.com/en-us/HT4562", "http://support.apple.com/en-us/HT4563" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8", "Mac OS X v10.6.6, Mac OS X Server v10.6.6" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_22, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_24. Further information is available via the Java website at", "id": "CVE-2010-4447", "impact": "Multiple vulnerabilities in Java 1.6.0_22", "links": [ "http://support.apple.com/en-us/HT4562", "http://support.apple.com/en-us/HT4563" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8", "Mac OS X v10.6.6, Mac OS X Server v10.6.6" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_22, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_24. Further information is available via the Java website at", "id": "CVE-2010-4448", "impact": "Multiple vulnerabilities in Java 1.6.0_22", "links": [ "http://support.apple.com/en-us/HT4562", "http://support.apple.com/en-us/HT4563" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8", "Mac OS X v10.6.6, Mac OS X Server v10.6.6" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_22, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_24. Further information is available via the Java website at", "id": "CVE-2010-4450", "impact": "Multiple vulnerabilities in Java 1.6.0_22", "links": [ "http://support.apple.com/en-us/HT4562", "http://support.apple.com/en-us/HT4563" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8", "Mac OS X v10.6.6, Mac OS X Server v10.6.6" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_22, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_24. Further information is available via the Java website at", "id": "CVE-2010-4454", "impact": "Multiple vulnerabilities in Java 1.6.0_22", "links": [ "http://support.apple.com/en-us/HT4562", "http://support.apple.com/en-us/HT4563" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8", "Mac OS X v10.6.6, Mac OS X Server v10.6.6" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_22, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_24. Further information is available via the Java website at", "id": "CVE-2010-4462", "impact": "Multiple vulnerabilities in Java 1.6.0_22", "links": [ "http://support.apple.com/en-us/HT4562", "http://support.apple.com/en-us/HT4563" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8", "Mac OS X v10.6.6, Mac OS X Server v10.6.6" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_22, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_24. Further information is available via the Java website at", "id": "CVE-2010-4463", "impact": "Multiple vulnerabilities in Java 1.6.0_22", "links": [ "http://support.apple.com/en-us/HT4562", "http://support.apple.com/en-us/HT4563" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8", "Mac OS X v10.6.6, Mac OS X Server v10.6.6" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_22, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_24. Further information is available via the Java website at", "id": "CVE-2010-4465", "impact": "Multiple vulnerabilities in Java 1.6.0_22", "links": [ "http://support.apple.com/en-us/HT4562", "http://support.apple.com/en-us/HT4563" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8", "Mac OS X v10.6.6, Mac OS X Server v10.6.6" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_22, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_24. Further information is available via the Java website at", "id": "CVE-2010-4467", "impact": "Multiple vulnerabilities in Java 1.6.0_22", "links": [ "http://support.apple.com/en-us/HT4562", "http://support.apple.com/en-us/HT4563" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8", "Mac OS X v10.6.6, Mac OS X Server v10.6.6" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_22, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_24. Further information is available via the Java website at", "id": "CVE-2010-4468", "impact": "Multiple vulnerabilities in Java 1.6.0_22", "links": [ "http://support.apple.com/en-us/HT4562", "http://support.apple.com/en-us/HT4563" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8", "Mac OS X v10.6.6, Mac OS X Server v10.6.6" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_22, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_24. Further information is available via the Java website at", "id": "CVE-2010-4469", "impact": "Multiple vulnerabilities in Java 1.6.0_22", "links": [ "http://support.apple.com/en-us/HT4562", "http://support.apple.com/en-us/HT4563" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8", "Mac OS X v10.6.6, Mac OS X Server v10.6.6" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_22, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_24. Further information is available via the Java website at", "id": "CVE-2010-4470", "impact": "Multiple vulnerabilities in Java 1.6.0_22", "links": [ "http://support.apple.com/en-us/HT4562", "http://support.apple.com/en-us/HT4563" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8", "Mac OS X v10.6.6, Mac OS X Server v10.6.6" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_22, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_24. Further information is available via the Java website at", "id": "CVE-2010-4471", "impact": "Multiple vulnerabilities in Java 1.6.0_22", "links": [ "http://support.apple.com/en-us/HT4562", "http://support.apple.com/en-us/HT4563" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8", "Mac OS X v10.6.6, Mac OS X Server v10.6.6" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_22, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_24. Further information is available via the Java website at", "id": "CVE-2010-4472", "impact": "Multiple vulnerabilities in Java 1.6.0_22", "links": [ "http://support.apple.com/en-us/HT4562", "http://support.apple.com/en-us/HT4563" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8", "Mac OS X v10.6.6, Mac OS X Server v10.6.6" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_22, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_24. Further information is available via the Java website at", "id": "CVE-2010-4473", "impact": "Multiple vulnerabilities in Java 1.6.0_22", "links": [ "http://support.apple.com/en-us/HT4562", "http://support.apple.com/en-us/HT4563" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8", "Mac OS X v10.6.6, Mac OS X Server v10.6.6" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_22, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_24. Further information is available via the Java website at", "id": "CVE-2010-4476", "impact": "Multiple vulnerabilities in Java 1.6.0_22", "links": [ "http://support.apple.com/en-us/HT4562", "http://support.apple.com/en-us/HT4563" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X Server v10.5.8, Mac OS X Server v10.6.6" ], "credit": "", "description": "Multiple vulnerabilities exist in ClamAV, the most serious of which may lead to arbitrary code execution. This update addresses the issues by updating ClamAV to version 0.96.5. ClamAV is distributed only with Mac OS X Server systems. Further information is available via the ClamAV website at", "id": "CVE-2010-4479", "impact": "Multiple vulnerabilities in ClamAV", "links": [ "http://support.apple.com/en-us/HT4581" ], "module": "ClamAV", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6 through v10.6.6, Mac OS X Server v10.6 through v10.6.6", "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "Yang Dingning of NCNIPC, Graduate University of Chinese Academy of Sciences", "description": "A double free issue existed in libxml's handling of XPath expressions. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue does not affect systems prior to Mac OS X v10.6.", "id": "CVE-2010-4494", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4554", "http://support.apple.com/en-us/HT4564", "http://support.apple.com/en-us/HT4581" ], "module": "libxml", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8" ], "credit": "", "description": "PHP is updated to version 5.3.6 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. This issues do not affect OS X Lion systems. Further information is available via the PHP website at", "id": "CVE-2010-4645", "impact": "Multiple vulnerabilities in PHP 5.3.4", "links": [ "http://support.apple.com/en-us/HT5002" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7" ], "credit": "", "description": "A directory traversal issue existed in GNU patch. Running patch on a maliciously crafted patch file may cause arbitrary files to be created or overwritten. This issue is addressed through improved validation of patch files.", "id": "CVE-2010-4651", "impact": "Running patch on a maliciously crafted patch file may cause arbitrary files to be created or overwritten", "links": [ "http://support.apple.com/en-us/HT4723" ], "module": "patch", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8" ], "credit": "", "description": "Tomcat is updated to version 6.0.32 to address multiple vulnerabilities, the most serious of which may lead to a cross site scripting attack. Tomcat is only provided on Mac OS X Server systems. This issue does not affect OS X Lion systems. Further information is available via the Tomcat site at", "id": "CVE-2011-0013", "impact": "Multiple vulnerabilities in Tomcat 6.0.24", "links": [ "http://support.apple.com/en-us/HT5002" ], "module": "Tomcat", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7" ], "credit": "", "description": "Multiple vulnerabilities existed in OpenSSL, the most serious of which may lead to arbitrary code execution. These issues are addressed by updating OpenSSL to version 0.9.8r.", "id": "CVE-2011-0014", "impact": "Multiple vulnerabilities in OpenSSL", "links": [ "http://support.apple.com/en-us/HT4723" ], "module": "OpenSSL", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "Sergey Glazunov", "description": "Multiple memory corruption issues exist in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-0111", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4554", "http://support.apple.com/en-us/HT4564" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "Yuzo Fujishima of Google Inc.", "description": "Multiple memory corruption issues exist in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-0112", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4554", "http://support.apple.com/en-us/HT4564" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "Andreas Kling of Nokia", "description": "Multiple memory corruption issues exist in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-0113", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4554", "http://support.apple.com/en-us/HT4564" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "Chris Evans of Google Chrome Security Team", "description": "Multiple memory corruption issues exist in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-0114", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4554", "http://support.apple.com/en-us/HT4564" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "J23 working with TippingPoint's Zero Day Initiative, and Emil A Eklund of Google, Inc.", "description": "Multiple memory corruption issues exist in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-0115", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4554", "http://support.apple.com/en-us/HT4564" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "an anonymous researcher working with TippingPoint's Zero Day Initiative", "description": "Multiple memory corruption issues exist in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-0116", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4554", "http://support.apple.com/en-us/HT4564" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "Abhishek Arya (Inferno) of Google, Inc.", "description": "Multiple memory corruption issues exist in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-0117", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4554", "http://support.apple.com/en-us/HT4564" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "Abhishek Arya (Inferno) of Google, Inc.", "description": "Multiple memory corruption issues exist in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-0118", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4554", "http://support.apple.com/en-us/HT4564" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "Abhishek Arya (Inferno) of Google, Inc.", "description": "Multiple memory corruption issues exist in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-0119", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4554", "http://support.apple.com/en-us/HT4564" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "Abhishek Arya (Inferno) of Google, Inc.", "description": "Multiple memory corruption issues exist in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-0120", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4554", "http://support.apple.com/en-us/HT4564" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "Abhishek Arya (Inferno) of Google, Inc.", "description": "Multiple memory corruption issues exist in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-0121", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4554", "http://support.apple.com/en-us/HT4564" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "Slawomir Blazek", "description": "Multiple memory corruption issues exist in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-0122", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4554", "http://support.apple.com/en-us/HT4564" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "Abhishek Arya (Inferno) of Google, Inc.", "description": "Multiple memory corruption issues exist in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-0123", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4554", "http://support.apple.com/en-us/HT4564" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "Yuzo Fujishima of Google Inc.", "description": "Multiple memory corruption issues exist in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-0124", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4554", "http://support.apple.com/en-us/HT4564" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "Abhishek Arya (Inferno) of Google, Inc.", "description": "Multiple memory corruption issues exist in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-0125", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4554", "http://support.apple.com/en-us/HT4564" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "Mihai Parparita of Google, Inc.", "description": "Multiple memory corruption issues exist in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-0126", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4554", "http://support.apple.com/en-us/HT4564" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "Abhishek Arya (Inferno) of Google, Inc.", "description": "Multiple memory corruption issues exist in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-0127", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4554", "http://support.apple.com/en-us/HT4564" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "David Bloom", "description": "Multiple memory corruption issues exist in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-0128", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4554", "http://support.apple.com/en-us/HT4564" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "Famlam", "description": "Multiple memory corruption issues exist in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-0129", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4554", "http://support.apple.com/en-us/HT4564" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "Apple", "description": "Multiple memory corruption issues exist in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-0130", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4554", "http://support.apple.com/en-us/HT4564" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "wushi of team509", "description": "Multiple memory corruption issues exist in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-0131", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4554", "http://support.apple.com/en-us/HT4564" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "wushi of team509 working with TippingPoint's Zero Day Initiative", "description": "Multiple memory corruption issues exist in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-0132", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4554", "http://support.apple.com/en-us/HT4564" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "wushi of team509 working with TippingPoint's Zero Day Initiative", "description": "Multiple memory corruption issues exist in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-0133", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4554", "http://support.apple.com/en-us/HT4564" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "Jan Tosovsky", "description": "Multiple memory corruption issues exist in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-0134", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4554", "http://support.apple.com/en-us/HT4564" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "an anonymous reporter", "description": "Multiple memory corruption issues exist in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-0135", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4554", "http://support.apple.com/en-us/HT4564" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "Sergey Glazunov", "description": "Multiple memory corruption issues exist in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-0136", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4554", "http://support.apple.com/en-us/HT4564" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "Sergey Glazunov", "description": "Multiple memory corruption issues exist in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-0137", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4554", "http://support.apple.com/en-us/HT4564" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "kuzzcc", "description": "Multiple memory corruption issues exist in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-0138", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4554", "http://support.apple.com/en-us/HT4564" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later" ], "credit": "kuzzcc", "description": "Multiple memory corruption issues exist in WebKit. A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-0139", "impact": "A man-in-the-middle attack may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4554" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "Sergey Glazunov", "description": "Multiple memory corruption issues exist in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-0140", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4554", "http://support.apple.com/en-us/HT4564" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "Chris Rohlf of Matasano Security", "description": "Multiple memory corruption issues exist in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-0141", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4554", "http://support.apple.com/en-us/HT4564" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "Abhishek Arya (Inferno) of Google, Inc.", "description": "Multiple memory corruption issues exist in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-0142", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4554", "http://support.apple.com/en-us/HT4564" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "Slawomir Blazek and Sergey Glazunov", "description": "Multiple memory corruption issues exist in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-0143", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4554", "http://support.apple.com/en-us/HT4564" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "Emil A Eklund of Google, Inc.", "description": "Multiple memory corruption issues exist in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-0144", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4554", "http://support.apple.com/en-us/HT4564" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "Abhishek Arya (Inferno) of Google, Inc.", "description": "Multiple memory corruption issues exist in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-0145", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4554", "http://support.apple.com/en-us/HT4564" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "Abhishek Arya (Inferno) of Google, Inc.", "description": "Multiple memory corruption issues exist in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-0146", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4554", "http://support.apple.com/en-us/HT4564" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "Dirk Schulze", "description": "Multiple memory corruption issues exist in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-0147", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4554", "http://support.apple.com/en-us/HT4564" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "Michal Zalewski of Google, Inc.", "description": "Multiple memory corruption issues exist in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-0148", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4554", "http://support.apple.com/en-us/HT4564" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "wushi of team509 working with TippingPoint's Zero Day Initiative, and SkyLined of Google Chrome Security Team", "description": "Multiple memory corruption issues exist in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-0149", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4554", "http://support.apple.com/en-us/HT4564" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "Michael Gundlach of safariadblock.com", "description": "Multiple memory corruption issues exist in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-0150", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4554", "http://support.apple.com/en-us/HT4564" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "Abhishek Arya (Inferno) of Google, Inc.", "description": "Multiple memory corruption issues exist in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-0151", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4554", "http://support.apple.com/en-us/HT4564" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "SkyLined of Google Chrome Security Team", "description": "Multiple memory corruption issues exist in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-0152", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4554", "http://support.apple.com/en-us/HT4564" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "Abhishek Arya (Inferno) of Google, Inc.", "description": "Multiple memory corruption issues exist in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-0153", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4554", "http://support.apple.com/en-us/HT4564" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "an anonymous researcher working with TippingPoint's Zero Day Initiative", "description": "Multiple memory corruption issues exist in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-0154", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4554", "http://support.apple.com/en-us/HT4564" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "Aki Helin of OUSPG", "description": "Multiple memory corruption issues exist in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-0155", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4554", "http://support.apple.com/en-us/HT4564" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "Abhishek Arya (Inferno) of Google, Inc.", "description": "Multiple memory corruption issues exist in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-0156", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4554", "http://support.apple.com/en-us/HT4564" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "Benoit Jacob of Mozilla", "description": "Multiple memory corruption issues exist in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-0157", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4564" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "Nitesh Dhanjani of Ernst & Young LLP", "description": "A maliciously crafted website may contain javascript that repeatedly causes another application on the device to launch via its URL handler. Visiting this website with MobileSafari will cause MobileSafari to exit and the target application to be launched. This sequence would continue each time MobileSafari is opened. This issue is addressed by returning to the previous page when Safari is re-opened after another application was launched via its URL handler.", "id": "CVE-2011-0158", "impact": "Visiting a maliciously crafted website may cause MobileSafari to exit on launch", "links": [ "http://support.apple.com/en-us/HT4564" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "iOS 4.0 through 4.2.1 for iPhone 3GS and later, iOS 4.0 through 4.2.1 for iPod touch (3rd generation) and later, iOS 4.2 through 4.2.1 for iPad" ], "credit": "Erik Wong of Google Inc.", "description": "In some circumstances, clearing cookies via Safari Settings while Safari is running has no effect. This issue is addressed through improved handling of cookies. This issue does not affect systems prior to iOS 4.0.", "id": "CVE-2011-0159", "impact": "Clearing cookies in Safari Settings may have no effect", "links": [ "http://support.apple.com/en-us/HT4564" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "McIntosh Cooey of Twelve Hundred Group, Harald Hanche-Olsen, Chuck Hohn of 1111 Internet LLC working with CERT, and Paul Hinze of Braintree", "description": "If a site uses HTTP Basic Authentication and redirects to another site, the authentication credentials may be sent to the other site. This issue is addressed through improved handling of credentials.", "id": "CVE-2011-0160", "impact": "HTTP Basic Authentication credentials may be inadvertently disclosed to another site", "links": [ "http://support.apple.com/en-us/HT4564" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "Apple", "description": "A cross-origin issue existed in WebKit's handling of the Attr.style accessor. Visiting a maliciously crafted website may allow the site to inject CSS into other documents. This issue is addressed by removing the Attr.style accessor.", "id": "CVE-2011-0161", "impact": "Visiting a maliciously crafted website may lead to cross-site style declarations", "links": [ "http://support.apple.com/en-us/HT4564" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4.0 and 4.1", "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "Scott Boyd of ePlus Technology, inc.", "description": "A bounds checking issue existed in the handling of Wi-Fi frames. When connected to Wi-Fi, an attacker on the same network may be able to cause a device reset.", "id": "CVE-2011-0162", "impact": "When connected to Wi-Fi, an attacker on the same network may be able to cause a device reset", "links": [ "http://support.apple.com/en-us/HT4564", "http://support.apple.com/en-us/HT4565" ], "module": "Wi-Fi", "rsr": "", "update": "" }, { "available": [ "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "Apple", "description": "A cache poisoning issue existed in WebKit's handling of cached resources. A maliciously crafted website may be able to prevent other sites from requesting certain resources. This issue is addressed through improved type checking.", "id": "CVE-2011-0163", "impact": "A maliciously crafted website may be able to prevent other sites from requesting certain resources", "links": [ "http://support.apple.com/en-us/HT4564" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later" ], "credit": "Apple.", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-0164", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution.", "links": [ "http://support.apple.com/en-us/HT4808", "http://support.apple.com/en-us/HT4981" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later" ], "credit": "Sergey Glazunov", "description": "Multiple memory corruption issues exist in WebKit. A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-0165", "impact": "A man-in-the-middle attack may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4554" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Michal Zalewski of Google Inc.", "description": "A cross-origin issue existed in WebKit's handling of HTML5 drag and drop. This issue is addressed by disallowing drag and drop across different origins.", "id": "CVE-2011-0166", "impact": "Visiting a malicious website and dragging content in the page may lead to an information disclosure", "links": [ "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "Sergey Glazunov", "description": "Multiple memory corruption issues exist in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-0168", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4554", "http://support.apple.com/en-us/HT4564" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6 through v10.6.6, Mac OS X Server v10.6 through v10.6.6", "Windows 7, Vista, XP SP2 or later" ], "credit": "Andrzej Dyjak working with iDefense VCP", "description": "A heap buffer overflow issue existed in ImageIO's handling of JPEG images. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-0170", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4554", "http://support.apple.com/en-us/HT4581" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6 through v10.6.6, Mac OS X Server v10.6 through v10.6.6" ], "credit": "", "description": "A divide by zero issue existed in the handling of Wi-Fi frames. When connected to Wi-Fi, an attacker on the same network may be able to cause a system reset. This issue does not affect systems prior to Mac OS X v10.6.", "id": "CVE-2011-0172", "impact": "When connected to Wi-Fi, an attacker on the same network may be able to cause a system reset", "links": [ "http://support.apple.com/en-us/HT4581" ], "module": "AirPort", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6 through v10.6.6, Mac OS X Server v10.6 through v10.6.6" ], "credit": "Alexander Strange", "description": "A format string issue existed in AppleScript Studio's generic dialog commands (\"display dialog\" and \"display alert\"). Running an AppleScript Studio-based application that allows untrusted input to be passed to a dialog may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-0173", "impact": "Running an AppleScript Studio-based application that allows untrusted input to be passed to a dialog may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4581" ], "module": "AppleScript", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6 through v10.6.6, Mac OS X Server v10.6 through v10.6.6" ], "credit": "", "description": "A heap buffer overflow issue existed in the handling of OpenType fonts. Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution.", "id": "CVE-2011-0174", "impact": "Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4581" ], "module": "ATS", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6 through v10.6.6, Mac OS X Server v10.6 through v10.6.6" ], "credit": "Christoph Diehl of Mozilla, Felix Grobert of the Google Security Team, Marc Schoenefeld of Red Hat Security Response Team, Tavis Ormandy and Will Drewry of Google Security Team", "description": "Multiple buffer overflow issues existed in the handling of TrueType fonts. Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution.", "id": "CVE-2011-0175", "impact": "Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4581" ], "module": "ATS", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6 through v10.6.6, Mac OS X Server v10.6 through v10.6.6" ], "credit": "Felix Grobert of the Google Security Team, geekable working with TippingPoint's Zero Day Initiative", "description": "Multiple buffer overflow issues existed in the handling of Type 1 fonts. Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution.", "id": "CVE-2011-0176", "impact": "Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4581" ], "module": "ATS", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6 through v10.6.6, Mac OS X Server v10.6 through v10.6.6" ], "credit": "Marc Schoenefeld of Red Hat Security Response Team", "description": "Multiple buffer overflow issues existed in the handling of SFNT tables. Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution.", "id": "CVE-2011-0177", "impact": "Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4581" ], "module": "ATS", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6 through v10.6.6, Mac OS X Server v10.6 through v10.6.6" ], "credit": "", "description": "When used with the kTemporaryFolderType flag, the FSFindFolder() API returns a directory that is world readable. This issue is addressed by returning a directory that is only readable by the user that the process is running as.", "id": "CVE-2011-0178", "impact": "Applications that use FSFindFolder() with the kTemporaryFolderType flag may be vulnerable to a local information disclosure", "links": [ "http://support.apple.com/en-us/HT4581" ], "module": "CarbonCore", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6 through v10.6.6, Mac OS X Server v10.6 through v10.6.6" ], "credit": "Christoph Diehl of Mozilla", "description": "A memory corruption issue existed in CoreText's handling of font files. Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution.", "id": "CVE-2011-0179", "impact": "Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4581" ], "module": "CoreText", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6 through v10.6.6, Mac OS X Server v10.6 through v10.6.6" ], "credit": "Dan Rosenberg of Virtual Security Research", "description": "An integer overflow issue existed in the handling of the F_READBOOTSTRAP ioctl. A local user may be able to read arbitrary files from an HFS, HFS+, or HFS+J filesystem.", "id": "CVE-2011-0180", "impact": "A local user may be able to read arbitrary files from an HFS, HFS+, or HFS+J filesystem", "links": [ "http://support.apple.com/en-us/HT4581" ], "module": "HFS", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6 through v10.6.6, Mac OS X Server v10.6 through v10.6.6", "Windows 7, Vista, XP SP2 or later" ], "credit": "Harry Sintonen", "description": "An integer overflow issue existed in ImageIO's handling of XBM images. Viewing a maliciously crafted XBM image may result in an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-0181", "impact": "Viewing a maliciously crafted XBM image may result in an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4554", "http://support.apple.com/en-us/HT4581" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6 through v10.6.6, Mac OS X Server v10.6 through v10.6.6" ], "credit": "Jeff Mears", "description": "A privilege checking issue existed in the i386_set_ldt system call's handling of call gates. A local user may be able to execute arbitrary code with system privileges. This issue is addressed by disallowing creation of call gate entries via i386_set_ldt().", "id": "CVE-2011-0182", "impact": "A local user may be able to execute arbitrary code with system privileges", "links": [ "http://support.apple.com/en-us/HT4581" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6 through v10.6.6, Mac OS X Server v10.6 through v10.6.6" ], "credit": "Peter Schwenk of the University of Delaware", "description": "An integer truncation issue existed in Libinfo's handling of NFS RPC packets. A remote attacker may be able to cause NFS RPC services such as lockd, statd, mountd, and portmap to become unresponsive.", "id": "CVE-2011-0183", "impact": "A remote attacker may be able to cause a denial of service on hosts that export NFS file systems", "links": [ "http://support.apple.com/en-us/HT4581" ], "module": "Libinfo", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6 through v10.6.6, Mac OS X Server v10.6 through v10.6.6", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Tobias Klein working with iDefense VCP", "description": "A memory corruption issue existed in OfficeImport's handling of Excel files.", "id": "CVE-2011-0184", "impact": "Downloading a maliciously crafted Excel file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4581", "http://support.apple.com/en-us/HT4999" ], "module": "OfficeImport", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1" ], "credit": "an anonymous reporter", "description": "A format string vulnerability existed in Application Firewall's debug logging.", "id": "CVE-2011-0185", "impact": "Executing a binary with a maliciously crafted name may lead to arbitrary code execution with elevated privileges", "links": [ "http://support.apple.com/en-us/HT5002" ], "module": "Application Firewall", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Windows 7, Vista, XP SP2 or later", "Mac OS X v10.6 through v10.6.6, Mac OS X Server v10.6 through v10.6.6" ], "credit": "Will Dormann of the CERT/CC", "description": "Multiple memory corruption issues existed in QuickTime's handling of JPEG2000 images. Viewing a maliciously crafted JPEG2000 image with QuickTime may lead to an unexpected application termination or arbitrary code execution. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.7. This issue does not affect OS X Lion systems.", "id": "CVE-2011-0186", "impact": "Viewing a maliciously crafted JPEG2000 image with QuickTime may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4581", "http://support.apple.com/en-us/HT4826" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Windows 7, Vista, XP SP2 or later", "Mac OS X v10.6 through v10.6.6, Mac OS X Server v10.6 through v10.6.6", "OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Nirankush Panchbhai and Microsoft Vulnerability Research (MSVR)", "description": "A cross-origin issue existed in CoreMedia's handling of cross-site redirects. This issue is addressed through improved origin tracking.", "id": "CVE-2011-0187", "impact": "Visiting a maliciously crafted website may lead to the disclosure of video data from another site", "links": [ "http://support.apple.com/en-us/HT4581", "http://support.apple.com/en-us/HT4826", "http://support.apple.com/en-us/HT4999", "http://support.apple.com/en-us/HT5002" ], "module": "CoreMedia", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6 through v10.6.6, Mac OS X Server v10.6 through v10.6.6" ], "credit": "Apple", "description": "An integer truncation issue existed in Ruby's BigDecimal class. Running a Ruby script that uses untrusted input to create a BigDecimal object may lead to an unexpected application termination or arbitrary code execution. This issue only affects 64-bit Ruby processes.", "id": "CVE-2011-0188", "impact": "Running a Ruby script that uses untrusted input to create a BigDecimal object may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4581" ], "module": "Ruby", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6 through v10.6.6, Mac OS X Server v10.6 through v10.6.6" ], "credit": "Matt Warren of HNW Inc.", "description": "When ssh is used in Terminal's \"New Remote Connection\" dialog, SSH version 1 is selected as the default protocol version. This issue is addressed by changing the default protocol version to \"Automatic\". This issue does not affect systems prior to Mac OS X v10.6.", "id": "CVE-2011-0189", "impact": "When ssh is used in Terminal's \"New Remote Connection\" dialog, SSH version 1 is selected as the default protocol version", "links": [ "http://support.apple.com/en-us/HT4581" ], "module": "Terminal", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6 through v10.6.6, Mac OS X Server v10.6 through v10.6.6" ], "credit": "Aaron Sigel of vtty.com", "description": "A URL processing issue in Install Helper may lead to the installation of an agent that contacts an arbitrary server when the user logs in. The dialog resulting from a connection failure may lead the user to believe that the connection was attempted with Apple. This issue is addressed by removing Install Helper.", "id": "CVE-2011-0190", "impact": "Visiting a maliciously crafted website may lead to the installation of an agent that contacts an arbitrary server when the user logs in, and mislead the user into thinking that the connection is with Apple", "links": [ "http://support.apple.com/en-us/HT4581" ], "module": "Installer", "rsr": "", "update": "" }, { "available": [ "Apple TV 4.0 and 4.1", "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6 through v10.6.6, Mac OS X Server v10.6 through v10.6.6", "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad" ], "credit": "Apple", "description": "A buffer overflow existed in libTIFF's handling of JPEG encoded TIFF images. Viewing a maliciously crafted TIFF image may result in an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-0191", "impact": "Viewing a maliciously crafted TIFF image may result in an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4554", "http://support.apple.com/en-us/HT4564", "http://support.apple.com/en-us/HT4565", "http://support.apple.com/en-us/HT4581" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple TV 4.0 and 4.1", "Apple TV 4.0 through 4.3", "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6 through v10.6.6, Mac OS X Server v10.6 through v10.6.6", "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.2.1 for iPhone 3GS and later, iOS 3.1 through 4.2.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.2.1 for iPad", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Apple", "description": "A buffer overflow existed in libTIFF's handling of CCITT Group 4 encoded TIFF images.", "id": "CVE-2011-0192", "impact": "Viewing a maliciously crafted TIFF image may result in an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4554", "http://support.apple.com/en-us/HT4564", "http://support.apple.com/en-us/HT4565", "http://support.apple.com/en-us/HT4581", "http://support.apple.com/en-us/HT4999", "http://support.apple.com/en-us/HT5001" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6 through v10.6.6, Mac OS X Server v10.6 through v10.6.6" ], "credit": "Paul Harrington of NGS Secure", "description": "Multiple buffer overflow issues existed in Image RAW's handling of Canon RAW images. Viewing a maliciously crafted Canon RAW image may result in an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-0193", "impact": "Viewing a maliciously crafted Canon RAW image may result in an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4581" ], "module": "Image RAW", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6 through v10.6.6, Mac OS X Server v10.6 through v10.6.6" ], "credit": "Dominic Chell of NGS Secure", "description": "An integer overflow issue existed in ImageIO's handling of JPEG-encoded TIFF images. Viewing a maliciously crafted TIFF image may result in an unexpected application termination or arbitrary code execution. This issue does not affect systems prior to Mac OS X v10.6.", "id": "CVE-2011-0194", "impact": "Viewing a maliciously crafted JPEG-encoded TIFF image may result in an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4581" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7", "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.1 for iPhone 3GS and later, iOS 3.1 through 4.3.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.1 for iPad" ], "credit": "Chris Evans of the Google Chrome Security Team", "description": "libxslt's implementation of the generate-id() XPath function disclosed the address of a heap buffer. Visiting a maliciously crafted website may lead to the disclosure of addresses on the heap. This issue is addressed by generating an ID based on the difference between the addresses of two heap buffers. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. For Mac OS X v10.5 systems, this issue is addressed in Security Update 2011-004.", "id": "CVE-2011-0195", "impact": "Visiting a maliciously crafted website may lead to the disclosure of addresses on the heap", "links": [ "http://support.apple.com/en-us/HT4606", "http://support.apple.com/en-us/HT4723", "http://support.apple.com/en-us/HT4808" ], "module": "libxslt", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8" ], "credit": "", "description": "An out of bounds memory read issue existed in the handling of Wi-Fi frames. When connected to Wi-Fi, an attacker on the same network may be able to cause a system reset. This issue does not affect Mac OS X v10.6", "id": "CVE-2011-0196", "impact": "When connected to Wi-Fi, an attacker on the same network may be able to cause a system reset", "links": [ "http://support.apple.com/en-us/HT4723" ], "module": "AirPort", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7" ], "credit": "Paul Nelson", "description": "In certain circumstances, App Store may log the user's AppleID password to a file that is not readable by other users on the system. This issue is addressed through improved handling of credentials.", "id": "CVE-2011-0197", "impact": "The user's AppleID password may be logged to a local file", "links": [ "http://support.apple.com/en-us/HT4723" ], "module": "App Store", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7" ], "credit": "Harry Sintonen, Marc Schoenefeld of the Red Hat Security Response Team", "description": "A heap buffer overflow issue existed in the handling of TrueType fonts. Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution.", "id": "CVE-2011-0198", "impact": "Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4723" ], "module": "ATS", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7" ], "credit": "Chris Hawk and Wan-Teh Chang of Google", "description": "An error handling issue existed in the Certificate Trust Policy. If an Extended Validation (EV) certificate has no OCSP URL, and CRL checking is enabled, the CRL will not be checked and a revoked certificate may be accepted as valid. This issue is mitigated as most EV certificates specify an OCSP URL.", "id": "CVE-2011-0199", "impact": "An attacker with a privileged network position may intercept user credentials or other sensitive information", "links": [ "http://support.apple.com/en-us/HT4723" ], "module": "Certificate Trust Policy", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8", "Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later." ], "credit": "binaryproof working with TippingPoint's Zero Day Initiative.", "description": "An integer overflow existed in the handling of images with an embedded ColorSync profile, which may lead to a heap buffer overflow. Opening a maliciously crafted image with an embedded ColorSync profile may lead to an unexpected application termination or arbitrary code execution. This issue does not affect OS X Lion systems.", "id": "CVE-2011-0200", "impact": "Viewing a maliciously crafted image with an embedded ColorSync profile may lead to an unexpected application termination or arbitrary code execution.", "links": [ "http://support.apple.com/en-us/HT4723", "http://support.apple.com/en-us/HT4808", "http://support.apple.com/en-us/HT4981" ], "module": "ColorSync", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7", "Windows 7, Vista, XP SP2 or later" ], "credit": "Harry Sintonen", "description": "An off-by-one buffer overflow issue existed in the handling of CFStrings. Applications that use the CoreFoundation framework may be vulnerable to an unexpected application termination or arbitrary code execution. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8.", "id": "CVE-2011-0201", "impact": "Applications that use the CoreFoundation framework may be vulnerable to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4723", "http://support.apple.com/en-us/HT4808" ], "module": "CoreFoundation", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7", "Windows 7, Vista, XP SP2 or later" ], "credit": "Cristian Draghici of Modulo Consulting, Felix Grobert of the Google Security Team", "description": "An integer overflow issue existed in the handling of Type 1 fonts. Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. For Mac OS X v10.5 systems, this issue is addressed in Security Update 2011-004.", "id": "CVE-2011-0202", "impact": "Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4723", "http://support.apple.com/en-us/HT4808" ], "module": "CoreGraphics", "rsr": "", "update": "" }, { "available": [ "Mac OS X Server v10.6 through v10.6.7" ], "credit": "team karlkani", "description": "A path validation issue existed in xftpd. A person with FTP access may perform a recursive directory listing starting from the root, including directories that are not shared for FTP. The listing will eventually include any file that would be accessible to the FTP user. The contents of files are not disclosed. This issue is addressed through improved path validation. This issue only affects Mac OS X Server systems.", "id": "CVE-2011-0203", "impact": "A person with FTP access may list files on the system", "links": [ "http://support.apple.com/en-us/HT4723" ], "module": "FTP Server", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7", "Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later." ], "credit": "Dominic Chell of NGS Secure.", "description": "A heap buffer overflow existed in ImageIO's handling of TIFF images. This issue does not affect OS X Lion systems. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8.", "id": "CVE-2011-0204", "impact": "Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution.", "links": [ "http://support.apple.com/en-us/HT4723", "http://support.apple.com/en-us/HT4808", "http://support.apple.com/en-us/HT4981" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7" ], "credit": "Harry Sintonen", "description": "A heap buffer overflow issue existed in ImageIO's handling of JPEG2000 images. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-0205", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4723" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7", "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "David Bienvenu of Mozilla", "description": "A buffer overflow issue existed in ICU's generation of collation keys for long strings of mostly uppercase letters.", "id": "CVE-2011-0206", "impact": "Applications that use ICU may be vulnerable to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4723", "http://support.apple.com/en-us/HT4808", "http://support.apple.com/en-us/HT4999" ], "module": "International Components for Unicode", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7" ], "credit": "Aaron Sigel of vtty.com", "description": "When communicating with MobileMe to determine a user's email aliases, Mail will make requests over HTTP. As a result, an attacker with a privileged network position may read a user's MobileMe email aliases. This issue is addressed by using SSL to access the user's email aliases.", "id": "CVE-2011-0207", "impact": "An attacker with a privileged network position may read a user's MobileMe email aliases", "links": [ "http://support.apple.com/en-us/HT4723" ], "module": "MobileMe", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Tobias Klein working with iDefense VCP", "description": "A memory corruption issue existed in OfficeImport's handling of Microsoft Office files.", "id": "CVE-2011-0208", "impact": "Downloading a maliciously crafted Microsoft Office file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4723", "http://support.apple.com/en-us/HT4999" ], "module": "OfficeImport", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Windows 7, Vista, XP SP2 or later", "Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7" ], "credit": "Luigi Auriemma working with TippingPoint's Zero Day Initiative", "description": "An integer overflow existed in QuickTime's handling of RIFF WAV files. Playing a maliciously crafted WAV file may lead to an unexpected application termination or arbitrary code execution. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. This issue does not affect OS X Lion systems.", "id": "CVE-2011-0209", "impact": "Playing a maliciously crafted WAV file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4723", "http://support.apple.com/en-us/HT4826" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Windows 7, Vista, XP SP2 or later", "Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7" ], "credit": "Honggang Ren of Fortinet's FortiGuard Labs", "description": "A memory corruption issue existed in QuickTime's handling of sample tables in QuickTime movie files. Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. This issue does not affect OS X Lion systems.", "id": "CVE-2011-0210", "impact": "Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4723", "http://support.apple.com/en-us/HT4826" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Windows 7, Vista, XP SP2 or later", "Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7" ], "credit": "Luigi Auriemma working with TippingPoint's Zero Day Initiative", "description": "An integer overflow existed in QuickTime's handling of audio channels in movie files. Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. This issue does not affect OS X Lion systems.", "id": "CVE-2011-0211", "impact": "Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4723", "http://support.apple.com/en-us/HT4826" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Mac OS X Server v10.5.8, Mac OS X Server v10.6 through v10.6.7" ], "credit": "Apple", "description": "An XML External Entity issue exists in servermgrd's handling of XML-RPC requests. This issue is addressed by removing servermgrd's XML-RPC interface. This issue only affects Mac OS X Server systems.", "id": "CVE-2011-0212", "impact": "A remote attacker may be able to read arbitrary files from the system", "links": [ "http://support.apple.com/en-us/HT4723" ], "module": "servermgrd", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Windows 7, Vista, XP SP2 or later", "Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7" ], "credit": "Luigi Auriemma working with iDefense VCP", "description": "A buffer overflow existed in QuickTime's handling of JPEG files. Viewing a maliciously crafted JPEG file may lead to an unexpected application termination or arbitrary code execution. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. This issue does not affect OS X Lion systems.", "id": "CVE-2011-0213", "impact": "Viewing a maliciously crafted JPEG file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4723", "http://support.apple.com/en-us/HT4826" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later" ], "credit": "an anonymous reporter", "description": "CFNetwork did not properly validate that a certificate was trusted for use by a SSL server. As a result, if the user had marked a system root certificate as not trusted, Safari would still accept certificates signed by that root. This issue is addressed through improved certificate validation. This issue does not affect Mac OS X systems.", "id": "CVE-2011-0214", "impact": "A root certificate that is disabled may still be trusted", "links": [ "http://support.apple.com/en-us/HT4808" ], "module": "CFNetwork", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later." ], "credit": "Juan Pablo Lopez Yacubian working with iDefense VCP.", "description": "A reentrancy issue existed in ImageIO's handling of TIFF images. This issue does not affect Mac OS X systems.", "id": "CVE-2011-0215", "impact": "Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution.", "links": [ "http://support.apple.com/en-us/HT4808", "http://support.apple.com/en-us/HT4981" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple TV 4.0 through 4.3", "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Billy Rios of the Google Security Team", "description": "A one-byte heap buffer overflow existed in libxml's handling of XML data.", "id": "CVE-2011-0216", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4808", "http://support.apple.com/en-us/HT4999", "http://support.apple.com/en-us/HT5001" ], "module": "libxml", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later" ], "credit": "Florian Rienhardt of BSI, Alex Lambert, Jeremiah Grossman", "description": "Safari's \"AutoFill web forms\" feature filled in non-visible form fields, and the information was accessible by scripts on the site before the user submitted the form. This issue is addressed by displaying all fields that will be filled, and requiring the user's consent before AutoFill information is available to the form.", "id": "CVE-2011-0217", "impact": "If the \"AutoFill web forms\" feature is enabled, visiting a maliciously crafted website and typing may lead to the disclosure of information from the user's Address Book", "links": [ "http://support.apple.com/en-us/HT4808" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "SkyLined of Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-0218", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4808", "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later" ], "credit": "Joshua Smith of Kaon Interactive", "description": "A cross origin issue existed in the handling of Java Applets. This applies when Java is enabled in Safari, and Java is configured to run within the browser process. Fonts loaded by a Java applet could affect the display of text content from other sites. This issue is addressed by running Java applets in a separate process.", "id": "CVE-2011-0219", "impact": "With a certain Java configuration, visiting a malicious website may lead to unexpected text being displayed on other sites", "links": [ "http://support.apple.com/en-us/HT4808" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Abhishek Arya (Inferno) of Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-0221", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4808", "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Nikita Tarakanov and Alex Bazhanyuk of the CISS Research Team, and Abhishek Arya (Inferno) of Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-0222", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4808", "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later" ], "credit": "Jose A. Vazquez of spa-s3c.blogspot.com working with iDefense VCP.", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-0223", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution.", "links": [ "http://support.apple.com/en-us/HT4808", "http://support.apple.com/en-us/HT4981" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in the handling of QuickTime movie files. These issues do not affect OS X Lion systems.", "id": "CVE-2011-0224", "impact": "Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5002" ], "module": "CoreMedia", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Abhishek Arya (Inferno) of Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-0225", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4808", "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1", "iOS 3.0 through 4.3.3 for iPhone 3GS and iPhone 4 (GSM model), iOS 3.1 through 4.3.3 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.3 for iPad", "iOS 4.2.5 through 4.2.8 for iPhone 4 (CDMA model)" ], "credit": "", "description": "A signedness issue existed in FreeType's handling of Type 1 fonts. This issue is addressed by updating FreeType to version 2.4.6. This issue does not affect systems prior to OS X Lion. Further information is available via the FreeType site at http://www.freetype.org/", "id": "CVE-2011-0226", "impact": "Viewing a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4802", "http://support.apple.com/en-us/HT4803", "http://support.apple.com/en-us/HT5002" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "iOS 3.0 through 4.3.3 for iPhone 3GS and iPhone 4 (GSM model), iOS 3.1 through 4.3.3 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.3 for iPad", "iOS 4.2.5 through 4.2.8 for iPhone 4 (CDMA model)" ], "credit": "comex", "description": "An invalid type conversion issue exists in the use of IOMobileFrameBuffer queueing primitives, which may allow malicious code running as the user to gain system privileges.", "id": "CVE-2011-0227", "impact": "Malicious code running as the user may gain system privileges", "links": [ "http://support.apple.com/en-us/HT4802", "http://support.apple.com/en-us/HT4803" ], "module": "IOMobileFrameBuffer", "rsr": "", "update": "" }, { "available": [ "iOS 3.0 through 4.3.4 for iPhone 3GS and iPhone 4 (GSM), iOS 3.1 through 4.3.4 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.4 for iPad", "iOS 4.2.5 through 4.2.9 for iPhone 4 (CDMA)" ], "credit": "Gregor Kopf of Recurity Labs on behalf of BSI, and Paul Kehrer of Trustwave's SpiderLabs", "description": "A certificate chain validation issue existed in the handling of X.509 certificates. An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS. Other attacks involving X.509 certificate validation may also be possible. This issue is addressed through improved validation of X.509 certificate chains.", "id": "CVE-2011-0228", "impact": "An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS", "links": [ "http://support.apple.com/en-us/HT4824", "http://support.apple.com/en-us/HT4825" ], "module": "Data Security", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8" ], "credit": "Will Dormann of the CERT/CC", "description": "An out of bounds memory access issue existed in ATS' handling of Type 1 fonts. This issue does not affect OS X Lion systems.", "id": "CVE-2011-0229", "impact": "Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5002" ], "module": "ATS", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1" ], "credit": "Steven Michaud of Mozilla", "description": "A buffer overflow issue existed in the ATSFontDeactivate API.", "id": "CVE-2011-0230", "impact": "Applications which use the ATSFontDeactivate API may be vulnerable to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5002" ], "module": "ATS", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8" ], "credit": "Martin Tessarek, Steve Riggins of Geeks R Us, Justin C. Walker, and Stephen Creswell", "description": "A synchronization issue existed in CFNetwork's handling of cookie policies. Safari's cookie preferences may not be honored, allowing websites to set cookies that would be blocked were the preference enforced. This update addresses the issue through improved handling of cookie storage.", "id": "CVE-2011-0231", "impact": "Safari may store cookies it is not configured to accept", "links": [ "http://support.apple.com/en-us/HT5002" ], "module": "CFNetwork", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "J23 working with TippingPoint's Zero Day Initiative", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-0232", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4808", "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "wushi of team509 working with TippingPoint's Zero Day Initiative", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-0233", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4808", "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Rob King working with TippingPoint's Zero Day Initiative, wushi of team509 working with TippingPoint's Zero Day Initiative", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-0234", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4808", "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Abhishek Arya (Inferno) of Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-0235", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4808", "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later" ], "credit": "wushi of team509 working with iDefense VCP.", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-0237", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution.", "links": [ "http://support.apple.com/en-us/HT4808", "http://support.apple.com/en-us/HT4981" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Adam Barth of Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-0238", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4808", "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later" ], "credit": "wushi of team509 working with iDefense VCP.", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-0240", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution.", "links": [ "http://support.apple.com/en-us/HT4808", "http://support.apple.com/en-us/HT4981" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4.0 through 4.3", "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Cyril CATTIAUX of Tessi Technologies", "description": "A heap buffer overflow existed in ImageIO's handling of CCITT Group 4 encoded TIFF images.", "id": "CVE-2011-0241", "impact": "Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4808", "http://support.apple.com/en-us/HT4999", "http://support.apple.com/en-us/HT5001" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Jobert Abma of Online24", "description": "A cross-origin issue existed in the handling of URLs with an embedded username. This issue is addressed through improved handling of URLs with an embedded username.", "id": "CVE-2011-0242", "impact": "Visiting a maliciously crafted website may lead to a cross-site scripting attack", "links": [ "http://support.apple.com/en-us/HT4808", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later" ], "credit": "Jason Hullinger", "description": "A canonicalization issue existed in the handling of URLs. Subscribing to a maliciously crafted RSS feed and clicking on a link within it may lead to arbitrary files being sent from the user's system to a remote server. This update addresses the issue through improved handling of URLs.", "id": "CVE-2011-0244", "impact": "Subscribing to a maliciously crafted RSS feed and clicking on a link within it may lead to an information disclosure", "links": [ "http://support.apple.com/en-us/HT4808" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Windows 7, Vista, XP SP2 or later" ], "credit": "Subreption LLC working with TippingPoint's Zero Day Initiative", "description": "A buffer overflow existed in QuickTime's handling of pict files. Viewing a maliciously crafted pict file may lead to an unexpected application termination or arbitrary code execution. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. This issue does not affect OS X Lion systems.", "id": "CVE-2011-0245", "impact": "Viewing a maliciously crafted pict file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4826" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later" ], "credit": "an anonymous contributor working with Beyond Security's SecuriTeam Secure Disclosure program", "description": "A heap buffer overflow existed in QuickTime's handling of GIF images. Viewing a maliciously crafted GIF image may lead to an unexpected application termination or arbitrary code execution. This issue does not affect Mac OS X systems.", "id": "CVE-2011-0246", "impact": "Viewing a maliciously crafted GIF image may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4826" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later" ], "credit": "Roi Mallo and Sherab Giovannini working with TippingPoint's Zero Day Initiative", "description": "Multiple stack buffer overflows existed in the handling of H.264 encoded movie files. Viewing a maliciously crafted H.264 movie file may lead to an unexpected application termination or arbitrary code execution. These issues do not affect Mac OS X systems.", "id": "CVE-2011-0247", "impact": "Viewing a maliciously crafted H.264 movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4826" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later" ], "credit": "Chkr_d591 working with TippingPoint's Zero Day Initiative", "description": "A stack buffer overflow existed in the QuickTime ActiveX control's handling of QTL files. Visiting a maliciously crafted website using Internet Explorer may lead to an unexpected application termination or arbitrary code execution. This issue does not affect Mac OS X systems.", "id": "CVE-2011-0248", "impact": "Visiting a maliciously crafted website using Internet Explorer may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4826" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Windows 7, Vista, XP SP2 or later", "Mac OS X v10.6.8, Mac OS X Server v10.6.8" ], "credit": "Matt 'j00ru' Jurczyk working with TippingPoint's Zero Day Initiative", "description": "A heap buffer overflow existed in the handling of STSC atoms in QuickTime movie files. This issue does not affect OS X Lion systems.", "id": "CVE-2011-0249", "impact": "Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4826", "http://support.apple.com/en-us/HT5002" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Windows 7, Vista, XP SP2 or later", "Mac OS X v10.6.8, Mac OS X Server v10.6.8" ], "credit": "Matt 'j00ru' Jurczyk working with TippingPoint's Zero Day Initiative", "description": "A heap buffer overflow existed in the handling of STSS atoms in QuickTime movie files. This issue does not affect OS X Lion systems.", "id": "CVE-2011-0250", "impact": "Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4826", "http://support.apple.com/en-us/HT5002" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Windows 7, Vista, XP SP2 or later", "Mac OS X v10.6.8, Mac OS X Server v10.6.8" ], "credit": "Matt 'j00ru' Jurczyk working with TippingPoint's Zero Day Initiative", "description": "A heap buffer overflow existed in the handling of STSZ atoms in QuickTime movie files. This issue does not affect OS X Lion systems.", "id": "CVE-2011-0251", "impact": "Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4826", "http://support.apple.com/en-us/HT5002" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Windows 7, Vista, XP SP2 or later", "Mac OS X v10.6.8, Mac OS X Server v10.6.8" ], "credit": "Matt 'j00ru' Jurczyk working with TippingPoint's Zero Day Initiative", "description": "A heap buffer overflow existed in the handling of STTS atoms in QuickTime movie files. This issue does not affect OS X Lion systems.", "id": "CVE-2011-0252", "impact": "Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4826", "http://support.apple.com/en-us/HT5002" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later" ], "credit": "Richard Keen.", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-0253", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution.", "links": [ "http://support.apple.com/en-us/HT4808", "http://support.apple.com/en-us/HT4981" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "An anonymous researcher working with TippingPoint's Zero Day Initiative", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-0254", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4808", "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "An anonymous reporter working with TippingPoint's Zero Day Initiative", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-0255", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4808", "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Windows 7, Vista, XP SP2 or later" ], "credit": "An anonymous researcher working with TippingPoint's Zero Day Initiative", "description": "An integer overflow existed in the handling of track run atoms in QuickTime movie files. Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. This issue does not affect Mac OS X v10.7 systems.", "id": "CVE-2011-0256", "impact": "Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4826" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Windows 7, Vista, XP SP2 or later" ], "credit": "Matt 'j00ru' Jurczyk working with TippingPoint's Zero Day Initiative", "description": "A stack buffer overflow existed in the handling of PICT files. Viewing a maliciously crafted PICT file may lead to an unexpected application termination or arbitrary code execution. This issue does not affect Mac OS X v10.7 systems.", "id": "CVE-2011-0257", "impact": "Viewing a maliciously crafted PICT file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4826" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later" ], "credit": "Damian Put working with TippingPoint's Zero Day Initiative", "description": "A memory corruption issue existed in the handling of image descriptions in QuickTime movie files. This issue does not affect Mac OS X systems.", "id": "CVE-2011-0258", "impact": "Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4826" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8", "Windows 7, Vista, XP SP2 or later.", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Apple", "description": "A memory corruption issue existed in CoreFoundation's handling of string tokenization. This issue does not affect OS X Lion systems. This update addresses the issue through improved bounds checking.", "id": "CVE-2011-0259", "impact": "Viewing a maliciously crafted website or e-mail message may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999", "http://support.apple.com/en-us/HT5002" ], "module": "CoreFoundation", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1" ], "credit": "Clint Tseng of the University of Washington, Michael Kobb, and Adam Kemp", "description": "A system window, such as a VPN password prompt, that appeared while the screen was locked may have accepted keystrokes while the screen was locked. This issue is addressed by preventing system windows from requesting keystrokes while the screen is locked. This issue does not affect systems prior to OS X Lion.", "id": "CVE-2011-0260", "impact": "A person with physical access to a system may partially bypass the screen lock", "links": [ "http://support.apple.com/en-us/HT5002" ], "module": "CoreProcesses", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8" ], "credit": "", "description": "Postfix is updated to version 2.5.14 to address multiple vulnerabilities, the most serious of which may allow an attacker in a privileged network position to manipulate the mail session to obtain sensitive information from the encrypted traffic. These issues should not affect OS X Lion systems. More information is available via the Postfix site at", "id": "CVE-2011-0411", "impact": "Multiple vulnerabilities in Postfix", "links": [ "http://support.apple.com/en-us/HT5002" ], "module": "postfix", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1" ], "credit": "", "description": "Apache is updated to version 2.2.20 to address several vulnerabilities, the most serious of which may lead to a denial of service. CVE-2011-0419 does not affect OS X Lion systems. Further information is available via the Apache web site at", "id": "CVE-2011-0419", "impact": "Multiple vulnerabilities in Apache", "links": [ "http://support.apple.com/en-us/HT5002" ], "module": "Apache", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8" ], "credit": "", "description": "PHP is updated to version 5.3.6 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. This issues do not affect OS X Lion systems. Further information is available via the PHP website at", "id": "CVE-2011-0420", "impact": "Multiple vulnerabilities in PHP 5.3.4", "links": [ "http://support.apple.com/en-us/HT5002" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8" ], "credit": "", "description": "PHP is updated to version 5.3.6 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. This issues do not affect OS X Lion systems. Further information is available via the PHP website at", "id": "CVE-2011-0421", "impact": "Multiple vulnerabilities in PHP 5.3.4", "links": [ "http://support.apple.com/en-us/HT5002" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8" ], "credit": "", "description": "Tomcat is updated to version 6.0.32 to address multiple vulnerabilities, the most serious of which may lead to a cross site scripting attack. Tomcat is only provided on Mac OS X Server systems. This issue does not affect OS X Lion systems. Further information is available via the Tomcat site at", "id": "CVE-2011-0534", "impact": "Multiple vulnerabilities in Tomcat 6.0.24", "links": [ "http://support.apple.com/en-us/HT5002" ], "module": "Tomcat", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8" ], "credit": "", "description": "Multiple cross-site scripting issues existed in Mailman 2.1.14. These issues are addressed by improved encoding of characters in HTML output. Further information is available via the Mailman site at", "id": "CVE-2011-0707", "impact": "Multiple vulnerabilities in Mailman 2.1.14", "links": [ "http://support.apple.com/en-us/HT5002" ], "module": "Mailman", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8" ], "credit": "", "description": "PHP is updated to version 5.3.6 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. This issues do not affect OS X Lion systems. Further information is available via the PHP website at", "id": "CVE-2011-0708", "impact": "Multiple vulnerabilities in PHP 5.3.4", "links": [ "http://support.apple.com/en-us/HT5002" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7" ], "credit": "", "description": "A null dereference issue existed in Subversion's handling of lock tokens sent over HTTP. If an http based Subversion server is configured, a remote attacker may be able to cause a denial of service. For Mac OS X v10.6 systems, Subversion is updated to version 1.6.6. For Mac OS X v10.5.8 systems, the issue is addressed through additional validation of lock tokens. Further information is available via the Subversion web site at", "id": "CVE-2011-0715", "impact": "If an http based Subversion server is configured, a remote attacker may be able to cause a denial of service", "links": [ "http://support.apple.com/en-us/HT4723" ], "module": "subversion", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7" ], "credit": "Volker Lendecke of SerNet", "description": "A memory corruption issue existed in Samba's handling of file descriptors. If SMB file sharing is enabled, a remote attacker may cause a denial of service or arbitrary code execution.", "id": "CVE-2011-0719", "impact": "If SMB file sharing is enabled, a remote attacker may cause a denial of service or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4723" ], "module": "Samba", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8", "Mac OS X v10.6.6 and later, Mac OS X Server v10.6.6 and later" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_24, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_26. Further information is available via the Java website at", "id": "CVE-2011-0802", "impact": "Multiple vulnerabilities in Java 1.6.0_24", "links": [ "http://support.apple.com/en-us/HT4738", "http://support.apple.com/en-us/HT4739" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8", "Mac OS X v10.6.6 and later, Mac OS X Server v10.6.6 and later" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_24, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_26. Further information is available via the Java website at", "id": "CVE-2011-0814", "impact": "Multiple vulnerabilities in Java 1.6.0_24", "links": [ "http://support.apple.com/en-us/HT4738", "http://support.apple.com/en-us/HT4739" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8", "Mac OS X v10.6.6 and later, Mac OS X Server v10.6.6 and later" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_24, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_26. Further information is available via the Java website at", "id": "CVE-2011-0862", "impact": "Multiple vulnerabilities in Java 1.6.0_24", "links": [ "http://support.apple.com/en-us/HT4738", "http://support.apple.com/en-us/HT4739" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8", "Mac OS X v10.6.6 and later, Mac OS X Server v10.6.6 and later" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_24, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_26. Further information is available via the Java website at", "id": "CVE-2011-0863", "impact": "Multiple vulnerabilities in Java 1.6.0_24", "links": [ "http://support.apple.com/en-us/HT4738", "http://support.apple.com/en-us/HT4739" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8", "Mac OS X v10.6.6 and later, Mac OS X Server v10.6.6 and later" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_24, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_26. Further information is available via the Java website at", "id": "CVE-2011-0864", "impact": "Multiple vulnerabilities in Java 1.6.0_24", "links": [ "http://support.apple.com/en-us/HT4738", "http://support.apple.com/en-us/HT4739" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8", "Mac OS X v10.6.6 and later, Mac OS X Server v10.6.6 and later" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_24, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_26. Further information is available via the Java website at", "id": "CVE-2011-0865", "impact": "Multiple vulnerabilities in Java 1.6.0_24", "links": [ "http://support.apple.com/en-us/HT4738", "http://support.apple.com/en-us/HT4739" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8", "Mac OS X v10.6.6 and later, Mac OS X Server v10.6.6 and later" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_24, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_26. Further information is available via the Java website at", "id": "CVE-2011-0867", "impact": "Multiple vulnerabilities in Java 1.6.0_24", "links": [ "http://support.apple.com/en-us/HT4738", "http://support.apple.com/en-us/HT4739" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8", "Mac OS X v10.6.6 and later, Mac OS X Server v10.6.6 and later" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_24, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_26. Further information is available via the Java website at", "id": "CVE-2011-0868", "impact": "Multiple vulnerabilities in Java 1.6.0_24", "links": [ "http://support.apple.com/en-us/HT4738", "http://support.apple.com/en-us/HT4739" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8", "Mac OS X v10.6.6 and later, Mac OS X Server v10.6.6 and later" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_24, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_26. Further information is available via the Java website at", "id": "CVE-2011-0869", "impact": "Multiple vulnerabilities in Java 1.6.0_24", "links": [ "http://support.apple.com/en-us/HT4738", "http://support.apple.com/en-us/HT4739" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8", "Mac OS X v10.6.6 and later, Mac OS X Server v10.6.6 and later" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_24, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_26. Further information is available via the Java website at", "id": "CVE-2011-0871", "impact": "Multiple vulnerabilities in Java 1.6.0_24", "links": [ "http://support.apple.com/en-us/HT4738", "http://support.apple.com/en-us/HT4739" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8", "Mac OS X v10.6.6 and later, Mac OS X Server v10.6.6 and later" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_24, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_26. Further information is available via the Java website at", "id": "CVE-2011-0873", "impact": "Multiple vulnerabilities in Java 1.6.0_24", "links": [ "http://support.apple.com/en-us/HT4738", "http://support.apple.com/en-us/HT4739" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Rik Cabanier of Adobe Systems, Inc", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-0981", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4808", "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Martin Barbella", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-0983", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4808", "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "AirPort Extreme Base Station with 802.11n, AirPort Express Base Station with 802.11n, AirPort Time Capsule" ], "credit": "Sebastian Krahmer and Marius Tomaschewski of the SUSE Security Team working with ISC", "description": "dhclient allowed remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message. This issue is addressed by stripping shell metacharacters in dhclient-script.", "id": "CVE-2011-0997", "impact": "An attacker in a privileged network position may be able to cause arbitrary command execution via malicious DHCP responses", "links": [ "http://support.apple.com/en-us/HT5005" ], "module": "AirPort Time Capsule and AirPort Base Station (802.11n) Firmware 7.6", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8" ], "credit": "", "description": "PHP is updated to version 5.3.6 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. This issues do not affect OS X Lion systems. Further information is available via the PHP website at", "id": "CVE-2011-1092", "impact": "Multiple vulnerabilities in PHP 5.3.4", "links": [ "http://support.apple.com/en-us/HT5002" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Jordi Chancel", "description": "A URL spoofing issue existed in the handling of the DOM history object.", "id": "CVE-2011-1107", "impact": "A maliciously crafted website may be able to cause a different URL to be shown in the address bar", "links": [ "http://support.apple.com/en-us/HT4808", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Sergey Glazunov", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-1109", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4808", "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Martin Barbella", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-1114", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4808", "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Martin Barbella", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-1115", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4808", "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "wushi of team509", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-1117", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4808", "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "miaubiz", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-1121", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4808", "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Thomas Clement of Intego", "description": "A null dereference issue existed in the handling of IPV6 socket options.", "id": "CVE-2011-1132", "impact": "A local user may be able to cause a system reset", "links": [ "http://support.apple.com/en-us/HT4723", "http://support.apple.com/en-us/HT4999" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8" ], "credit": "", "description": "PHP is updated to version 5.3.6 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. This issues do not affect OS X Lion systems. Further information is available via the PHP website at", "id": "CVE-2011-1153", "impact": "Multiple vulnerabilities in PHP 5.3.4", "links": [ "http://support.apple.com/en-us/HT5002" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Martin Barbella", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-1188", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4808", "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Daniel Divricean of divricean.ro", "description": "A cross-origin issue existed in the handling of Web Workers.", "id": "CVE-2011-1190", "impact": "Visiting a maliciously crafted website may lead to an information disclosure", "links": [ "http://support.apple.com/en-us/HT4808", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Sergey Glazunov", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-1203", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4808", "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Sergey Glazunov", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-1204", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4808", "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Andreas Kling of Nokia", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-1288", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4808", "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.1 for iPhone 3GS and later, iOS 3.1 through 4.3.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.1 for iPad", "iOS 4.2.5 through 4.2.6 for iPhone 4 (CDMA)" ], "credit": "Vincenzo Iozzo, Willem Pinckaers, Ralf-Philipp Weinmann, and an anonymous researcher working with TippingPoint's Zero Day Initiative", "description": "Multiple memory corruption issues exist in WebKit. A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-1290", "impact": "A man-in-the-middle attack may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4606", "http://support.apple.com/en-us/HT4607", "http://support.apple.com/en-us/HT4609" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Sergey Glazunov", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-1293", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4808", "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Sergey Glazunov", "description": "A cross-origin issue existed in the handling of DOM nodes.", "id": "CVE-2011-1295", "impact": "Visiting a maliciously crafted website may lead to a cross-site scripting attack", "links": [ "http://support.apple.com/en-us/HT4808", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Sergey Glazunov", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-1296", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4808", "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.1 for iPhone 3GS and later, iOS 3.1 through 4.3.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.1 for iPad", "iOS 4.2.5 through 4.2.6 for iPhone 4 (CDMA)" ], "credit": "Vupen Security working with TippingPoint's Zero Day Initiative, and Martin Barbella", "description": "Multiple memory corruption issues exist in WebKit. A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-1344", "impact": "A man-in-the-middle attack may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4606", "http://support.apple.com/en-us/HT4607", "http://support.apple.com/en-us/HT4609" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6 through v10.6.6, Mac OS X Server v10.6 through v10.6.6", "iOS", "iOS 3.0 through 4.3.1 for iPhone 3GS and later, iOS 3.1 through 4.3.1 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.1 for iPad", "iOS 4.2.5 through 4.2.6 for iPhone 4 (CDMA)", "iWork 9.0 through 9.0.5" ], "credit": "Charlie Miller and Dion Blazakis working with TippingPoint's Zero Day Initiative", "description": "A memory corruption issue existed in the handling of Microsoft Word documents. Opening a maliciously crafted Microsoft Word document in Pages may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-1417", "impact": "Opening a maliciously crafted Microsoft Word document may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4581", "http://support.apple.com/en-us/HT4606", "http://support.apple.com/en-us/HT4607", "http://support.apple.com/en-us/HT4830", "http://support.apple.com/en-us/HT5003" ], "module": "Pages", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later" ], "credit": "Jose A. Vazquez of spa-s3c.blogspot.com.", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-1440", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution.", "links": [ "http://support.apple.com/en-us/HT4981" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Marek Majkowski", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-1449", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4808", "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Sergey Glazunov", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-1451", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4808", "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "wushi of team509 working with TippingPoint's Zero Day Initiative", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-1453", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4808", "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "John Knottenbelt of Google", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-1457", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4808", "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "wushi of team509", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-1462", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4808", "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8" ], "credit": "", "description": "PHP is updated to version 5.3.6 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. This issues do not affect OS X Lion systems. Further information is available via the PHP website at", "id": "CVE-2011-1466", "impact": "Multiple vulnerabilities in PHP 5.3.4", "links": [ "http://support.apple.com/en-us/HT5002" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8" ], "credit": "", "description": "PHP is updated to version 5.3.6 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. This issues do not affect OS X Lion systems. Further information is available via the PHP website at", "id": "CVE-2011-1467", "impact": "Multiple vulnerabilities in PHP 5.3.4", "links": [ "http://support.apple.com/en-us/HT5002" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8" ], "credit": "", "description": "PHP is updated to version 5.3.6 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. This issues do not affect OS X Lion systems. Further information is available via the PHP website at", "id": "CVE-2011-1468", "impact": "Multiple vulnerabilities in PHP 5.3.4", "links": [ "http://support.apple.com/en-us/HT5002" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8" ], "credit": "", "description": "PHP is updated to version 5.3.6 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. This issues do not affect OS X Lion systems. Further information is available via the PHP website at", "id": "CVE-2011-1469", "impact": "Multiple vulnerabilities in PHP 5.3.4", "links": [ "http://support.apple.com/en-us/HT5002" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8" ], "credit": "", "description": "PHP is updated to version 5.3.6 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. This issues do not affect OS X Lion systems. Further information is available via the PHP website at", "id": "CVE-2011-1470", "impact": "Multiple vulnerabilities in PHP 5.3.4", "links": [ "http://support.apple.com/en-us/HT5002" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8" ], "credit": "", "description": "PHP is updated to version 5.3.6 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. This issues do not affect OS X Lion systems. Further information is available via the PHP website at", "id": "CVE-2011-1471", "impact": "Multiple vulnerabilities in PHP 5.3.4", "links": [ "http://support.apple.com/en-us/HT5002" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1" ], "credit": "", "description": "Multiple vulnerabilities existed in python, the most serious of which may lead to arbitrary code execution. This update addresses the issues by applying patches from the python project. Further information is available via the python site at", "id": "CVE-2011-1521", "impact": "Multiple vulnerabilities in python", "links": [ "http://support.apple.com/en-us/HT5002" ], "module": "python", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8" ], "credit": "", "description": "Postfix is updated to version 2.5.14 to address multiple vulnerabilities, the most serious of which may allow an attacker in a privileged network position to manipulate the mail session to obtain sensitive information from the encrypted traffic. These issues should not affect OS X Lion systems. More information is available via the Postfix site at", "id": "CVE-2011-1720", "impact": "Multiple vulnerabilities in Postfix", "links": [ "http://support.apple.com/en-us/HT5002" ], "module": "postfix", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1" ], "credit": "", "description": "An issue existed in the handling of XML external entities in jabberd2, a server for the Extensible Messaging and Presence Protocol (XMPP). jabberd2 expands external entities in incoming requests. This allows an attacker to consume system resources very quickly, denying service to legitimate users of the server. This update addresses the issue by disabling entity expansion in incoming requests.", "id": "CVE-2011-1755", "impact": "A remote attacker may cause the Jabber server to consume system resources disproportionately", "links": [ "http://support.apple.com/en-us/HT5002" ], "module": "iChat Server", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later.", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Nicolas Gregoire of Agarri", "description": "A configuration issue existed in WebKit's use of libxslt. Visiting a maliciously crafted website may lead to arbitrary files being created with the privileges of the user, which may lead to arbitrary code execution. This issue is addressed through improved libxslt security settings.", "id": "CVE-2011-1774", "impact": "Visiting a maliciously crafted website may lead to arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4808", "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "wushi of team509", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-1797", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4808", "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8", "OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1" ], "credit": "", "description": "Multiple denial of service issues existed in BIND 9.7.3. These issues are addressed by updating BIND to version 9.7.3-P3.", "id": "CVE-2011-1910", "impact": "Multiple vulnerabilities in BIND 9.7.3", "links": [ "http://support.apple.com/en-us/HT5002" ], "module": "BIND", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-2338", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Cris Neckar of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-2339", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "wushi of team509 working with Verisign iDefense Labs", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-2341", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "miaubiz", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-2351", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-2352", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-2354", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Adam Barth and Abhishek Arya of Google Chrome Security Team using AddressSanitizer", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-2356", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "miaubiz", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-2359", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8", "OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1" ], "credit": "", "description": "Multiple denial of service issues existed in BIND 9.7.3. These issues are addressed by updating BIND to version 9.7.3-P3.", "id": "CVE-2011-2464", "impact": "Multiple vulnerabilities in BIND 9.7.3", "links": [ "http://support.apple.com/en-us/HT5002" ], "module": "BIND", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1" ], "credit": "", "description": "libpng is updated to version 1.5.4 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the libpng website at", "id": "CVE-2011-2690", "impact": "Multiple vulnerabilities in libpng 1.4.3", "links": [ "http://support.apple.com/en-us/HT5002" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1" ], "credit": "", "description": "libpng is updated to version 1.5.4 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the libpng website at", "id": "CVE-2011-2691", "impact": "Multiple vulnerabilities in libpng 1.4.3", "links": [ "http://support.apple.com/en-us/HT5002" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1" ], "credit": "", "description": "libpng is updated to version 1.5.4 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the libpng website at", "id": "CVE-2011-2692", "impact": "Multiple vulnerabilities in libpng 1.4.3", "links": [ "http://support.apple.com/en-us/HT5002" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Mikolaj Malecki of Samsung", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-2788", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "miaubiz", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-2790", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "miaubiz", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-2792", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "miaubiz", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-2797", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "miaubiz", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-2799", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Juho Nurminen", "description": "A cross-origin issue existed in the handling of the beforeload event.", "id": "CVE-2011-2800", "impact": "A maliciously crafted website may be able to track the URLs that a user visits within a frame", "links": [ "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Sergey Glazunov", "description": "A cross-origin issue existed in the handling of the window.open method.", "id": "CVE-2011-2805", "impact": "Visiting a maliciously crafted website may lead to a cross-site scripting attack", "links": [ "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Abhishek Arya (Inferno) of Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-2809", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later" ], "credit": "Apple.", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-2811", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution.", "links": [ "http://support.apple.com/en-us/HT4981" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Cris Neckar of Google Chrome Security Team using AddressSanitizer", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-2813", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-2814", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later" ], "credit": "SkyLined of Google Chrome Security Team.", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-2815", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution.", "links": [ "http://support.apple.com/en-us/HT4981" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-2816", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-2817", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Martin Barbella", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-2818", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Sergey Glazunov", "description": "A cross-origin issue existed in the handling of the document.documentURI property.", "id": "CVE-2011-2819", "impact": "Visiting a maliciously crafted website may lead to a cross-site scripting attack", "links": [ "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Raman Tenneti and Philip Rogers of Google", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-2820", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "SkyLined of Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-2823", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "miaubiz", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-2827", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-2831", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1" ], "credit": "", "description": "Apache is updated to version 2.2.20 to address several vulnerabilities, the most serious of which may lead to a denial of service. CVE-2011-0419 does not affect OS X Lion systems. Further information is available via the Apache web site at", "id": "CVE-2011-3192", "impact": "Multiple vulnerabilities in Apache", "links": [ "http://support.apple.com/en-us/HT5002" ], "module": "Apache", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1" ], "credit": "Judson Powers of ATC-NY", "description": "After enabling FileVault, approximately 250MB at the start of the volume was left unencrypted on the disk in an unused area. Only data which was present on the volume before FileVault was enabled was left unencrypted. This issue is addressed by erasing this area when enabling FileVault, and on the first use of an encrypted volume affected by this issue. This issue does not affect systems prior to OS X Lion.", "id": "CVE-2011-3212", "impact": "Converting to FileVault does not erase all existing data", "links": [ "http://support.apple.com/en-us/HT5002" ], "module": "CoreStorage", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1" ], "credit": "Apple", "description": "An issue existed in the handling of WebDAV volumes on HTTPS servers. If the server presented a certificate chain that could not be automatically verified, a warning was displayed and the connection was closed. If the user clicked the \"Continue\" button in the warning dialog, any certificate was accepted on the following connection to that server. An attacker in a privileged network position may have manipulated the connection to obtain sensitive information or take action on the server on the user's behalf. This update addresses the issue by validating that the certificate received on the second connection is the same certificate originally presented to the user.", "id": "CVE-2011-3213", "impact": "An attacker in a privileged network position may manipulate HTTPS server certificates, leading to the disclosure of sensitive information", "links": [ "http://support.apple.com/en-us/HT5002" ], "module": "File Systems", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8" ], "credit": "Apple", "description": "An issue existed with the screen lock when used with Apple Cinema Displays. When a password is required to wake from sleep, a person with physical access may be able to access the system without entering a password if the system is in display sleep mode. This update addresses the issue by ensuring that the lock screen is correctly activated in display sleep mode. This issue does not affect OS X Lion systems.", "id": "CVE-2011-3214", "impact": "A person with physical access may be able to bypass the screen lock", "links": [ "http://support.apple.com/en-us/HT5002" ], "module": "IOGraphics", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1" ], "credit": "Passware, Inc.", "description": "A logic error in the kernel's DMA protection permitted firewire DMA at loginwindow, boot, and shutdown, although not at screen lock. This update addresses the issue by preventing firewire DMA at all states where the user is not logged in.", "id": "CVE-2011-3215", "impact": "A person with physical access may be able to access the user's password", "links": [ "http://support.apple.com/en-us/HT5002" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1" ], "credit": "Gordon Davisson of Crywolf, Linc Davis, R. Dormer, and Allan Schmid and Oliver Jeckel of brainworks Training", "description": "A logic error existed in the kernel's handling of file deletions in directories with the sticky bit.", "id": "CVE-2011-3216", "impact": "An unprivileged user may be able to delete another user's files in a shared directory", "links": [ "http://support.apple.com/en-us/HT5002" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in the handling of disk images. These issues do not affect OS X Lion systems.", "id": "CVE-2011-3217", "impact": "Opening a maliciously crafted disk image may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5002" ], "module": "MediaKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8", "Windows 7, Vista, XP SP2 or later" ], "credit": "Aaron Sigel of vtty.com", "description": "A cross-site scripting issue existed in QuickTime Player's \"Save for Web\" export. The template HTML files generated by this feature referenced a script file from a non-encrypted origin. An attacker in a privileged network position may be able to inject malicious scripts in the local domain if the user views a template file locally. This issue is addressed by removing the reference to an online script. This issue does not affect OS X Lion systems. For Mac OS X v10.6 systems, this issue is addressed in Security Update 2011-006.", "id": "CVE-2011-3218", "impact": "An attacker in a privileged network position may inject script in the local domain when viewing template HTML", "links": [ "http://support.apple.com/en-us/HT5002", "http://support.apple.com/en-us/HT5016" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1", "Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later." ], "credit": "Damian Put working with TippingPoint's Zero Day Initiative", "description": "A buffer overflow existed in QuickTime's handling of H.264 encoded movie files. For OS X Lion systems, this issue is addressed in OS X Lion v10.7.2. For Mac OS X v10.6 systems, this issue is addressed in Security Update 2011-006.", "id": "CVE-2011-3219", "impact": "Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT5002", "http://support.apple.com/en-us/HT5016" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1", "Windows 7, Vista, XP SP2 or later" ], "credit": "Luigi Auriemma working with TippingPoint's Zero Day Initiative", "description": "An uninitialized memory access issue existed in QuickTime's handling of URL data handlers within movie files. For OS X Lion systems, this issue is addressed in OS X Lion v10.7.2. For Mac OS X v10.6 systems, this issue is addressed in Security Update 2011-006.", "id": "CVE-2011-3220", "impact": "Viewing a maliciously crafted movie file may lead to the disclosure of memory contents", "links": [ "http://support.apple.com/en-us/HT5002", "http://support.apple.com/en-us/HT5016" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1", "Windows 7, Vista, XP SP2 or later" ], "credit": "an anonymous researcher working with TippingPoint's Zero Day Initiative", "description": "An implementation issue existed in QuickTime's handling of the atom hierarchy within a movie file. For OS X Lion systems, this issue is addressed in OS X Lion v10.7.2. For Mac OS X v10.6 systems, this issue is addressed in Security Update 2011-006.", "id": "CVE-2011-3221", "impact": "Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5002", "http://support.apple.com/en-us/HT5016" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1", "Windows 7, Vista, XP SP2 or later" ], "credit": "Damian Put working with TippingPoint's Zero Day Initiative", "description": "A buffer overflow existed in QuickTime's handling of FlashPix files. For OS X Lion systems, this issue is addressed in OS X Lion v10.7.2. For Mac OS X v10.6 systems, this issue is addressed in Security Update 2011-006.", "id": "CVE-2011-3222", "impact": "Viewing a maliciously crafted FlashPix file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5002", "http://support.apple.com/en-us/HT5016" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1", "Windows 7, Vista, XP SP2 or later" ], "credit": "Matt 'j00ru' Jurczyk working with TippingPoint's Zero Day Initiative", "description": "A buffer overflow existed in QuickTime's handling of FLIC files. For OS X Lion systems, this issue is addressed in OS X Lion v10.7.2. For Mac OS X v10.6 systems, this issue is addressed in Security Update 2011-006.", "id": "CVE-2011-3223", "impact": "Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5002", "http://support.apple.com/en-us/HT5016" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8" ], "credit": "Aaron Sigel of vtty.com and Brian Mastenbrook", "description": "App Store help content was updated over HTTP. This update addresses the issue by updating App Store help content over HTTPS. This issue does not affect OS X Lion systems.", "id": "CVE-2011-3224", "impact": "An attacker in a privileged network position may manipulate App Store help content, leading to arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5002" ], "module": "User Documentation", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1" ], "credit": "", "description": "An access control issue existed in the SMB File Server. Disallowing guest access to the share point record for a folder prevented the '_unknown' user from browsing the share point but not guests (user 'nobody'). This issue is addressed by applying the access control to the guest user. This issue does not affect systems prior to OS X Lion.", "id": "CVE-2011-3225", "impact": "A guest user may browse shared folders", "links": [ "http://support.apple.com/en-us/HT5002" ], "module": "SMB File Server", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1" ], "credit": "Jeffry Strunk of The University of Texas at Austin, Steven Eppler of Colorado Mesa University, Hugh Cole-Baker, and Frederic Metoz of Institut de Biologie Structurale", "description": "When Open Directory is bound to an LDAPv3 server using RFC2307 or custom mappings, such that there is no AuthenticationAuthority attribute for a user, an LDAP user may be allowed to log in without a password. This issue does not affect systems prior to OS X Lion.", "id": "CVE-2011-3226", "impact": "A user may be able to log in without a password", "links": [ "http://support.apple.com/en-us/HT5002" ], "module": "Open Directory", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1" ], "credit": "Richard Godbee of Virginia Tech", "description": "An error handling issue existed when parsing a nonstandard certificate revocation list extension.", "id": "CVE-2011-3227", "impact": "Viewing a maliciously crafted website or e-mail message may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5002" ], "module": "libsecurity", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1", "Windows 7, Vista, XP SP2 or later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in QuickTime's handling of movie files. For OS X Lion systems, these issues are addressed in OS X Lion v10.7.2. For Mac OS X v10.6 systems, these issues are addressed in Security Update 2011-006.", "id": "CVE-2011-3228", "impact": "Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5002", "http://support.apple.com/en-us/HT5016" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Apple TV 4.0 through 4.3", "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Aki Helin of OUSPG", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-3232", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999", "http://support.apple.com/en-us/HT5001" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later" ], "credit": "Sadrul Habib Chowdhury of the Chromium development community, Cris Neckar and Abhishek Arya (Inferno) of Google Chrome Security Team.", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-3233", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution.", "links": [ "http://support.apple.com/en-us/HT4981" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "miaubiz", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-3234", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Dimitri Glazkov, Kent Tamura, Dominic Cooney of the Chromium development community, and Abhishek Arya (Inferno) of Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-3235", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-3236", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Dimitri Glazkov, Kent Tamura, Dominic Cooney of the Chromium development community, and Abhishek Arya (Inferno) of Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-3237", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later" ], "credit": "Martin Barbella.", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-3238", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution.", "links": [ "http://support.apple.com/en-us/HT4981" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later" ], "credit": "Slawomir Blazek.", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-3239", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution.", "links": [ "http://support.apple.com/en-us/HT4981" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later" ], "credit": "Apple.", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-3241", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution.", "links": [ "http://support.apple.com/en-us/HT4981" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Sergey Glazunov", "description": "A cross-origin issue existed in the handling of inactive DOM windows.", "id": "CVE-2011-3243", "impact": "Visiting a maliciously crafted website may lead to a cross-site scripting attack", "links": [ "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "vkouchna", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-3244", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4981", "http://support.apple.com/en-us/HT4999" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Paul Mousdicas", "description": "The keyboard used to type the last character of a password was briefly displayed the next time the keyboard was used.", "id": "CVE-2011-3245", "impact": "A user may be able to determine information about the last character of a password", "links": [ "http://support.apple.com/en-us/HT4999" ], "module": "Keyboards", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad", "iOS 3.0 through 5.0 for iPhone 3GS, iPhone 4 and iPhone 4S, iOS 3.1 through 5.0 for iPod touch (3rd generation) and later, iOS 3.2 through 5.0 for iPad, iOS 4.3 through 5.0 for iPad 2" ], "credit": "Erling Ellingsen of Facebook", "description": "An issue existed in CFNetwork's handling of maliciously crafted URLs. When accessing a maliciously crafted HTTP or HTTPS URL, CFNetwork could navigate to an incorrect server.", "id": "CVE-2011-3246", "impact": "Visiting a maliciously crafted website may lead to the disclosure of sensitive information", "links": [ "http://support.apple.com/en-us/HT4999", "http://support.apple.com/en-us/HT5002", "http://support.apple.com/en-us/HT5052" ], "module": "CFNetwork", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later" ], "credit": "Luigi Auriemma working with TippingPoint's Zero Day Initiative", "description": "An integer overflow issue existed in the handling of PICT files. This issue does not affect Mac OS X systems.", "id": "CVE-2011-3247", "impact": "Viewing a maliciously crafted PICT file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5016" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later" ], "credit": "Luigi Auriemma working with TippingPoint's Zero Day Initiative", "description": "A signedness issue existed in the handling of font tables embedded in QuickTime movie files.", "id": "CVE-2011-3248", "impact": "Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5016" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later" ], "credit": "Matt 'j00ru' Jurczyk working with TippingPoint's Zero Day Initiative", "description": "A buffer overflow issue existed in the handling of FLC encoded movie files.", "id": "CVE-2011-3249", "impact": "Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5016" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later" ], "credit": "Luigi Auriemma working with TippingPoint's Zero Day Initiative", "description": "An integer overflow issue existed in the handling of JPEG2000 encoded movie files.", "id": "CVE-2011-3250", "impact": "Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5016" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later" ], "credit": "Damian Put working with TippingPoint's Zero Day Initiative", "description": "A memory corruption issue existed in the handling of TKHD atoms in QuickTime movie files. This issue does not affect Mac OS X systems.", "id": "CVE-2011-3251", "impact": "Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5016" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later." ], "credit": "Luigi Auriemma working with TippingPoint's Zero Day Initiative.", "description": "A buffer overflow existed in the handling of audio stream encoded with the advanced audio code. This issue does not affect OS X Lion systems.", "id": "CVE-2011-3252", "impact": "Playing maliciously crafted audio content may lead to an unexpected application termination or arbitrary code execution.", "links": [ "http://support.apple.com/en-us/HT4981" ], "module": "CoreAudio", "rsr": "", "update": "" }, { "available": [ "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Leszek Tasiemski of nSense", "description": "CalDAV did not check that the SSL certificate presented by the server was trusted.", "id": "CVE-2011-3253", "impact": "An attacker with a privileged network position may intercept user credentials or other sensitive information from a CalDAV calendar server", "links": [ "http://support.apple.com/en-us/HT4999" ], "module": "CalDAV", "rsr": "", "update": "" }, { "available": [ "iOS 4.2.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 4.2.0 through 4.3.5 for iPod touch (3rd generation) and later, iOS 4.2.0 through 4.3.5 for iPad" ], "credit": "Rick Deacon", "description": "A script injection issue existed in Calendar's handling of invitation notes. This issue is addressed through improved escaping of special characters in invitation notes. This issues does not affect devices prior to iOS 4.2.0.", "id": "CVE-2011-3254", "impact": "Viewing a maliciously crafted calendar invitation may inject script in the local domain", "links": [ "http://support.apple.com/en-us/HT4999" ], "module": "Calendar", "rsr": "", "update": "" }, { "available": [ "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Peter Quade of qdevelop", "description": "A user's AppleID password and username were logged to a file that was readable by applications on the system. This is resolved by no longer logging these credentials.", "id": "CVE-2011-3255", "impact": "User's AppleID password may be logged to a local file", "links": [ "http://support.apple.com/en-us/HT4999" ], "module": "CFNetwork", "rsr": "", "update": "" }, { "available": [ "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Apple", "description": "Multiple memory corruption existed in freetype, the most serious of which may lead to arbitrary code execution when processing a maliciously crafted font.", "id": "CVE-2011-3256", "impact": "Viewing a document containing a maliciously crafted font may lead to arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4999" ], "module": "CoreGraphics", "rsr": "", "update": "" }, { "available": [ "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Bob Sielken of IBM", "description": "When multiple mail exchange accounts are configured which connect to the same server, a session could potentially receive a valid cookie corresponding to a different account. This issue is addressed by ensuring that cookies are separated across different accounts.", "id": "CVE-2011-3257", "impact": "An exchange mail cookie management issue could incorrectly cause data synchronization across different accounts", "links": [ "http://support.apple.com/en-us/HT4999" ], "module": "Data Access", "rsr": "", "update": "" }, { "available": [ "Apple TV 4.0 through 4.3", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Wouter van der Veer of Topicus I&I, and Josh Enders", "description": "The kernel failed to promptly reclaim memory from incomplete TCP connections. An attacker with the ability to connect to a listening service on an iOS device could exhaust system resources.", "id": "CVE-2011-3259", "impact": "A remote attacker may cause a device reset", "links": [ "http://support.apple.com/en-us/HT4999", "http://support.apple.com/en-us/HT5001" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Tobias Klein working with Verisign iDefense Labs", "description": "A buffer overflow existed in OfficeImport's handling of Microsoft Word documents.", "id": "CVE-2011-3260", "impact": "Viewing a maliciously crafted Word file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4999" ], "module": "OfficeImport", "rsr": "", "update": "" }, { "available": [ "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Tobias Klein of www.trapkit.de", "description": "A double free issue existed in OfficeImport's handling of Excel files.", "id": "CVE-2011-3261", "impact": "Viewing a maliciously crafted Excel file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4999" ], "module": "OfficeImport", "rsr": "", "update": "" }, { "available": [ "Apple TV 4.0 through 4.3", "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.2, Lion Server v10.7.2", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_26, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_29. Further information is available via the Java website at", "id": "CVE-2011-3389", "impact": "Multiple vulnerabilities in Java 1.6.0_26", "links": [ "http://support.apple.com/en-us/HT4999", "http://support.apple.com/en-us/HT5001", "http://support.apple.com/en-us/HT5045" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Christian Matthies working with iDefense VCP, Yoshinori Oota from Business Architects Inc working with JP/CERT", "description": "iOS did not support the 'attachment' value for the HTTP Content-Disposition header. This header is used by many websites to serve files that were uploaded to the site by a third-party, such as attachments in web-based e-mail applications. Any script in files served with this header value would run as if the file had been served inline, with full access to other resources on the origin server. This issue is addressed by loading attachments in an isolated security origin with no access to resources on other sites.", "id": "CVE-2011-3426", "impact": "Opening maliciously crafted files on certain websites may lead to a cross-site scripting attack", "links": [ "http://support.apple.com/en-us/HT4999" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "Apple TV 4.0 through 4.3", "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "", "description": "Certificates signed using the MD5 hash algorithm were accepted by iOS. This algorithm has known cryptographic weaknesses. Further research or a misconfigured certificate authority could have allowed the creation of X.509 certificates with attacker controlled values that would have been trusted by the system. This would have exposed X.509 based protocols to spoofing, man in the middle attacks, and information disclosure. This update disables support for an X.509 certificate with an MD5 hash for any use other than as a trusted root certificate.", "id": "CVE-2011-3427", "impact": "Support for X.509 certificates with MD5 hashes may expose users to spoofing and information disclosure as attacks improve", "links": [ "http://support.apple.com/en-us/HT4999", "http://support.apple.com/en-us/HT5001" ], "module": "Data Security", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later" ], "credit": "Luigi Auriemma working with TippingPoint's Zero Day Initiative", "description": "A buffer overflow existed in QuickTime's handling of RLE encoded movie files. This issue does not affect Mac OS X systems.", "id": "CVE-2011-3428", "impact": "Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5016" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "an anonymous reporter", "description": "The parental restrictions functionality enforces UI restrictions. Configuring parental restrictions is protected by a passcode, which was previously stored in plaintext on disk. This issue is addressed by securely storing the parental restrictions passcode in the system keychain.", "id": "CVE-2011-3429", "impact": "An attacker with physical access to a device may be able to recover the restrictions passcode", "links": [ "http://support.apple.com/en-us/HT4999" ], "module": "Settings", "rsr": "", "update": "" }, { "available": [ "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Florian Kreitmaier of Siemens CERT", "description": "Configurations and settings applied via configuration profiles did not appear to function properly under any non-English language. Settings could be improperly displayed as a result. This issue is addressed by fixing a localization error.", "id": "CVE-2011-3430", "impact": "Misleading UI", "links": [ "http://support.apple.com/en-us/HT4999" ], "module": "Settings", "rsr": "", "update": "" }, { "available": [ "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Abe White of Hedonic Software Inc.", "description": "When switching between applications with the four-finger app switching gesture, the display could have revealed the previous application state. This issue is addressed by ensuring that the system properly calls the applicationWillResignActive: method when transitioning between applications.", "id": "CVE-2011-3431", "impact": "Switching between applications may lead to the disclosure of sensitive application information", "links": [ "http://support.apple.com/en-us/HT4999" ], "module": "Home screen", "rsr": "", "update": "" }, { "available": [ "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Simon Young of Anglia Ruskin University", "description": "An excessive maximum text layout length permitted malicious websites to cause iOS to hang when drawing acceptance dialogs for very long tel: URIs. This issue is addressed by using a more reasonable maximum URI size.", "id": "CVE-2011-3432", "impact": "Visiting a malicious website may cause an unexpected device hang", "links": [ "http://support.apple.com/en-us/HT4999" ], "module": "UIKit Alerts", "rsr": "", "update": "" }, { "available": [ "iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad" ], "credit": "Laurent OUDOT of TEHTRI Security", "description": "Wi-Fi credentials including the passphrase and encryption keys were logged to a file that was readable by applications on the system. This is resolved by no longer logging these credentials.", "id": "CVE-2011-3434", "impact": "Wi-Fi credentials may be logged to a local file", "links": [ "http://support.apple.com/en-us/HT4999" ], "module": "Wi-Fi", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1" ], "credit": "Arek Dreyer of Dreyer Network Consultants, Inc, and Patrick Dunstan at defenseindepth.net", "description": "An access control issue existed in Open Directory. This issue does not affect systems prior to OS X Lion.", "id": "CVE-2011-3435", "impact": "Any user may read another local user's password data", "links": [ "http://support.apple.com/en-us/HT5002" ], "module": "Open Directory", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1" ], "credit": "Patrick Dunstan at defenceindepth.net", "description": "An access control issue existed in Open Directory. This issue does not affect systems prior to OS X Lion.", "id": "CVE-2011-3436", "impact": "An authenticated user may change that account's password without providing the current password", "links": [ "http://support.apple.com/en-us/HT5002" ], "module": "Open Directory", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1" ], "credit": "", "description": "A signedness issue existed in ATS' handling of Type 1 fonts. This issue does not affect systems prior to OS X Lion.", "id": "CVE-2011-3437", "impact": "Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5002" ], "module": "ATS", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later" ], "credit": "wushi of team509 working with iDefense VCP", "description": "Multiple memory corruption issues existed in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-3438", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4808" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iOS 3.0 through 5.0 for iPhone 3GS, iPhone 4 and iPhone 4S, iOS 3.1 through 5.0 for iPod touch (3rd generation) and later, iOS 3.2 through 5.0 for iPad, iOS 4.3 through 5.0 for iPad 2" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in FreeType, the most serious of which may lead to arbitrary code execution when processing a maliciously crafted font.", "id": "CVE-2011-3439", "impact": "Viewing a document containing a maliciously crafted font may lead to arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5052" ], "module": "CoreGraphics", "rsr": "", "update": "" }, { "available": [ "iOS 4.3 through 5.0 for iPad 2" ], "credit": "", "description": "When a Smart Cover is opened while iPad 2 is confirming power off in the locked state, the iPad does not request a passcode. This allows some access to the iPad, but data protected by Data Protection is inaccessible and apps cannot be launched.", "id": "CVE-2011-3440", "impact": "A person with physical access to a locked iPad 2 may be able to access some of the user's data", "links": [ "http://support.apple.com/en-us/HT5052" ], "module": "Passcode Lock", "rsr": "", "update": "" }, { "available": [ "iOS 3.0 through 5.0 for iPhone 3GS, iPhone 4 and iPhone 4S, iOS 3.1 through 5.0 for iPod touch (3rd generation) and later, iOS 3.2 through 5.0 for iPad, iOS 4.3 through 5.0 for iPad 2" ], "credit": "Erling Ellingsen of Facebook, Per Johansson of Blocket AB", "description": "An issue existed in libinfo's handling of DNS name lookups. When resolving a maliciously crafted hostname, libinfo could return an incorrect result.", "id": "CVE-2011-3441", "impact": "Visiting a maliciously crafted website may lead to the disclosure of sensitive information", "links": [ "http://support.apple.com/en-us/HT5052" ], "module": "libinfo", "rsr": "", "update": "" }, { "available": [ "iOS 3.0 through 5.0 for iPhone 3GS, iPhone 4 and iPhone 4S, iOS 3.1 through 5.0 for iPod touch (3rd generation) and later, iOS 3.2 through 5.0 for iPad, iOS 4.3 through 5.0 for iPad 2" ], "credit": "Charlie Miller of Accuvant Labs", "description": "A logic error existed in the mmap system call's checking of valid flag combinations. This issue may lead to a bypass of codesigning checks. This issue does not affect devices running iOS prior to version 4.3.", "id": "CVE-2011-3442", "impact": "An application may execute unsigned code", "links": [ "http://support.apple.com/en-us/HT5052" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later" ], "credit": "An anonymous researcher working with iDefense VCP", "description": "Multiple memory corruption issues existed in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2011-3443", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT4808" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.2, Lion Server v10.7.2" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_26, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_29. Further information is available via the Java website at", "id": "CVE-2011-3521", "impact": "Multiple vulnerabilities in Java 1.6.0_26", "links": [ "http://support.apple.com/en-us/HT5045" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.2, Lion Server v10.7.2" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_26, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_29. Further information is available via the Java website at", "id": "CVE-2011-3544", "impact": "Multiple vulnerabilities in Java 1.6.0_26", "links": [ "http://support.apple.com/en-us/HT5045" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.2, Lion Server v10.7.2" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_26, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_29. Further information is available via the Java website at", "id": "CVE-2011-3545", "impact": "Multiple vulnerabilities in Java 1.6.0_26", "links": [ "http://support.apple.com/en-us/HT5045" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.2, Lion Server v10.7.2" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_26, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_29. Further information is available via the Java website at", "id": "CVE-2011-3546", "impact": "Multiple vulnerabilities in Java 1.6.0_26", "links": [ "http://support.apple.com/en-us/HT5045" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.2, Lion Server v10.7.2" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_26, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_29. Further information is available via the Java website at", "id": "CVE-2011-3547", "impact": "Multiple vulnerabilities in Java 1.6.0_26", "links": [ "http://support.apple.com/en-us/HT5045" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.2, Lion Server v10.7.2" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_26, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_29. Further information is available via the Java website at", "id": "CVE-2011-3548", "impact": "Multiple vulnerabilities in Java 1.6.0_26", "links": [ "http://support.apple.com/en-us/HT5045" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.2, Lion Server v10.7.2" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_26, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_29. Further information is available via the Java website at", "id": "CVE-2011-3549", "impact": "Multiple vulnerabilities in Java 1.6.0_26", "links": [ "http://support.apple.com/en-us/HT5045" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.2, Lion Server v10.7.2" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_26, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_29. Further information is available via the Java website at", "id": "CVE-2011-3551", "impact": "Multiple vulnerabilities in Java 1.6.0_26", "links": [ "http://support.apple.com/en-us/HT5045" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.2, Lion Server v10.7.2" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_26, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_29. Further information is available via the Java website at", "id": "CVE-2011-3552", "impact": "Multiple vulnerabilities in Java 1.6.0_26", "links": [ "http://support.apple.com/en-us/HT5045" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.2, Lion Server v10.7.2" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_26, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_29. Further information is available via the Java website at", "id": "CVE-2011-3553", "impact": "Multiple vulnerabilities in Java 1.6.0_26", "links": [ "http://support.apple.com/en-us/HT5045" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.2, Lion Server v10.7.2" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_26, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_29. Further information is available via the Java website at", "id": "CVE-2011-3554", "impact": "Multiple vulnerabilities in Java 1.6.0_26", "links": [ "http://support.apple.com/en-us/HT5045" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.2, Lion Server v10.7.2" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_26, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_29. Further information is available via the Java website at", "id": "CVE-2011-3556", "impact": "Multiple vulnerabilities in Java 1.6.0_26", "links": [ "http://support.apple.com/en-us/HT5045" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.2, Lion Server v10.7.2" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_26, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_29. Further information is available via the Java website at", "id": "CVE-2011-3557", "impact": "Multiple vulnerabilities in Java 1.6.0_26", "links": [ "http://support.apple.com/en-us/HT5045" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.2, Lion Server v10.7.2" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_26, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_29. Further information is available via the Java website at", "id": "CVE-2011-3558", "impact": "Multiple vulnerabilities in Java 1.6.0_26", "links": [ "http://support.apple.com/en-us/HT5045" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.2, Lion Server v10.7.2" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_26, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_29. Further information is available via the Java website at", "id": "CVE-2011-3560", "impact": "Multiple vulnerabilities in Java 1.6.0_26", "links": [ "http://support.apple.com/en-us/HT5045" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.2, Lion Server v10.7.2" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_26, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_29. Further information is available via the Java website at", "id": "CVE-2011-3561", "impact": "Multiple vulnerabilities in Java 1.6.0_26", "links": [ "http://support.apple.com/en-us/HT5045" ], "module": "Java", "rsr": "", "update": "" } ] ================================================ FILE: 2011/README.md ================================================ # Apple CVE 2011 * data source: https://support.apple.com/en-us/HT201222 * [2011.json](2011.json) ## Modules | Index | Module Name | CVE Count | |:-----:|:------------------ |:---------:| | 1 | WebKit | 142 | | 2 | Java | 44 | | 3 | QuickTime | 33 | | 4 | PHP | 24 | | 5 | ImageIO | 11 | | 6 | MySQL | 8 | | 7 | ATS | 8 | | 8 | BIND | 6 | | 9 | Tomcat | 6 | | 10 | CFNetwork | 6 | | 11 | Kernel | 6 | | 12 | OpenSSL | 5 | | 13 | Safari | 5 | | 14 | Kerberos | 4 | | 15 | Apache | 4 | | 16 | ClamAV | 4 | | 17 | CoreGraphics | 4 | | 18 | OfficeImport | 4 | | 19 | python | 3 | | 20 | libxml | 3 | | 21 | Open Directory | 3 | | 22 | Samba | 2 | | 23 | Mailman | 2 | | 24 | Numbers | 2 | | 25 | Wi-Fi | 2 | | 26 | AirPort | 2 | | 27 | CoreMedia | 2 | | 28 | CoreFoundation | 2 | | 29 | Data Security | 2 | | 30 | postfix | 2 | | 31 | Settings | 2 | | 32 | iTunes | 1 | | 33 | bzip2 | 1 | | 34 | Libsystem | 1 | | 35 | Subversion | 1 | | 36 | X11 | 1 | | 37 | PackageKit | 1 | | 38 | patch | 1 | | 39 | AppleScript | 1 | | 40 | CarbonCore | 1 | | 41 | CoreText | 1 | | 42 | HFS | 1 | | 43 | Libinfo | 1 | | 44 | Application Firewall | 1 | | 45 | Ruby | 1 | | 46 | Terminal | 1 | | 47 | Installer | 1 | | 48 | Image RAW | 1 | | 49 | libxslt | 1 | | 50 | App Store | 1 | | 51 | Certificate Trust Policy | 1 | | 52 | ColorSync | 1 | | 53 | FTP Server | 1 | | 54 | International Components for Unicode | 1 | | 55 | MobileMe | 1 | | 56 | servermgrd | 1 | | 57 | IOMobileFrameBuffer | 1 | | 58 | CoreProcesses | 1 | | 59 | subversion | 1 | | 60 | AirPort Time Capsule and AirPort Base Station (802.11n) Firmware 7.6 | 1 | | 61 | Pages | 1 | | 62 | iChat Server | 1 | | 63 | CoreStorage | 1 | | 64 | File Systems | 1 | | 65 | IOGraphics | 1 | | 66 | MediaKit | 1 | | 67 | User Documentation | 1 | | 68 | SMB File Server | 1 | | 69 | libsecurity | 1 | | 70 | Keyboards | 1 | | 71 | CoreAudio | 1 | | 72 | CalDAV | 1 | | 73 | Calendar | 1 | | 74 | Data Access | 1 | | 75 | Home screen | 1 | | 76 | UIKit Alerts | 1 | | 77 | Passcode Lock | 1 | | 78 | libinfo | 1 | ================================================ FILE: 2012/2012.json ================================================ [ { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8" ], "credit": "", "description": "SquirrelMail is updated to version 1.4.22 to address several vulnerabilities, the most serious of which is a cross-site scripting issue. This issue does not affect OS X Lion systems. Further information is available via the SquirrelMail web site at", "id": "CVE-2010-1637", "impact": "Multiple vulnerabilities in SquirrelMail", "links": [ "http://support.apple.com/en-us/HT5130" ], "module": "SquirrelMail", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8" ], "credit": "", "description": "SquirrelMail is updated to version 1.4.22 to address several vulnerabilities, the most serious of which is a cross-site scripting issue. This issue does not affect OS X Lion systems. Further information is available via the SquirrelMail web site at", "id": "CVE-2010-2813", "impact": "Multiple vulnerabilities in SquirrelMail", "links": [ "http://support.apple.com/en-us/HT5130" ], "module": "SquirrelMail", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8" ], "credit": "", "description": "SquirrelMail is updated to version 1.4.22 to address several vulnerabilities, the most serious of which is a cross-site scripting issue. This issue does not affect OS X Lion systems. Further information is available via the SquirrelMail web site at", "id": "CVE-2010-4554", "impact": "Multiple vulnerabilities in SquirrelMail", "links": [ "http://support.apple.com/en-us/HT5130" ], "module": "SquirrelMail", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8" ], "credit": "", "description": "SquirrelMail is updated to version 1.4.22 to address several vulnerabilities, the most serious of which is a cross-site scripting issue. This issue does not affect OS X Lion systems. Further information is available via the SquirrelMail web site at", "id": "CVE-2010-4555", "impact": "Multiple vulnerabilities in SquirrelMail", "links": [ "http://support.apple.com/en-us/HT5130" ], "module": "SquirrelMail", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8" ], "credit": "binaryproof working with TippingPoint's Zero Day Initiative", "description": "An integer overflow existed in the handling of images with an embedded ColorSync profile, which may lead to a heap buffer overflow. This issue does not affect OS X Lion systems.", "id": "CVE-2011-0200", "impact": "Viewing a maliciously crafted image with an embedded ColorSync profile may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5130" ], "module": "ColorSync", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8" ], "credit": "Cyril CATTIAUX of Tessi Technologies", "description": "A buffer overflow existed in ImageIO's handling of CCITT Group 4 encoded TIFF files. This issue does not affect OS X Lion systems.", "id": "CVE-2011-0241", "impact": "Viewing a maliciously crafted TIFF file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5281" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3" ], "credit": "", "description": "Ruby is updated to 1.8.7-p357 to address multiple vulnerabilities.", "id": "CVE-2011-1004", "impact": "Multiple vulnerabilities in Ruby", "links": [ "http://support.apple.com/en-us/HT5281" ], "module": "Ruby", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3" ], "credit": "", "description": "Ruby is updated to 1.8.7-p357 to address multiple vulnerabilities.", "id": "CVE-2011-1005", "impact": "Multiple vulnerabilities in Ruby", "links": [ "http://support.apple.com/en-us/HT5281" ], "module": "Ruby", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2" ], "credit": "", "description": "PHP is updated to version 5.3.8 to address several vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the PHP web site at", "id": "CVE-2011-1148", "impact": "Multiple vulnerabilities in PHP 5.3.6", "links": [ "http://support.apple.com/en-us/HT5130" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "Mac OS X v10.6.8, Mac OS X Server v10.6.8", "OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "", "description": "A buffer overflow existed in libtiff's handling of ThunderScan encoded TIFF images. This issue was addressed by updating libtiff to version 3.9.5.", "id": "CVE-2011-1167", "impact": "Viewing a maliciously crafted TIFF file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5130", "http://support.apple.com/en-us/HT5281", "http://support.apple.com/en-us/HT5503", "http://support.apple.com/en-us/HT5504" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later" ], "credit": "Mark Yason of the IBM X-Force", "description": "A buffer overflow existed in the handling of REGION records in PICT files. This issue was addressed through improved bounds checking.", "id": "CVE-2011-1374", "impact": "Viewing a maliciously crafted PICT file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5581" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2" ], "credit": "", "description": "PHP is updated to version 5.3.8 to address several vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the PHP web site at", "id": "CVE-2011-1657", "impact": "Multiple vulnerabilities in PHP 5.3.6", "links": [ "http://support.apple.com/en-us/HT5130" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2" ], "credit": "", "description": "Subversion is updated to version 1.6.17 to address multiple vulnerabilities, the most serious of which may lead to the disclosure of sensitive information. Further information is available via the Subversion web site at", "id": "CVE-2011-1752", "impact": "Accessing a Subversion repository may lead to the disclosure of sensitive information", "links": [ "http://support.apple.com/en-us/HT5130" ], "module": "Subversion", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3" ], "credit": "", "description": "Multiple buffer overflows existed in the handling of tar archives and iso9660 files.", "id": "CVE-2011-1777", "impact": "Extracting a maliciously crafted archive may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5281" ], "module": "libarchive", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3" ], "credit": "", "description": "Multiple buffer overflows existed in the handling of tar archives and iso9660 files.", "id": "CVE-2011-1778", "impact": "Extracting a maliciously crafted archive may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5281" ], "module": "libarchive", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2" ], "credit": "", "description": "Subversion is updated to version 1.6.17 to address multiple vulnerabilities, the most serious of which may lead to the disclosure of sensitive information. Further information is available via the Subversion web site at", "id": "CVE-2011-1783", "impact": "Accessing a Subversion repository may lead to the disclosure of sensitive information", "links": [ "http://support.apple.com/en-us/HT5130" ], "module": "Subversion", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2" ], "credit": "", "description": "Subversion is updated to version 1.6.17 to address multiple vulnerabilities, the most serious of which may lead to the disclosure of sensitive information. Further information is available via the Subversion web site at", "id": "CVE-2011-1921", "impact": "Accessing a Subversion repository may lead to the disclosure of sensitive information", "links": [ "http://support.apple.com/en-us/HT5130" ], "module": "Subversion", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2" ], "credit": "", "description": "PHP is updated to version 5.3.8 to address several vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the PHP web site at", "id": "CVE-2011-1938", "impact": "Multiple vulnerabilities in PHP 5.3.6", "links": [ "http://support.apple.com/en-us/HT5130" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Chris Evans of Google Chrome Security Team", "description": "Multiple vulnerabilities existed in libxml, the most serious of which may lead to an unexpected application termination or arbitrary code execution. These issues were addressed by applying the relevant upstream patches.", "id": "CVE-2011-1944", "impact": "Viewing a maliciously crafted web page may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5281", "http://support.apple.com/en-us/HT5503", "http://support.apple.com/en-us/HT5504" ], "module": "libxml", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8" ], "credit": "", "description": "SquirrelMail is updated to version 1.4.22 to address several vulnerabilities, the most serious of which is a cross-site scripting issue. This issue does not affect OS X Lion systems. Further information is available via the SquirrelMail web site at", "id": "CVE-2011-2023", "impact": "Multiple vulnerabilities in SquirrelMail", "links": [ "http://support.apple.com/en-us/HT5130" ], "module": "SquirrelMail", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2" ], "credit": "", "description": "When doing GSSAPI authentication, libcurl unconditionally performs credential delegation. This issue is addressed by disabling GSSAPI credential delegation.", "id": "CVE-2011-2192", "impact": "A remote server may be able to impersonate clients via GSSAPI requests", "links": [ "http://support.apple.com/en-us/HT5130" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2" ], "credit": "", "description": "PHP is updated to version 5.3.8 to address several vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the PHP web site at", "id": "CVE-2011-2202", "impact": "Multiple vulnerabilities in PHP 5.3.6", "links": [ "http://support.apple.com/en-us/HT5130" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8" ], "credit": "", "description": "Tomcat is updated to version 6.0.33 to address multiple vulnerabilities, the most serious of which may lead to the disclosure of sensitive information. Tomcat is only provided on Mac OS X Server systems. This issue does not affect OS X Lion systems. Further information is available via the Tomcat site at", "id": "CVE-2011-2204", "impact": "Multiple vulnerabilities in Tomcat 6.0.32", "links": [ "http://support.apple.com/en-us/HT5130" ], "module": "Tomcat", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2" ], "credit": "", "description": "PHP is updated to version 5.3.8 to address several vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the PHP web site at", "id": "CVE-2011-2483", "impact": "Multiple vulnerabilities in PHP 5.3.6", "links": [ "http://support.apple.com/en-us/HT5130" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8" ], "credit": "", "description": "libpng is updated to version 1.5.5 to address multiple vulnerabilities, the most serious of which may lead to information disclosure. Further information is available via the libpng website at", "id": "CVE-2011-2692", "impact": "Multiple vulnerabilities in libpng", "links": [ "http://support.apple.com/en-us/HT5281" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Yang Dingning of NCNIPC, Graduate University of Chinese Academy of Sciences", "description": "Multiple vulnerabilities existed in libxml, the most serious of which may lead to an unexpected application termination or arbitrary code execution. These issues were addressed by applying the relevant upstream patches.", "id": "CVE-2011-2821", "impact": "Viewing a maliciously crafted web page may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5281", "http://support.apple.com/en-us/HT5503", "http://support.apple.com/en-us/HT5504" ], "module": "libxml", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "wushi of team509 working with TippingPoint's Zero Day Initiative", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-2825", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-2833", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Yang Dingning of NCNIPC, Graduate University of Chinese Academy of Sciences", "description": "Multiple vulnerabilities existed in libxml, the most serious of which may lead to an unexpected application termination or arbitrary code execution. These issues were addressed by applying the relevant upstream patches.", "id": "CVE-2011-2834", "impact": "Viewing a maliciously crafted web page may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5281", "http://support.apple.com/en-us/HT5503", "http://support.apple.com/en-us/HT5504" ], "module": "libxml", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Jordi Chancel", "description": "A state management issue existed in the handling of session history. Navigations to a fragment on the current page may cause Safari to display incorrect information in the URL bar. This issue was addressed through improved session state tracking.", "id": "CVE-2011-2845", "impact": "A maliciously crafted website may be able to spoof the value in the URL bar", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Arthur Gerkis, miaubiz", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-2846", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "miaubiz, Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-2847", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-2854", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Arthur Gerkis, wushi of team509 working with iDefense VCP", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-2855", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "miaubiz", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-2857", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-2860", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later" ], "credit": "Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-2866", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Dirk Schulze", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-2867", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-2868", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Cris Neckar of Google Chrome Security Team using AddressSanitizer", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-2869", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-2870", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-2871", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Abhishek Arya (Inferno) and Cris Neckar of Google Chrome Security Team using AddressSanitizer", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-2872", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-2873", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "miaubiz", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-2877", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2", "OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3" ], "credit": "Tomas Hoger of Red Hat", "description": "A buffer overflow existed in libXfont's handling of LZW-compressed data. This issue is addressed by updating libXfont to version 1.4.4.", "id": "CVE-2011-2895", "impact": "Applications that use libXfont to process LZW-compressed data may be vulnerable to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5130", "http://support.apple.com/en-us/HT5281" ], "module": "X11", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2" ], "credit": "", "description": "A cross-site scripting vulnerability existed in the handling of mail messages. This issue is addressed by updating Roundcube Webmail to version 0.6. This issue does not affect systems prior to OS X Lion. Further information is available via the Roundcube site at", "id": "CVE-2011-2937", "impact": "Viewing a maliciously crafted e-mail message may lead to the disclosure of message content", "links": [ "http://support.apple.com/en-us/HT5130" ], "module": "Webmail", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "miaubiz", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2011-3016", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Arthur Gerkis", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2011-3021", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "J\u00fcri Aedla", "description": "Multiple memory corruption issues existed in libpng's handling of PNG images. These issues were addressed through improved validation of PNG images. These issues do not affect OS X Mountain Lion systems.", "id": "CVE-2011-3026", "impact": "Viewing a maliciously crafted PNG image may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5501", "http://support.apple.com/en-us/HT5503", "http://support.apple.com/en-us/HT5504" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "miaubiz", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2011-3027", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Arthur Gerkis", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2011-3032", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Arthur Gerkis", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2011-3034", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "wushi of team509 working with iDefense VCP, Arthur Gerkis", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2011-3035", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "miaubiz", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2011-3036", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "miaubiz", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2011-3037", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "miaubiz", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2011-3038", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "miaubiz", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2011-3039", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "miaubiz", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2011-3040", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "miaubiz", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2011-3041", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "miaubiz", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2011-3042", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "miaubiz", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2011-3043", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Arthur Gerkis", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2011-3044", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.4, OS X Lion Server v10.7.4, Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Sergey Glazunov working with Google's Pwnium contest", "description": "Multiple cross-site scripting issues existed in WebKit.", "id": "CVE-2011-3046", "impact": "Visiting a maliciously crafted website may lead to a cross-site scripting attack", "links": [ "http://support.apple.com/en-us/HT5278", "http://support.apple.com/en-us/HT5282" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "", "description": "Multiple memory corruption issues existed in libpng's handling of PNG images. These issues were addressed through improved validation of PNG images. These issues do not affect OS X Mountain Lion systems.", "id": "CVE-2011-3048", "impact": "Viewing a maliciously crafted PNG image may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5501", "http://support.apple.com/en-us/HT5503", "http://support.apple.com/en-us/HT5504" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "miaubiz", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2011-3050", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "miaubiz", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2011-3053", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.4, OS X Lion Server v10.7.4, Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Sergey Glazunov", "description": "Multiple cross-site scripting issues existed in WebKit.", "id": "CVE-2011-3056", "impact": "Visiting a maliciously crafted website may lead to a cross-site scripting attack", "links": [ "http://support.apple.com/en-us/HT5278", "http://support.apple.com/en-us/HT5282" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Arthur Gerkis", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2011-3059", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "miaubiz", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2011-3060", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Atte Kettunen of OUSPG", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2011-3064", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Sergey Glazunov", "description": "A cross-origin issue existed in the handling of iframes in popup windows. This issue was addressed through improved origin tracking.", "id": "CVE-2011-3067", "impact": "A malicious website may be able to replace the contents of an iframe on another site", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "miaubiz", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2011-3068", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "miaubiz", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2011-3069", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "pa_kt working with HP's Zero Day Initiative", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2011-3071", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Arthur Gerkis", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2011-3073", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Slawomir Blazek", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2011-3074", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "miaubiz", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2011-3075", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "miaubiz", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2011-3076", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Martin Barbella of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2011-3078", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "miaubiz", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2011-3081", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Arthur Gerkis", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2011-3086", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Skylined of the Google Chrome Security Team, miaubiz", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2011-3089", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Arthur Gerkis", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2011-3090", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "miaubiz", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2011-3105", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2" ], "credit": "", "description": "PHP is updated to version 5.3.8 to address several vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the PHP web site at", "id": "CVE-2011-3182", "impact": "Multiple vulnerabilities in PHP 5.3.6", "links": [ "http://support.apple.com/en-us/HT5130" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2" ], "credit": "", "description": "PHP is updated to version 5.3.8 to address several vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the PHP web site at", "id": "CVE-2011-3189", "impact": "Multiple vulnerabilities in PHP 5.3.6", "links": [ "http://support.apple.com/en-us/HT5130" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3" ], "credit": "Felix Groebert of Google Security Team", "description": "An issue in the kernel's handling of the sleep image used for hibernation left some data unencrypted on disk even when FileVault was enabled. This issue is addressed through improved handling of the sleep image, and by overwriting the existing sleep image when updating to OS X v10.7.4. This issue does not affect systems prior to OS X Lion.", "id": "CVE-2011-3212", "impact": "When FileVault is used, the disk may contain unencrypted user data", "links": [ "http://support.apple.com/en-us/HT5281" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2" ], "credit": "Erling Ellingsen of Facebook", "description": "An issue existed in CFNetwork's handling of malformed URLs. When accessing a maliciously crafted URL, CFNetwork could send the request to an incorrect origin server. This issue does not affect systems prior to OS X Lion.", "id": "CVE-2011-3246", "impact": "Visiting a maliciously crafted website may lead to the disclosure of sensitive information", "links": [ "http://support.apple.com/en-us/HT5130" ], "module": "CFNetwork", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2" ], "credit": "Luigi Auriemma working with TippingPoint's Zero Day Initiative", "description": "A signedness issue existed in the handling of font tables embedded in QuickTime movie files.", "id": "CVE-2011-3248", "impact": "Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5130" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2" ], "credit": "Matt 'j00ru' Jurczyk working with TippingPoint's Zero Day Initiative", "description": "A buffer overflow existed in the handling of FLC encoded movie files", "id": "CVE-2011-3249", "impact": "Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5130" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2" ], "credit": "Luigi Auriemma working with TippingPoint's Zero Day Initiative", "description": "A buffer overflow existed in the handling of JPEG2000 files.", "id": "CVE-2011-3250", "impact": "Viewing a maliciously crafted JPEG2000 image file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5130" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8" ], "credit": "Luigi Auriemma working with TippingPoint's Zero Day Initiative", "description": "A buffer overflow existed in the handling of AAC encoded audio streams. This issue does not affect OS X Lion systems.", "id": "CVE-2011-3252", "impact": "Playing maliciously crafted audio content may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5130" ], "module": "CoreAudio", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2", "OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2" ], "credit": "Apple", "description": "A memory corruption issue existed in FreeType's handling of Type 1 fonts. This issue is addressed by updating FreeType to version 2.4.7. Further information is available via the FreeType site at http://www.freetype.org/", "id": "CVE-2011-3256", "impact": "Viewing a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5130" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2" ], "credit": "", "description": "PHP is updated to version 5.3.8 to address several vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the PHP web site at", "id": "CVE-2011-3267", "impact": "Multiple vulnerabilities in PHP 5.3.6", "links": [ "http://support.apple.com/en-us/HT5130" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2" ], "credit": "", "description": "PHP is updated to version 5.3.8 to address several vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the PHP web site at", "id": "CVE-2011-3268", "impact": "Multiple vulnerabilities in PHP 5.3.6", "links": [ "http://support.apple.com/en-us/HT5130" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "Mac OS X 10.6.8, Mac OS X Server 10.6.8", "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2", "OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "", "description": "Multiple memory corruption issues existed in libpng's handling of PNG images. These issues were addressed through improved validation of PNG images.", "id": "CVE-2011-3328", "impact": "Viewing a maliciously crafted PNG image may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5130", "http://support.apple.com/en-us/HT5281", "http://support.apple.com/en-us/HT5503", "http://support.apple.com/en-us/HT5504" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2" ], "credit": "", "description": "Apache is updated to version 2.2.21 to address several vulnerabilities, the most serious of which may lead to a denial of service. Further information is available via the Apache web site at", "id": "CVE-2011-3348", "impact": "Multiple vulnerabilities in Apache", "links": [ "http://support.apple.com/en-us/HT5130" ], "module": "Apache", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4" ], "credit": "", "description": "Apache is updated to version 2.2.22 to address several vulnerabilities, the most serious of which may lead to a denial of service. Further information is available via the Apache web site at", "id": "CVE-2011-3368", "impact": "Multiple vulnerabilities in Apache", "links": [ "http://support.apple.com/en-us/HT5501" ], "module": "Apache", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3", "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2", "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4", "OS X Lion v10.7.4 and later" ], "credit": "", "description": "There are known attacks on the confidentiality of SSL 3.0 and TLS 1.0 when a cipher suite uses a block cipher in CBC mode. The Ruby OpenSSL module disabled the 'empty fragment' countermeasure which prevented these attacks. This issue was addressed by enabling empty fragments. This issue does not affect OS X Mountain Lion systems.", "id": "CVE-2011-3389", "impact": "An attacker may be able to decrypt data protected by SSL", "links": [ "http://support.apple.com/en-us/HT5130", "http://support.apple.com/en-us/HT5281", "http://support.apple.com/en-us/HT5416", "http://support.apple.com/en-us/HT5501" ], "module": "Ruby", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2" ], "credit": "Alastair Houghton", "description": "The certificate code trusted a root certificate to sign EV certificates if it was on the list of known EV issuers, even if the user had marked it as 'Never Trust' in Keychain. The root would not be trusted to sign non-EV certificates.", "id": "CVE-2011-3422", "impact": "Some EV certificates may be trusted even if the corresponding root has been marked as untrusted", "links": [ "http://support.apple.com/en-us/HT5130" ], "module": "libsecurity", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4" ], "credit": "Mickey Shkatov of laplinker.com, Kyle Osborn, Hidetake Jo at Microsoft and Microsoft Vulnerability Research (MSVR)", "description": "An issue existed in Safari's support for the 'attachment' value for the HTTP Content-Disposition header. This header is used by many websites to serve files that were uploaded to the site by a third-party, such as attachments in web-based e-mail applications. Any script in files served with this header value would run as if the file had been served inline, with full access to other resources on the origin server. This issue is addressed by downloading resources served with this header, rather than displaying them inline.", "id": "CVE-2011-3426", "impact": "Opening maliciously crafted files on certain websites may lead to a cross-site scripting attack", "links": [ "http://support.apple.com/en-us/HT5400" ], "module": "Safari Downloads", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2" ], "credit": "Erling Ellingsen of Facebook", "description": "An issue existed in Libinfo's handling of hostname lookup requests. Libinfo could return incorrect results for a maliciously crafted hostname. This issue does not affect systems prior to OS X Lion.", "id": "CVE-2011-3441", "impact": "Visiting a maliciously crafted website may lead to the disclosure of sensitive information", "links": [ "http://support.apple.com/en-us/HT5130" ], "module": "Libinfo", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2" ], "credit": "Bernard Desruisseaux of Oracle Corporation", "description": "Address Book supports Secure Sockets Layer (SSL) for accessing CardDAV. A downgrade issue caused Address Book to attempt an unencrypted connection if an encrypted connection failed. An attacker in a privileged network position could abuse this behavior to intercept CardDAV data. This issue is addressed by not downgrading to an unencrypted connection without user approval.", "id": "CVE-2011-3444", "impact": "An attacker in a privileged network position may intercept CardDAV data", "links": [ "http://support.apple.com/en-us/HT5130" ], "module": "Address Book", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2" ], "credit": "Will Dormann of the CERT/CC", "description": "A memory management issue existed in ATS' handling of data-font files when opened by Font Book.", "id": "CVE-2011-3446", "impact": "Opening a maliciously crafted font in Font Book may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5130" ], "module": "ATS", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2" ], "credit": "Erling Ellingsen of Facebook", "description": "An issue existed in CFNetwork's handling of malformed URLs. When accessing a maliciously crafted URL, CFNetwork could send unexpected request headers. This issue does not affect systems prior to OS X Lion.", "id": "CVE-2011-3447", "impact": "Visiting a maliciously crafted website may lead to the disclosure of sensitive information", "links": [ "http://support.apple.com/en-us/HT5130" ], "module": "CFNetwork", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2" ], "credit": "Scott Stender of iSEC Partners", "description": "A heap buffer overflow existed in CoreMedia's handling of H.264 encoded movie files.", "id": "CVE-2011-3448", "impact": "Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5130" ], "module": "CoreMedia", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2" ], "credit": "Will Dormann of the CERT/CC", "description": "A use after free issue existed in the handling of font files.", "id": "CVE-2011-3449", "impact": "Viewing or downloading a document containing a maliciously crafted embedded font may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5130" ], "module": "CoreText", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2" ], "credit": "Ben Syverson", "description": "An unbounded stack allocation issue existed in the handling of long URLs. This issue does not affect systems prior to OS X Lion.", "id": "CVE-2011-3450", "impact": "Visiting a malicious website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5130" ], "module": "CoreUI", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2" ], "credit": "an anonymous researcher", "description": "After updating to a version of OS X Lion prior to 10.7.3, the Wi-Fi configuration used by Internet Sharing may revert to factory defaults, which disables the WEP password. This issue only affects systems with Internet Sharing enabled and sharing the connection to Wi-Fi. This issue is addressed by preserving the Wi-Fi configuration during a system update.", "id": "CVE-2011-3452", "impact": "A Wi-Fi network created by Internet Sharing may lose security settings after a system update", "links": [ "http://support.apple.com/en-us/HT5130" ], "module": "Internet Sharing", "rsr": "", "update": "" }, { "available": [ "Apple TV (2nd generation)", "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Ilja van Sprundel of IOActive", "description": "An integer overflow existed in the handling of DNS resource records, which may lead to heap memory corruption.", "id": "CVE-2011-3453", "impact": "Applications that use the libresolv library may be vulnerable to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5130", "http://support.apple.com/en-us/HT5192", "http://support.apple.com/en-us/HT5193" ], "module": "libresolv", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Chris Evans of the Google Chrome Security Team, and Marc Schoenefeld of the Red Hat Security Response Team", "description": "Multiple memory corruption issues existed in the handling of GLSL compilation. These issues were addressed through improved validation of GLSL shaders.", "id": "CVE-2011-3457", "impact": "Applications that use OS X's OpenGL implementation may be vulnerable to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5130", "http://support.apple.com/en-us/HT5503" ], "module": "OpenGL", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2", "Windows 7, Vista, XP SP2 or later" ], "credit": "Luigi Auriemma and pa_kt both working with HP's Zero Day Initiative", "description": "An uninitialized memory access issue existed in the handling of MP4 encoded files. For OS X Lion systems, this issue is addressed in OS X Lion v10.7.3. For Mac OS X v10.6 systems, this issue is addressed in Security Update 2012-001.", "id": "CVE-2011-3458", "impact": "Opening a maliciously crafted MP4 encoded file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5130", "http://support.apple.com/en-us/HT5261" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2", "Windows 7, Vista, XP SP2 or later" ], "credit": "Luigi Auriemma working with HP's Zero Day Initiative", "description": "An off by one buffer overflow existed in the handling of rdrf atoms in QuickTime movie files. For OS X Lion systems, this issue is addressed in OS X Lion v10.7.3. For Mac OS X v10.6 systems, this issue is addressed in Security Update 2012-001.", "id": "CVE-2011-3459", "impact": "Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5130", "http://support.apple.com/en-us/HT5261" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2", "Windows 7, Vista, XP SP2 or later" ], "credit": "Luigi Auriemma working with HP's Zero Day Initiative", "description": "A buffer overflow existed in the handling of PNG files. For OS X Lion systems, this issue is addressed in OS X Lion v10.7.3. For Mac OS X v10.6 systems, this issue is addressed in Security Update 2012-001.", "id": "CVE-2011-3460", "impact": "Processing a maliciously crafted PNG image may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5130", "http://support.apple.com/en-us/HT5261" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2" ], "credit": "Michael Roitzsch of the Technische Universit\u00e4t Dresden", "description": "The user may designate a remote AFP volume or Time Capsule to be used for Time Machine backups. Time Machine did not verify that the same device was being used for subsequent backup operations. An attacker who is able to spoof the remote volume could gain access to new backups created by the user's system. This issue is addressed by verifying the unique identifier associated with a disk for backup operations.", "id": "CVE-2011-3462", "impact": "A remote attacker may access new backups created by the user's system", "links": [ "http://support.apple.com/en-us/HT5130" ], "module": "Time Machine", "rsr": "", "update": "" }, { "available": [ "OS X Lion Server v10.7 to v10.7.2" ], "credit": "Gordon Davisson of Crywolf", "description": "An issue existed in WebDAV Sharing's handling of user authentication. A user with a valid account on the server or one of its bound directories could cause the execution of arbitrary code with system privileges. This issue does not affect systems prior to OS X Lion.", "id": "CVE-2011-3463", "impact": "Local users may obtain system privileges", "links": [ "http://support.apple.com/en-us/HT5130" ], "module": "WebDAV Sharing", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, Lion Server v10.7.3" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_29, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_31. Further information is available via the Java website at", "id": "CVE-2011-3563", "impact": "Multiple vulnerabilities in Java 1.6.0_29", "links": [ "http://support.apple.com/en-us/HT5228" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4" ], "credit": "", "description": "Apache is updated to version 2.2.22 to address several vulnerabilities, the most serious of which may lead to a denial of service. Further information is available via the Apache web site at", "id": "CVE-2011-3607", "impact": "Multiple vulnerabilities in Apache", "links": [ "http://support.apple.com/en-us/HT5501" ], "module": "Apache", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Sergey Glazunov", "description": "Multiple cross-site scripting issues existed in WebKit", "id": "CVE-2011-3881", "impact": "Visiting a maliciously crafted website may lead to a cross-site scripting attack", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "miaubiz", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-3885", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Sergey Glazunov", "description": "A cross-origin issue existed in WebKit, which may allow cookies to be disclosed across origins.", "id": "CVE-2011-3887", "impact": "Visiting a maliciously crafted website may lead to the disclosure of cookies", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "miaubiz", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-3888", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "pa_kt working with TippingPoint's Zero Day Initiative", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-3897", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Aki Helin of OUSPG", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-3908", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Google Chrome Security Team (scarybeasts) and Chu", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-3909", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Arthur Gerkis", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2011-3913", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "J\u00fcri Aedla", "description": "Multiple vulnerabilities existed in libxml, the most serious of which may lead to an unexpected application termination or arbitrary code execution. These issues were addressed by applying the relevant upstream patches.", "id": "CVE-2011-3919", "impact": "Viewing a maliciously crafted web page may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5281", "http://support.apple.com/en-us/HT5503", "http://support.apple.com/en-us/HT5504" ], "module": "libxml", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Arthur Gerkis", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2011-3924", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Arthur Gerkis", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2011-3926", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "wushi of team509 working with TippingPoint's Zero Day Initiative", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2011-3928", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "miaubiz", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2011-3958", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Aki Helin of OUSPG", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2011-3966", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Arthur Gerkis", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2011-3968", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Arthur Gerkis", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2011-3969", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Arthur Gerkis", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2011-3971", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4" ], "credit": "", "description": "A reachable assertion issue existed in the handling of DNS records. This issue was addressed by updating to BIND 9.7.6-P1. This issue does not affect OS X Mountain Lion systems.", "id": "CVE-2011-4313", "impact": "A remote attacker may be able to cause a denial of service in systems configured to run BIND as a DNS nameserver", "links": [ "http://support.apple.com/en-us/HT5501" ], "module": "BIND", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4" ], "credit": "", "description": "Apache is updated to version 2.2.22 to address several vulnerabilities, the most serious of which may lead to a denial of service. Further information is available via the Apache web site at", "id": "CVE-2011-4317", "impact": "Multiple vulnerabilities in Apache", "links": [ "http://support.apple.com/en-us/HT5501" ], "module": "Apache", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3" ], "credit": "", "description": "PHP is updated to version 5.3.10 to address several vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the PHP web site at", "id": "CVE-2011-4566", "impact": "Multiple vulnerabilities in PHP", "links": [ "http://support.apple.com/en-us/HT5281" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "", "description": "A stack buffer overflow existed in the handling of ICU locale IDs. This issue was addressed through improved bounds checking. This issue does not affect OS X Mountain Lion systems.", "id": "CVE-2011-4599", "impact": "Applications that use ICU may be vulnerable to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5501", "http://support.apple.com/en-us/HT5503", "http://support.apple.com/en-us/HT5504" ], "module": "International Components for Unicode", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3" ], "credit": "", "description": "Ruby is updated to 1.8.7-p357 to address multiple vulnerabilities.", "id": "CVE-2011-4815", "impact": "Multiple vulnerabilities in Ruby", "links": [ "http://support.apple.com/en-us/HT5281" ], "module": "Ruby", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3" ], "credit": "", "description": "PHP is updated to version 5.3.10 to address several vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the PHP web site at", "id": "CVE-2011-4885", "impact": "Multiple vulnerabilities in PHP", "links": [ "http://support.apple.com/en-us/HT5281" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, Lion Server v10.7.3" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_29, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_31. Further information is available via the Java website at", "id": "CVE-2011-5035", "impact": "Multiple vulnerabilities in Java 1.6.0_29", "links": [ "http://support.apple.com/en-us/HT5228" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4" ], "credit": "", "description": "Apache is updated to version 2.2.22 to address several vulnerabilities, the most serious of which may lead to a denial of service. Further information is available via the Apache web site at", "id": "CVE-2012-0021", "impact": "Multiple vulnerabilities in Apache", "links": [ "http://support.apple.com/en-us/HT5501" ], "module": "Apache", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4" ], "credit": "", "description": "Apache is updated to version 2.2.22 to address several vulnerabilities, the most serious of which may lead to a denial of service. Further information is available via the Apache web site at", "id": "CVE-2012-0031", "impact": "Multiple vulnerabilities in Apache", "links": [ "http://support.apple.com/en-us/HT5501" ], "module": "Apache", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3" ], "credit": "", "description": "A data injection issue existed in curl's handling of URLs. This issue is addressed through improved validation of URLs. This issue does not affect systems prior to OS X Lion.", "id": "CVE-2012-0036", "impact": "Using curl or libcurl with a maliciously crafted URL may lead to protocol-specific data injection attacks", "links": [ "http://support.apple.com/en-us/HT5281" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4" ], "credit": "", "description": "Apache is updated to version 2.2.22 to address several vulnerabilities, the most serious of which may lead to a denial of service. Further information is available via the Apache web site at", "id": "CVE-2012-0053", "impact": "Multiple vulnerabilities in Apache", "links": [ "http://support.apple.com/en-us/HT5501" ], "module": "Apache", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later" ], "credit": "Tielei Wang of Georgia Tech Information Security Center via Secunia SVCRP", "description": "A stack buffer overflow existed in QuickTime's handling of file paths. This issue does not affect OS X systems.", "id": "CVE-2012-0265", "impact": "Opening a file in a maliciously crafted path may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5261" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, Lion Server v10.7.3" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_29, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_31. Further information is available via the Java website at", "id": "CVE-2012-0497", "impact": "Multiple vulnerabilities in Java 1.6.0_29", "links": [ "http://support.apple.com/en-us/HT5228" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, Lion Server v10.7.3" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_29, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_31. Further information is available via the Java website at", "id": "CVE-2012-0498", "impact": "Multiple vulnerabilities in Java 1.6.0_29", "links": [ "http://support.apple.com/en-us/HT5228" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, Lion Server v10.7.3" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_29, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_31. Further information is available via the Java website at", "id": "CVE-2012-0499", "impact": "Multiple vulnerabilities in Java 1.6.0_29", "links": [ "http://support.apple.com/en-us/HT5228" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, Lion Server v10.7.3" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_29, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_31. Further information is available via the Java website at", "id": "CVE-2012-0500", "impact": "Multiple vulnerabilities in Java 1.6.0_29", "links": [ "http://support.apple.com/en-us/HT5228" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, Lion Server v10.7.3" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_29, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_31. Further information is available via the Java website at", "id": "CVE-2012-0501", "impact": "Multiple vulnerabilities in Java 1.6.0_29", "links": [ "http://support.apple.com/en-us/HT5228" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, Lion Server v10.7.3" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_29, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_31. Further information is available via the Java website at", "id": "CVE-2012-0502", "impact": "Multiple vulnerabilities in Java 1.6.0_29", "links": [ "http://support.apple.com/en-us/HT5228" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, Lion Server v10.7.3" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_29, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_31. Further information is available via the Java website at", "id": "CVE-2012-0503", "impact": "Multiple vulnerabilities in Java 1.6.0_29", "links": [ "http://support.apple.com/en-us/HT5228" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, Lion Server v10.7.3" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_29, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_31. Further information is available via the Java website at", "id": "CVE-2012-0505", "impact": "Multiple vulnerabilities in Java 1.6.0_29", "links": [ "http://support.apple.com/en-us/HT5228" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, Lion Server v10.7.3" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_29, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_31. Further information is available via the Java website at", "id": "CVE-2012-0506", "impact": "Multiple vulnerabilities in Java 1.6.0_29", "links": [ "http://support.apple.com/en-us/HT5228" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, Lion Server v10.7.3" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_29, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_31. Further information is available via the Java website at", "id": "CVE-2012-0507", "impact": "Multiple vulnerabilities in Java 1.6.0_29", "links": [ "http://support.apple.com/en-us/HT5228" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "An opportunity for security-in-depth hardening is addressed by updating to Java version 1.6.0_35. Further information is available via the Java website at", "id": "CVE-2012-0547", "impact": "", "links": [ "http://support.apple.com/en-us/HT5473" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.4, OS X Lion Server v10.7.4" ], "credit": "", "description": "Multiple vulnerabilities exist in Java, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_33. Further information is available via the Java website at", "id": "CVE-2012-0551", "impact": "Multiple vulnerabilities in Java", "links": [ "http://support.apple.com/en-us/HT5319" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later" ], "credit": "Matt Cooley of Symantec", "description": "The International Domain Name (IDN) support in Safari could be used to create a URL which contains look-alike characters. These could be used in a malicious web site to direct the user to a spoofed site that visually appears to be a legitimate domain. This issue is addressed through an improved domain name validity check. This issue does not affect OS X systems.", "id": "CVE-2012-0584", "impact": "Look-alike characters in a URL could be used to masquerade a website", "links": [ "http://support.apple.com/en-us/HT5190" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Eric Melville of American Express", "description": "Safari\u2019s Private Browsing is designed to prevent recording of a browsing session. Pages visited as a result of a site using the JavaScript methods pushState or replaceState were recorded in the browser history even when Private Browsing mode was active. This issue is addressed by not recording such visits when Private Browsing is active.", "id": "CVE-2012-0585", "impact": "Web page visits may be recorded in browser history even when Private Browsing is active", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5192" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Sergey Glazunov", "description": "Multiple cross-site scripting issues existed in WebKit", "id": "CVE-2012-0586", "impact": "Visiting a maliciously crafted website may lead to a cross-site scripting attack", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Sergey Glazunov", "description": "Multiple cross-site scripting issues existed in WebKit", "id": "CVE-2012-0587", "impact": "Visiting a maliciously crafted website may lead to a cross-site scripting attack", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Jochen Eisinger of Google Chrome Team", "description": "Multiple cross-site scripting issues existed in WebKit", "id": "CVE-2012-0588", "impact": "Visiting a maliciously crafted website may lead to a cross-site scripting attack", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Alan Austin of polyvore.com", "description": "Multiple cross-site scripting issues existed in WebKit", "id": "CVE-2012-0589", "impact": "Visiting a maliciously crafted website may lead to a cross-site scripting attack", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Adam Barth of Google Chrome Security Team", "description": "A cross-origin issue existed in WebKit, which may allow content to be dragged and dropped across origins.", "id": "CVE-2012-0590", "impact": "Visiting a maliciously crafted website and dragging content with the mouse may lead to a cross-site scripting attack", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "miaubiz, and Martin Barbella", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2012-0591", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Alexander Gavrun working with TippingPoint's Zero Day Initiative", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2012-0592", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Lei Zhang of the Chromium development community", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2012-0593", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Adam Klein of the Chromium development community", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2012-0594", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2012-0595", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2012-0596", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "miaubiz", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2012-0597", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Sergey Glazunov", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2012-0598", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Dmytro Gorbunov of SaveSources.com", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2012-0599", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Marshall Greenblatt, Dharani Govindan of Google Chrome, miaubiz, Aki Helin of OUSPG", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2012-0600", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2012-0601", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2012-0602", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2012-0603", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2012-0604", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2012-0605", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2012-0606", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2012-0607", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2012-0608", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2012-0609", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "miaubiz, Martin Barbella using AddressSanitizer", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2012-0610", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Martin Barbella using AddressSanitizer", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2012-0611", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2012-0612", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2012-0613", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "miaubiz, Martin Barbella using AddressSanitizer", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2012-0614", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Martin Barbella using AddressSanitizer", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2012-0615", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "miaubiz", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2012-0616", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Martin Barbella using AddressSanitizer", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2012-0617", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2012-0618", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2012-0619", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2012-0620", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Martin Barbella using AddressSanitizer", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2012-0621", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Dave Levin and Abhishek Arya of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2012-0622", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2012-0623", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Martin Barbella using AddressSanitizer", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2012-0624", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Martin Barbella", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2012-0625", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2012-0626", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2012-0627", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Slawomir Blazek, miaubiz, Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2012-0628", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Abhishek Arya (Inferno) of Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2012-0629", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Sergio Villar Senin of Igalia", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2012-0630", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Abhishek Arya (Inferno) of Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2012-0631", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Cris Neckar of the Google Chrome Security Team using AddressSanitizer", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2012-0632", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2012-0633", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later" ], "credit": "wushi of team509 working with TippingPoint's Zero Day Initiative", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2012-0634", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5191" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Julien Chaffraix of the Chromium development community, Martin Barbella using AddressSanitizer", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2012-0635", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191", "http://support.apple.com/en-us/HT5192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later" ], "credit": "Jeremy Apthorp of Google, Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2012-0636", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2012-0637", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later" ], "credit": "Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2012-0638", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later" ], "credit": "Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2012-0639", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later" ], "credit": "nshah", "description": "An issue existed in the enforcement of its cookie policy. Third-party websites could set cookies if the \"Block Cookies\" preference in Safari was set to the default setting of \"From third parties and advertisers\".", "id": "CVE-2012-0640", "impact": "Cookies may be set by third-party sites, even when Safari is configured to block them", "links": [ "http://support.apple.com/en-us/HT5190" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Erling Ellingsen of Facebook", "description": "An issue existed in CFNetwork's handling of malformed URLs. When accessing a maliciously crafted URL, CFNetwork could send unexpected request headers.", "id": "CVE-2012-0641", "impact": "Visiting a maliciously crafted website may lead to the disclosure of sensitive information", "links": [ "http://support.apple.com/en-us/HT5192" ], "module": "CFNetwork", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "pod2g", "description": "An integer underflow existed in the handling of HFS catalog files.", "id": "CVE-2012-0642", "impact": "Mounting a maliciously crafted disk image may lead to a system shutdown or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5192", "http://support.apple.com/en-us/HT5281" ], "module": "HFS", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "iOS Jailbreak Dream Team", "description": "A logic issue existed in the handling of debug system calls. This may allow a malicious program to gain code execution in other programs with the same user privileges. This issue was addressed by disabling handling of addresses in PT_STEP and PT_CONTINUE. This issue does not affect OS X Mountain Lion systems.", "id": "CVE-2012-0643", "impact": "A malicious program could bypass sandbox restrictions", "links": [ "http://support.apple.com/en-us/HT5192", "http://support.apple.com/en-us/HT5501" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Roland Kohler of the German Federal Ministry of Economics and Technology", "description": "A race condition issue existed in the handling of slide to dial gestures. This may allow a person with physical access to the device to bypass the Passcode Lock screen.", "id": "CVE-2012-0644", "impact": "A person with physical access to the device may be able to bypass the screen lock", "links": [ "http://support.apple.com/en-us/HT5192" ], "module": "Passcode Lock", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "", "description": "A design issue existed in Siri\u2019s lock screen restrictions. If Siri was enabled for use on the lock screen, and Mail was open with a message selected behind the lock screen, a voice command could be used to send that message to an arbitrary recipient. This issue is addressed by disabling forwarding of active messages from the lock screen.", "id": "CVE-2012-0645", "impact": "An attacker with physical access to a locked phone could get access to frontmost email message", "links": [ "http://support.apple.com/en-us/HT5192" ], "module": "Siri", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "pod2g", "description": "A format string vulnerability existed in the handling of racoon configuration files.", "id": "CVE-2012-0646", "impact": "A maliciously crafted system configuration file may lead to arbitrary code execution with system privileges", "links": [ "http://support.apple.com/en-us/HT5192" ], "module": "VPN", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later" ], "credit": "an anonymous researcher", "description": "If a site uses HTTP authentication and redirects to another site, the authentication credentials may be sent to the other site.", "id": "CVE-2012-0647", "impact": "HTTP authentication credentials may be inadvertently disclosed to another site", "links": [ "http://support.apple.com/en-us/HT5190" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit.", "id": "CVE-2012-0648", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5190", "http://support.apple.com/en-us/HT5191" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3" ], "credit": "Aaron Sigel of vtty.com", "description": "A temporary file race condition issue existed in blued's initialization routine.", "id": "CVE-2012-0649", "impact": "A local user may be able to execute arbitrary code with system privileges", "links": [ "http://support.apple.com/en-us/HT5281" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8" ], "credit": "aazubel working with HP's Zero Day Initiative", "description": "A buffer overflow existed in the DirectoryService Proxy. This issue was addressed through improved bounds checking. This issue does not affect OS X Lion and Mountain Lion systems.", "id": "CVE-2012-0650", "impact": "If the DirectoryService Proxy is used, a remote attacker may cause a denial of service or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5501" ], "module": "DirectoryService", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8" ], "credit": "Agustin Azubel", "description": "Multiple issues existed in the directory server's handling of messages from the network. By sending a maliciously crafted message, a remote attacker could cause the directory server to disclose memory from its address space, potentially revealing account credentials or other sensitive information. This issue does not affect OS X Lion systems. The Directory Server is disabled by default in non-server installations of OS X.", "id": "CVE-2012-0651", "impact": "A remote attacker may obtain sensitive information", "links": [ "http://support.apple.com/en-us/HT5281" ], "module": "Directory Service", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4", "OS X Lion v10.7.3, OS X Lion Server v10.7.3" ], "credit": "", "description": "The fix for CVE-2012-0652 in OS X Lion 10.7.4 prevented user passwords from being recorded in the system log, but did not remove the old log entries. This issue was addressed by deleting log files that contained passwords. This issue does not affect Mac OS X 10.6 or OS X Mountain Lion systems.", "id": "CVE-2012-0652", "impact": "Remote admins and persons with physical access to the system may obtain account information", "links": [ "http://support.apple.com/en-us/HT5281", "http://support.apple.com/en-us/HT5501" ], "module": "Installer", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3" ], "credit": "Dirk-Willem van Gulik of WebWeaving.org, Guilherme Prado of Conselho da Justi\u00e7a Federal, Ryan Sleevi of Google", "description": "An uninitialized memory access issue existed in the handling of X.509 certificates.", "id": "CVE-2012-0654", "impact": "Verifying a maliciously crafted X.509 certificate, such as when visiting a maliciously crafted website, may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5281" ], "module": "libsecurity", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3" ], "credit": "", "description": "Certificates signed using RSA keys with insecure key lengths were accepted by libsecurity. This issue is addressed by rejecting certificates containing RSA keys less than 1024 bits.", "id": "CVE-2012-0655", "impact": "Support for X.509 certificates with insecure-length RSA keys may expose users to spoofing and information disclosure", "links": [ "http://support.apple.com/en-us/HT5281" ], "module": "libsecurity", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3" ], "credit": "Francisco G\u00f3mez (espectalll123)", "description": "A race condition existed in the handling of Guest user logins. This issue does not affect systems prior to OS X Lion.", "id": "CVE-2012-0656", "impact": "If the Guest user is enabled, a user with physical access to the computer may be able to log in to a user other than the Guest user without entering a password", "links": [ "http://support.apple.com/en-us/HT5281" ], "module": "LoginUIFramework", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3" ], "credit": "Aaron Sigel of vtty.com", "description": "An access control issue existed in Quartz Composer's handling of screen savers. This issue is addressed through improved checking for whether or not the screen is locked.", "id": "CVE-2012-0657", "impact": "A user with physical access to the computer may be able to cause Safari to launch if the screen is locked and the RSS Visualizer screen saver is used", "links": [ "http://support.apple.com/en-us/HT5281" ], "module": "Quartz Composer", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3", "Windows 7, Vista, XP SP2 or later" ], "credit": "Luigi Auriemma working with HP's Zero Day Initiative", "description": "A buffer overflow existed in the handling of audio sample tables. For OS X Lion systems, this issue is addressed in OS X Lion v10.7.4. For Mac OS X v10.6 systems, this issue is addressed in Security Update 2012-002.", "id": "CVE-2012-0658", "impact": "Viewing a maliciously crafted movie file during progressive download may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5261", "http://support.apple.com/en-us/HT5281" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3", "Windows 7, Vista, XP SP2 or later" ], "credit": "An anonymous researcher working with HP's Zero Day Initiative", "description": "An integer overflow existed in the handling of MPEG files. For OS X Lion systems, this issue is addressed in OS X Lion v10.7.4. For Mac OS X v10.6 systems, this issue is addressed in Security Update 2012-002.", "id": "CVE-2012-0659", "impact": "Viewing a maliciously crafted MPEG file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5261", "http://support.apple.com/en-us/HT5281" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3", "Windows 7, Vista, XP SP2 or later" ], "credit": "Justin Kim at Microsoft and Microsoft Vulnerability Research (MSVR)", "description": "An integer underflow existed in QuickTime's handling of audio streams in MPEG files.", "id": "CVE-2012-0660", "impact": "Viewing a maliciously crafted MPEG file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5261", "http://support.apple.com/en-us/HT5281" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3", "Windows 7, Vista, XP SP2 or later" ], "credit": "Damian Put working with HP's Zero Day Initiative", "description": "A use after free issue existed in the handling of JPEG2000 encoded movie files. This issue does not affect systems prior to OS X Lion. For OS X Lion systems, this issue is addressed in OS X Lion v10.7.4.", "id": "CVE-2012-0661", "impact": "Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5261", "http://support.apple.com/en-us/HT5281" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3" ], "credit": "aazubel working with HP's Zero Day Initiative", "description": "An integer overflow existed in the Security framework. Processing untrusted input with the Security framework could result in memory corruption. This issue does not affect 32-bit processes.", "id": "CVE-2012-0662", "impact": "A remote attacker may cause an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5281" ], "module": "Security Framework", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later" ], "credit": "Alexander Gavrun working with HP's Zero Day Initiative", "description": "Multiple stack overflows existed in QuickTime's handling of TeXML files. These issues do not affect OS X systems.", "id": "CVE-2012-0663", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5261" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later" ], "credit": "Alexander Gavrun working with HP's Zero Day Initiative", "description": "A heap overflow existed in QuickTime's handling of text tracks. This issue does not affect OS X systems.", "id": "CVE-2012-0664", "impact": "Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5261" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later" ], "credit": "Luigi Auriemma working with HP's Zero Day Initiative", "description": "A heap buffer overflow existed in the handling of H.264 encoded movie files.", "id": "CVE-2012-0665", "impact": "Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5261" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later" ], "credit": "CHkr_D591 working with HP's Zero Day Initiative", "description": "A stack buffer overflow existed in the QuickTime plugin's handling of QTMovie objects. This issue does not affect OS X systems.", "id": "CVE-2012-0666", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5261" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later" ], "credit": "Alin Rad Pop working with HP's Zero Day Initiative", "description": "A signedness issue existed in the handling of QTVR movie files. This issue does not affect OS X systems.", "id": "CVE-2012-0667", "impact": "Viewing a maliciously crafted QTVR movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5261" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4", "Windows 7, Vista, XP SP2 or later" ], "credit": "Luigi Auriemma working with HP's Zero Day Initiative", "description": "A buffer overflow existed in the handling of RLE encoded movie files. This issue was addressed through improved bounds checking. This issue does not affect OS X Mountain Lion systems.", "id": "CVE-2012-0668", "impact": "Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5261", "http://support.apple.com/en-us/HT5501" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later" ], "credit": "Damian Put working with HP's Zero Day Initiative", "description": "A buffer overflow existed in QuickTime's handling of Sorenson encoded movie files. This issue does not affect OS X systems.", "id": "CVE-2012-0669", "impact": "Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5261" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4", "Windows 7, Vista, XP SP2 or later" ], "credit": "Tom Gallagher (Microsoft) and Paul Bates (Microsoft) working with HP's Zero Day Initiative", "description": "An integer overflow existed in QuickTime's handling of sean atoms. This issue was addressed through improved bounds checking. This issue does not affect OS X Mountain Lion systems.", "id": "CVE-2012-0670", "impact": "Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5261", "http://support.apple.com/en-us/HT5501" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4", "Windows 7, Vista, XP SP2 or later" ], "credit": "Rodrigo Rubira Branco (twitter.com/bsdaemon) from the Qualys Vulnerability & Malware Research Labs (VMRL)", "description": "A memory corruption issue existed in the handling of .pict files. This issue was addressed through improved validation of .pict files. This issue does not affect OS X Mountain Lion systems.", "id": "CVE-2012-0671", "impact": "Viewing a maliciously crafted .pict file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5261", "http://support.apple.com/en-us/HT5501" ], "module": "QuickLook", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.4, OS X Lion Server v10.7.4, Windows 7, Vista, XP SP2 or later", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Adam Barth and Abhishek Arya of the Google Chrome Security Team", "description": "A memory corruption issue existed in WebKit.", "id": "CVE-2012-0672", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5278", "http://support.apple.com/en-us/HT5282", "http://support.apple.com/en-us/HT5318" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "David Vieira-Kurz of MajorSecurity (majorsecurity.net)", "description": "A URL spoofing issue existed in Safari. This could be used in a malicious web site to direct the user to a spoofed site that visually appeared to be a legitimate domain. This issue is addressed through improved URL handling. This issue does not affect OS X systems.", "id": "CVE-2012-0674", "impact": "A maliciously crafted website may be able to spoof the address in the location bar", "links": [ "http://support.apple.com/en-us/HT5278" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3" ], "credit": "Renaud Deraison of Tenable Network Security, Inc.", "description": "The user may designate a Time Capsule or remote AFP volume attached to an AirPort Base Station to be used for Time Machine backups. Beginning with AirPort Base Station and Time Capsule Firmware Update 7.6, Time Capsules and Base Stations support a secure SRP-based authentication mechanism over AFP. However, Time Machine did not require that the SRP-based authentication mechanism was used for subsequent backup operations, even if Time Machine was initially configured or had ever contacted a Time Capsule or Base Station that supported it. An attacker who is able to spoof the remote volume could gain access to user's Time Capsule credentials, although not backup data, sent by the user's system. This issue is addressed by requiring use of the SRP-based authentication mechanism if the backup destination has ever supported it.", "id": "CVE-2012-0675", "impact": "A remote attacker may access a user's Time Machine backup credentials", "links": [ "http://support.apple.com/en-us/HT5281" ], "module": "Time Machine", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.4, OS X Lion Server v10.7.4, Windows 7, Vista, XP SP2 or later" ], "credit": "Andreas \u00c5kre Solberg of UNINETT AS, Aaron Roots of Deakin University ITSD, Tyler Goen", "description": "A state tracking issue existed in WebKit's handling of forms.", "id": "CVE-2012-0676", "impact": "A maliciously crafted website may be able to populate form inputs on another website with arbitrary values", "links": [ "http://support.apple.com/en-us/HT5282" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.5.8 or later, Windows 7, Vista, XP SP2 or later" ], "credit": "Gjoko Krstic of Zero Science Lab", "description": "A heap buffer overflow existed in the handling of .m3u playlists.", "id": "CVE-2012-0677", "impact": "Importing a maliciously crafted .m3u playlist may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5318" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4" ], "credit": "Masato Kinugawa", "description": "A cross-site scripting issue existed in the handling of feed:// URLs. This update removes handling of feed:// URLs.", "id": "CVE-2012-0678", "impact": "Visiting a maliciously crafted website may lead to a cross-site scripting attack", "links": [ "http://support.apple.com/en-us/HT5400" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4" ], "credit": "Aaron Sigel of vtty.com", "description": "An access control issue existed in the handling of feed:// URLs. This update removes handling of feed:// URLs.", "id": "CVE-2012-0679", "impact": "Visiting a maliciously crafted website may cause files from the user's system to be sent to a remote server", "links": [ "http://support.apple.com/en-us/HT5400" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Dan Poltawski of Moodle", "description": "Password input elements with the autocomplete attribute set to \"off\" were being autocompleted. This issue was addressed through improved handling of the autocomplete attribute.", "id": "CVE-2012-0680", "impact": "Passwords may autocomplete even when the site specifies that autocomplete should be disabled", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5503" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "Apple Remote Desktop 3.0 or later" ], "credit": "Mark S. C. Smith studying at Central Connecticut State University", "description": "When connecting to a third-party VNC server with \"Encrypt all network data\" set, data is not encrypted and no warning is produced. This issue is addressed by creating an SSH tunnel for the VNC connection in this configuration, and preventing the connection if the SSH tunnel cannot be created. This issue does not affect Apple Remote Desktop 3.5.1 and earlier.", "id": "CVE-2012-0681", "impact": "Connecting to a third-party VNC server with \"Encrypt all network data\" set may lead to information disclosure", "links": [ "http://support.apple.com/en-us/HT5433", "http://support.apple.com/en-us/HT5462" ], "module": "Apple Remote Desktop", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Apple Product Security", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-0682", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503", "http://support.apple.com/en-us/HT5504" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Dave Mandelin of Mozilla", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-0683", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503", "http://support.apple.com/en-us/HT5504" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3" ], "credit": "", "description": "PHP is updated to version 5.3.10 to address several vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the PHP web site at", "id": "CVE-2012-0830", "impact": "Multiple vulnerabilities in PHP", "links": [ "http://support.apple.com/en-us/HT5281" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4, OS X Mountain Lion v10.8 and v10.8.1" ], "credit": "", "description": ">PHP is updated to version 5.3.15 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the PHP web site at", "id": "CVE-2012-0831", "impact": "Multiple vulnerabilities in PHP", "links": [ "http://support.apple.com/en-us/HT5501" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8" ], "credit": "Andy Davis of NGS Secure", "description": "Multiple buffer overflows existed in Samba's handling of remote procedure calls. By sending a maliciously crafted packet, an unauthenticated remote attacker could cause a denial of service or arbitrary code execution with system privileges. These issues do not affect OS X Lion systems.", "id": "CVE-2012-0870", "impact": "If SMB file sharing is enabled, an unauthenticated remote attacker may cause a denial of service or arbitrary code execution with system privileges", "links": [ "http://support.apple.com/en-us/HT5281" ], "module": "Samba", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "", "description": "Multiple vulnerabilities existed in FreeType, the most serious of which may lead to arbitrary code execution when processing a maliciously crafted font. These issues were addressed by updating FreeType to version 2.4.9. Further information is available via the FreeType site at http://www.freetype.org/", "id": "CVE-2012-1126", "impact": "Multiple vulnerabilities in FreeType", "links": [ "http://support.apple.com/en-us/HT5503" ], "module": "CoreGraphics", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "", "description": "Multiple vulnerabilities existed in FreeType, the most serious of which may lead to arbitrary code execution when processing a maliciously crafted font. These issues were addressed by updating FreeType to version 2.4.9. Further information is available via the FreeType site at http://www.freetype.org/", "id": "CVE-2012-1127", "impact": "Multiple vulnerabilities in FreeType", "links": [ "http://support.apple.com/en-us/HT5503" ], "module": "CoreGraphics", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "", "description": "Multiple vulnerabilities existed in FreeType, the most serious of which may lead to arbitrary code execution when processing a maliciously crafted font. These issues were addressed by updating FreeType to version 2.4.9. Further information is available via the FreeType site at http://www.freetype.org/", "id": "CVE-2012-1128", "impact": "Multiple vulnerabilities in FreeType", "links": [ "http://support.apple.com/en-us/HT5503" ], "module": "CoreGraphics", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "", "description": "Multiple vulnerabilities existed in FreeType, the most serious of which may lead to arbitrary code execution when processing a maliciously crafted font. These issues were addressed by updating FreeType to version 2.4.9. Further information is available via the FreeType site at http://www.freetype.org/", "id": "CVE-2012-1129", "impact": "Multiple vulnerabilities in FreeType", "links": [ "http://support.apple.com/en-us/HT5503" ], "module": "CoreGraphics", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "", "description": "Multiple vulnerabilities existed in FreeType, the most serious of which may lead to arbitrary code execution when processing a maliciously crafted font. These issues were addressed by updating FreeType to version 2.4.9. Further information is available via the FreeType site at http://www.freetype.org/", "id": "CVE-2012-1130", "impact": "Multiple vulnerabilities in FreeType", "links": [ "http://support.apple.com/en-us/HT5503" ], "module": "CoreGraphics", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "", "description": "Multiple vulnerabilities existed in FreeType, the most serious of which may lead to arbitrary code execution when processing a maliciously crafted font. These issues were addressed by updating FreeType to version 2.4.9. Further information is available via the FreeType site at http://www.freetype.org/", "id": "CVE-2012-1131", "impact": "Multiple vulnerabilities in FreeType", "links": [ "http://support.apple.com/en-us/HT5503" ], "module": "CoreGraphics", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "", "description": "Multiple vulnerabilities existed in FreeType, the most serious of which may lead to arbitrary code execution when processing a maliciously crafted font. These issues were addressed by updating FreeType to version 2.4.9. Further information is available via the FreeType site at http://www.freetype.org/", "id": "CVE-2012-1132", "impact": "Multiple vulnerabilities in FreeType", "links": [ "http://support.apple.com/en-us/HT5503" ], "module": "CoreGraphics", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "", "description": "Multiple vulnerabilities existed in FreeType, the most serious of which may lead to arbitrary code execution when processing a maliciously crafted font. These issues were addressed by updating FreeType to version 2.4.9. Further information is available via the FreeType site at http://www.freetype.org/", "id": "CVE-2012-1133", "impact": "Multiple vulnerabilities in FreeType", "links": [ "http://support.apple.com/en-us/HT5503" ], "module": "CoreGraphics", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "", "description": "Multiple vulnerabilities existed in FreeType, the most serious of which may lead to arbitrary code execution when processing a maliciously crafted font. These issues were addressed by updating FreeType to version 2.4.9. Further information is available via the FreeType site at http://www.freetype.org/", "id": "CVE-2012-1134", "impact": "Multiple vulnerabilities in FreeType", "links": [ "http://support.apple.com/en-us/HT5503" ], "module": "CoreGraphics", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "", "description": "Multiple vulnerabilities existed in FreeType, the most serious of which may lead to arbitrary code execution when processing a maliciously crafted font. These issues were addressed by updating FreeType to version 2.4.9. Further information is available via the FreeType site at http://www.freetype.org/", "id": "CVE-2012-1135", "impact": "Multiple vulnerabilities in FreeType", "links": [ "http://support.apple.com/en-us/HT5503" ], "module": "CoreGraphics", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "", "description": "Multiple vulnerabilities existed in FreeType, the most serious of which may lead to arbitrary code execution when processing a maliciously crafted font. These issues were addressed by updating FreeType to version 2.4.9. Further information is available via the FreeType site at http://www.freetype.org/", "id": "CVE-2012-1136", "impact": "Multiple vulnerabilities in FreeType", "links": [ "http://support.apple.com/en-us/HT5503" ], "module": "CoreGraphics", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "", "description": "Multiple vulnerabilities existed in FreeType, the most serious of which may lead to arbitrary code execution when processing a maliciously crafted font. These issues were addressed by updating FreeType to version 2.4.9. Further information is available via the FreeType site at http://www.freetype.org/", "id": "CVE-2012-1137", "impact": "Multiple vulnerabilities in FreeType", "links": [ "http://support.apple.com/en-us/HT5503" ], "module": "CoreGraphics", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "", "description": "Multiple vulnerabilities existed in FreeType, the most serious of which may lead to arbitrary code execution when processing a maliciously crafted font. These issues were addressed by updating FreeType to version 2.4.9. Further information is available via the FreeType site at http://www.freetype.org/", "id": "CVE-2012-1138", "impact": "Multiple vulnerabilities in FreeType", "links": [ "http://support.apple.com/en-us/HT5503" ], "module": "CoreGraphics", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "", "description": "Multiple vulnerabilities existed in FreeType, the most serious of which may lead to arbitrary code execution when processing a maliciously crafted font. These issues were addressed by updating FreeType to version 2.4.9. Further information is available via the FreeType site at http://www.freetype.org/", "id": "CVE-2012-1139", "impact": "Multiple vulnerabilities in FreeType", "links": [ "http://support.apple.com/en-us/HT5503" ], "module": "CoreGraphics", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "", "description": "Multiple vulnerabilities existed in FreeType, the most serious of which may lead to arbitrary code execution when processing a maliciously crafted font. These issues were addressed by updating FreeType to version 2.4.9. Further information is available via the FreeType site at http://www.freetype.org/", "id": "CVE-2012-1140", "impact": "Multiple vulnerabilities in FreeType", "links": [ "http://support.apple.com/en-us/HT5503" ], "module": "CoreGraphics", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "", "description": "Multiple vulnerabilities existed in FreeType, the most serious of which may lead to arbitrary code execution when processing a maliciously crafted font. These issues were addressed by updating FreeType to version 2.4.9. Further information is available via the FreeType site at http://www.freetype.org/", "id": "CVE-2012-1141", "impact": "Multiple vulnerabilities in FreeType", "links": [ "http://support.apple.com/en-us/HT5503" ], "module": "CoreGraphics", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "", "description": "Multiple vulnerabilities existed in FreeType, the most serious of which may lead to arbitrary code execution when processing a maliciously crafted font. These issues were addressed by updating FreeType to version 2.4.9. Further information is available via the FreeType site at http://www.freetype.org/", "id": "CVE-2012-1142", "impact": "Multiple vulnerabilities in FreeType", "links": [ "http://support.apple.com/en-us/HT5503" ], "module": "CoreGraphics", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "", "description": "Multiple vulnerabilities existed in FreeType, the most serious of which may lead to arbitrary code execution when processing a maliciously crafted font. These issues were addressed by updating FreeType to version 2.4.9. Further information is available via the FreeType site at http://www.freetype.org/", "id": "CVE-2012-1143", "impact": "Multiple vulnerabilities in FreeType", "links": [ "http://support.apple.com/en-us/HT5503" ], "module": "CoreGraphics", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "", "description": "Multiple vulnerabilities existed in FreeType, the most serious of which may lead to arbitrary code execution when processing a maliciously crafted font. These issues were addressed by updating FreeType to version 2.4.9. Further information is available via the FreeType site at http://www.freetype.org/", "id": "CVE-2012-1144", "impact": "Multiple vulnerabilities in FreeType", "links": [ "http://support.apple.com/en-us/HT5503" ], "module": "CoreGraphics", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4, OS X Mountain Lion v10.8 and v10.8.1" ], "credit": "", "description": ">PHP is updated to version 5.3.15 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the PHP web site at", "id": "CVE-2012-1172", "impact": "Multiple vulnerabilities in PHP", "links": [ "http://support.apple.com/en-us/HT5501" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Alexander Gavrun working with HP's Zero Day Initiative", "description": "An integer overflow issue existed in libTIFF's handling of TIFF images. This issue was addressed through improved validation of TIFF images. This issue does not affect OS X Mountain Lion systems.", "id": "CVE-2012-1173", "impact": "Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5501", "http://support.apple.com/en-us/HT5503", "http://support.apple.com/en-us/HT5504" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8" ], "credit": "An anonymous researcher working with HP's Zero Day Initiative", "description": "Multiple buffer overflows existed in Samba's handling of remote procedure calls. By sending a maliciously crafted packet, an unauthenticated remote attacker could cause a denial of service or arbitrary code execution with system privileges. These issues do not affect OS X Lion systems.", "id": "CVE-2012-1182", "impact": "If SMB file sharing is enabled, an unauthenticated remote attacker may cause a denial of service or arbitrary code execution with system privileges", "links": [ "http://support.apple.com/en-us/HT5281" ], "module": "Samba", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Martin Barbella of the Google Chrome Security Team using AddressSanitizer, Jose A. Vazquez of spa-s3c.blogspot.com working with iDefense VCP", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-1520", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Skylined of the Google Chrome Security Team, Jose A. Vazquez of spa-s3c.blogspot.com working with iDefense VCP", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-1521", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_35, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_37. Further information is available via the Java website at", "id": "CVE-2012-1531", "impact": "Multiple vulnerabilities in Java 1.6.0_35", "links": [ "http://support.apple.com/en-us/HT5549" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_35, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_37. Further information is available via the Java website at", "id": "CVE-2012-1532", "impact": "Multiple vulnerabilities in Java 1.6.0_35", "links": [ "http://support.apple.com/en-us/HT5549" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_35, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_37. Further information is available via the Java website at", "id": "CVE-2012-1533", "impact": "Multiple vulnerabilities in Java 1.6.0_35", "links": [ "http://support.apple.com/en-us/HT5549" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4, OS X Mountain Lion v10.8 and v10.8.1" ], "credit": "", "description": "A memory management issue existed in the handling of DNS records. This issue was addressed by updating to BIND 9.7.6-P1 on OS X Lion systems, and BIND 9.8.3-P1 on OS X Mountain Lion systems.", "id": "CVE-2012-1667", "impact": "A remote attacker may be able to cause a denial of service, data corruption, or obtain sensitive information from process memory in systems configured to run BIND as a DNS nameserver", "links": [ "http://support.apple.com/en-us/HT5501" ], "module": "BIND", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.4, OS X Lion Server v10.7.4" ], "credit": "", "description": "Multiple vulnerabilities exist in Java, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_33. Further information is available via the Java website at", "id": "CVE-2012-1711", "impact": "Multiple vulnerabilities in Java", "links": [ "http://support.apple.com/en-us/HT5319" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.4, OS X Lion Server v10.7.4" ], "credit": "", "description": "Multiple vulnerabilities exist in Java, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_33. Further information is available via the Java website at", "id": "CVE-2012-1713", "impact": "Multiple vulnerabilities in Java", "links": [ "http://support.apple.com/en-us/HT5319" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.4, OS X Lion Server v10.7.4" ], "credit": "", "description": "Multiple vulnerabilities exist in Java, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_33. Further information is available via the Java website at", "id": "CVE-2012-1716", "impact": "Multiple vulnerabilities in Java", "links": [ "http://support.apple.com/en-us/HT5319" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.4, OS X Lion Server v10.7.4" ], "credit": "", "description": "Multiple vulnerabilities exist in Java, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_33. Further information is available via the Java website at", "id": "CVE-2012-1718", "impact": "Multiple vulnerabilities in Java", "links": [ "http://support.apple.com/en-us/HT5319" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.4, OS X Lion Server v10.7.4" ], "credit": "", "description": "Multiple vulnerabilities exist in Java, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_33. Further information is available via the Java website at", "id": "CVE-2012-1719", "impact": "Multiple vulnerabilities in Java", "links": [ "http://support.apple.com/en-us/HT5319" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.4, OS X Lion Server v10.7.4" ], "credit": "", "description": "Multiple vulnerabilities exist in Java, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_33. Further information is available via the Java website at", "id": "CVE-2012-1721", "impact": "Multiple vulnerabilities in Java", "links": [ "http://support.apple.com/en-us/HT5319" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.4, OS X Lion Server v10.7.4" ], "credit": "", "description": "Multiple vulnerabilities exist in Java, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_33. Further information is available via the Java website at", "id": "CVE-2012-1722", "impact": "Multiple vulnerabilities in Java", "links": [ "http://support.apple.com/en-us/HT5319" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.4, OS X Lion Server v10.7.4" ], "credit": "", "description": "Multiple vulnerabilities exist in Java, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_33. Further information is available via the Java website at", "id": "CVE-2012-1723", "impact": "Multiple vulnerabilities in Java", "links": [ "http://support.apple.com/en-us/HT5319" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.4, OS X Lion Server v10.7.4" ], "credit": "", "description": "Multiple vulnerabilities exist in Java, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_33. Further information is available via the Java website at", "id": "CVE-2012-1724", "impact": "Multiple vulnerabilities in Java", "links": [ "http://support.apple.com/en-us/HT5319" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.4, OS X Lion Server v10.7.4" ], "credit": "", "description": "Multiple vulnerabilities exist in Java, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_33. Further information is available via the Java website at", "id": "CVE-2012-1725", "impact": "Multiple vulnerabilities in Java", "links": [ "http://support.apple.com/en-us/HT5319" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4, OS X Mountain Lion v10.8 and v10.8.1" ], "credit": "", "description": ">PHP is updated to version 5.3.15 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the PHP web site at", "id": "CVE-2012-1823", "impact": "Multiple vulnerabilities in PHP", "links": [ "http://support.apple.com/en-us/HT5501" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4, OS X Mountain Lion v10.8 and v10.8.1" ], "credit": "", "description": ">PHP is updated to version 5.3.15 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the PHP web site at", "id": "CVE-2012-2143", "impact": "Multiple vulnerabilities in PHP", "links": [ "http://support.apple.com/en-us/HT5501" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4, OS X Mountain Lion v10.8 and v10.8.1" ], "credit": "", "description": ">PHP is updated to version 5.3.15 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the PHP web site at", "id": "CVE-2012-2311", "impact": "Multiple vulnerabilities in PHP", "links": [ "http://support.apple.com/en-us/HT5501" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4, OS X Mountain Lion v10.8 and v10.8.1" ], "credit": "", "description": ">PHP is updated to version 5.3.15 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the PHP web site at", "id": "CVE-2012-2386", "impact": "Multiple vulnerabilities in PHP", "links": [ "http://support.apple.com/en-us/HT5501" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4, OS X Mountain Lion v10.8 and v10.8.1" ], "credit": "", "description": ">PHP is updated to version 5.3.15 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the PHP web site at", "id": "CVE-2012-2688", "impact": "Multiple vulnerabilities in PHP", "links": [ "http://support.apple.com/en-us/HT5501" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Elie Bursztein, Baptiste Gourdin, Gustav Rydstedt, and Dan Boneh of the Stanford University Security Laboratory", "description": "A cross-origin issue existed in the handling of iframes and fragment identifiers. This issue was addressed through improved origin tracking.", "id": "CVE-2012-2815", "impact": "Visiting a maliciously crafted website may lead to a cross-site disclosure of information", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later" ], "credit": "miaubiz", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-2817", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "miaubiz", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-2818", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later" ], "credit": "miaubiz", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-2829", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later" ], "credit": "miaubiz", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-2831", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later" ], "credit": "miaubiz", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-2842", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later" ], "credit": "miaubiz", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-2843", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_35, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_37. Further information is available via the Java website at", "id": "CVE-2012-3143", "impact": "Multiple vulnerabilities in Java 1.6.0_35", "links": [ "http://support.apple.com/en-us/HT5549" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_35, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_37. Further information is available via the Java website at", "id": "CVE-2012-3159", "impact": "Multiple vulnerabilities in Java 1.6.0_35", "links": [ "http://support.apple.com/en-us/HT5549" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_35, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_37. Further information is available via the Java website at", "id": "CVE-2012-3216", "impact": "Multiple vulnerabilities in Java 1.6.0_35", "links": [ "http://support.apple.com/en-us/HT5549" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "PostgreSQL is updated to version 9.1.5 to address multiple vulnerabilities, the most serious of which may allow database users to read files from the file system with the privileges of the database server role account. Further information is available via the PostgreSQL web site at", "id": "CVE-2012-3488", "impact": "Multiple vulnerabilities in PostgreSQL", "links": [ "http://support.apple.com/en-us/HT5533" ], "module": "PostgreSQL", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "PostgreSQL is updated to version 9.1.5 to address multiple vulnerabilities, the most serious of which may allow database users to read files from the file system with the privileges of the database server role account. Further information is available via the PostgreSQL web site at", "id": "CVE-2012-3489", "impact": "Multiple vulnerabilities in PostgreSQL", "links": [ "http://support.apple.com/en-us/HT5533" ], "module": "PostgreSQL", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "An issue existed in the Jabber server's handling of dialback result messages. An attacker may cause the Jabber server to disclose information intended for users of federated servers. This issue was addressed through improved handling of dialback result messages.", "id": "CVE-2012-3525", "impact": "A remote attacker may reroute federated Jabber messages", "links": [ "http://support.apple.com/en-us/HT5533" ], "module": "Messages Server", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Dave Mandelin of Mozilla", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3589", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503", "http://support.apple.com/en-us/HT5504" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Apple Product Security", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3590", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503", "http://support.apple.com/en-us/HT5504" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Apple Product Security", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3591", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503", "http://support.apple.com/en-us/HT5504" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Apple Product Security", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3592", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503", "http://support.apple.com/en-us/HT5504" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Apple Product Security", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3593", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "miaubiz", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3594", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Martin Barbella of Google Chrome Security", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3595", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Skylined of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3596", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Abhishek Arya (Inferno) of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3597", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Apple Product Security", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3598", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Abhishek Arya (Inferno) of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3599", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "David Levin of the Chromium development community", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3600", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Martin Barbella of the Google Chrome Security Team using AddressSanitizer", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3601", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "miaubiz", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3602", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Apple Product Security", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3603", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Skylined of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3604", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Cris Neckar of the Google Chrome Security team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3605", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later" ], "credit": "Abhishek Arya (Inferno) of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3606", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later" ], "credit": "Abhishek Arya (Inferno) of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3607", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Skylined of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3608", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Skylined of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3609", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Skylined of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3610", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Apple Product Security", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3611", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Skylined of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3612", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Abhishek Arya (Inferno) of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3613", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Yong Li of Research In Motion, Inc.", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3614", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Stephen Chenney of the Chromium development community", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3615", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later" ], "credit": "Abhishek Arya (Inferno) of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3616", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Apple Product Security", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3617", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Abhishek Arya (Inferno) of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3618", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Abhishek Arya (Inferno) of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3620", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later" ], "credit": "Skylined of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3621", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later" ], "credit": "Abhishek Arya (Inferno) of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3622", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later" ], "credit": "Skylined of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3623", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Skylined of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3624", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Skylined of Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3625", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Apple Product Security", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3626", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Skylined and Abhishek Arya (Inferno) of Google Chrome Security team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3627", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Apple Product Security", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3628", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Abhishek Arya (Inferno) of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3629", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Abhishek Arya (Inferno) of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3630", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Abhishek Arya (Inferno) of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3631", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later" ], "credit": "Abhishek Arya (Inferno) of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3632", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Martin Barbella of Google Chrome Security Team using AddressSanitizer", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3633", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Martin Barbella of Google Chrome Security Team using AddressSanitizer", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3634", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Martin Barbella of Google Chrome Security Team using AddressSanitizer", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3635", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Martin Barbella of Google Chrome Security Team using AddressSanitizer", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3636", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Martin Barbella of Google Chrome Security Team using AddressSanitizer", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3637", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Martin Barbella of Google Chrome Security Team using AddressSanitizer", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3638", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Martin Barbella of Google Chrome Security Team using AddressSanitizer", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3639", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "miaubiz", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3640", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Slawomir Blazek", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3641", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "miaubiz", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3642", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later" ], "credit": "Skylined of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3643", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "miaubiz", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3644", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Martin Barbella of Google Chrome Security Team using AddressSanitizer", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3645", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Julien Chaffraix of the Chromium development community, Martin Barbella of Google Chrome Security Team using AddressSanitizer", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3646", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Skylined of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3647", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Abhishek Arya (Inferno) of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3648", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later" ], "credit": "Dominic Cooney of Google and Martin Barbella of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3649", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, Lion Server v10.7.4", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "An uninitialized memory access issue existed in the handling of SVG images. This issue was addressed through improved memory initialization.", "id": "CVE-2012-3650", "impact": "Visiting a maliciously crafted website may lead to the disclosure of the disclosure of memory contents", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Abhishek Arya and Martin Barbella of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3651", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Martin Barbella of Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3652", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Martin Barbella of Google Chrome Security Team using AddressSanitizer", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3653", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later" ], "credit": "Skylined of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3654", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Skylined of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3655", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Abhishek Arya (Inferno) of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3656", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later" ], "credit": "Abhishek Arya (Inferno) of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3657", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3658", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Mario Gomes of netfuzzer.blogspot.com, Abhishek Arya (Inferno) of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3659", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Abhishek Arya (Inferno) of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3660", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Apple Product Security", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3661", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Skylined of Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3663", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Thomas Sepez of the Chromium development community", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3664", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Martin Barbella of Google Chrome Security Team using AddressSanitizer", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3665", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3666", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Trevor Squires of propaneapp.com", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3667", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Apple Product Security", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3668", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Apple Product Security", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3669", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Abhishek Arya (Inferno) of the Google Chrome Security Team, Arthur Gerkis", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3670", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Skylined and Martin Barbella of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3671", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Abhishek Arya (Inferno) of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3672", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Abhishek Arya (Inferno) of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3673", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Skylined of Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3674", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later" ], "credit": "Abhishek Arya (Inferno) of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3675", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Julien Chaffraix of the Chromium development community", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3676", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3677", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Apple Product Security", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3678", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503", "http://support.apple.com/en-us/HT5504" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Chris Leary of Mozilla", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3679", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503", "http://support.apple.com/en-us/HT5504" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Skylined of Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3680", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3681", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Adam Barth of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3682", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "wushi of team509 working with iDefense VCP", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3683", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "kuzzcc", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3684", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later" ], "credit": "Apple Product Security", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3685", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Robin Cao of Torch Mobile (Beijing)", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3686", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later" ], "credit": "kuzzcc", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3687", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later" ], "credit": "Abhishek Arya (Inferno) of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3688", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4" ], "credit": "David Bloom of Cue", "description": "A cross-origin issue existed in the handling of drag and drop events. This issue is addressed through improved origin tracking.", "id": "CVE-2012-3689", "impact": "Dragging and dropping selected text on a web page may lead to a cross-site information disclosure", "links": [ "http://support.apple.com/en-us/HT5400" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4" ], "credit": "David Bloom of Cue", "description": "An access control issue existed in the handling of drag and drop events. This issue is addressed through improved origin tracking.", "id": "CVE-2012-3690", "impact": "Dragging and dropping selected text on a web page may cause files from the user's system to be sent to a remote server", "links": [ "http://support.apple.com/en-us/HT5400" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2" ], "credit": "Apple", "description": "A cross-origin issue existed in the handling of CSS property values. This issue was addressed through improved origin tracking.", "id": "CVE-2012-3691", "impact": "Visiting a maliciously crafted website may lead to a cross-site disclosure of information", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later" ], "credit": "Skylined of the Google Chrome Security Team, Apple Product Security", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3692", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Matt Cooley of Symantec", "description": "The International Domain Name (IDN) support and Unicode fonts embedded in Safari could have been used to create a URL which contains look-alike characters. These could have been used in a malicious website to direct the user to a spoofed site that visually appears to be a legitimate domain. This issue was addressed by supplementing WebKit's list of known look-alike characters. Look-alike characters are rendered in Punycode in the address bar.", "id": "CVE-2012-3693", "impact": "Look-alike characters in a URL could be used to masquerade a website", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4" ], "credit": "Daniel Cheng of Google, Aaron Sigel of vtty.com", "description": "An information disclosure issue existed in the handling of dragged files. This issue is addressed through improved handling of dragged files.", "id": "CVE-2012-3694", "impact": "Dragging and dropping a file to Safari may reveal the filesystem path of the file to the website", "links": [ "http://support.apple.com/en-us/HT5400" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Masato Kinugawa", "description": "A canonicalization issue existed in the handling of URLs. This may have led to cross-site scripting on sites which use the location.href property. This issue was addressed through improved canonicalization of URLs.", "id": "CVE-2012-3695", "impact": "Visiting a maliciously crafted website may lead to a cross-site scripting attack", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, OS X Lion Server v10.7.4", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "David Belcher of the BlackBerry Security Incident Response Team", "description": "An HTTP header injection issue existed in the handling of WebSockets. This issue was addressed through improved WebSockets URI sanitization.", "id": "CVE-2012-3696", "impact": "Visiting a maliciously crafted website may lead to HTTP request splitting", "links": [ "http://support.apple.com/en-us/HT5400", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4, Lion Server v10.7.4" ], "credit": "Aaron Sigel of vtty.com", "description": "An access control issue existed in the handling of file URLs. An attacker who gains arbitrary code execution in a Safari WebProcess may be able to bypass the sandbox and access any file that the user running Safari has access to. This issue is addressed through improved handling of file URLs.", "id": "CVE-2012-3697", "impact": "An attacker may be able to escape the sandbox and access any file the current user has access to", "links": [ "http://support.apple.com/en-us/HT5400" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.4 and later" ], "credit": "", "description": "All signed programs contain a designated requirement (DR) which states, from the perspective of the developer of the program, what constraints a program needs to satisfy in order to be considered an instance of this program. When a Developer ID was used with Xcode to sign a product that did not have a bundle identifier, such as a command-line tool or an embedded helper, the generated DR for the product did not include the developer's ID in the part of the DR that applies to apps signed by the App Store. As a result, any App Store app may have accessed keychain items created by the product. This is addressed by generating a DR with improved checks. Affected products need to be re-signed with this version of Xcode to include the improved DR.", "id": "CVE-2012-3698", "impact": "Helper tools built with Xcode allow any App Store application to read their keychain entries", "links": [ "http://support.apple.com/en-us/HT5416" ], "module": "Xcode", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later" ], "credit": "Abhishek Arya (Inferno) of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3699", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later" ], "credit": "Apple Product Security", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3700", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later" ], "credit": "Abhishek Arya (Inferno) of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3701", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later" ], "credit": "Abhishek Arya (Inferno) of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3702", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Apple Product Security", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3703", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Skylined of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3704", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later" ], "credit": "Abhishek Arya (Inferno) of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3705", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Apple Product Security", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3706", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later" ], "credit": "Abhishek Arya (Inferno) of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3707", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3708", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later" ], "credit": "Apple Product Security", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3709", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "James Robinson of Google", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3710", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502", "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later" ], "credit": "Skylined of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3711", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1", "Windows 7, Vista, XP SP2 or later" ], "credit": "Abhishek Arya (Inferno) of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3712", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5485", "http://support.apple.com/en-us/HT5502" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1" ], "credit": "Aaron Sigel of vtty.com, Masahiro Yamada", "description": "In OS X Mountain Lion HTML files were removed from the unsafe type list. Quarantined HTML documents are opened in a safe mode that prevents accessing other local or remote resources. A logic error in Safari's handling of the Quarantine attribute caused the safe mode not to be triggered on Quarantined files. This issue was addressed by properly detecting the existence of the Quarantine attribute.", "id": "CVE-2012-3713", "impact": "Opening a maliciously crafted downloaded HTML document may lead to the disclosure of local file content", "links": [ "http://support.apple.com/en-us/HT5502" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1" ], "credit": "Jonathan Hogervorst of Buzzera", "description": "A rare condition existed in the handling of Form Autofill. Using Form Autofill on a maliciously crafted website may have led to disclosure of information from the Address Book \"Me\" card that was not included in the Autofill popover. This issue was addressed by limiting Autofill to the fields contained in the popover.", "id": "CVE-2012-3714", "impact": "Using Autofill on a maliciously crafted website may lead to the disclosure of contact information", "links": [ "http://support.apple.com/en-us/HT5502" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1" ], "credit": "Aaron Rhoads of East Watch Services LLC, Pepi Zawodsky", "description": "A logic issue existed in the handling of HTTPS URLs in the address bar. If a portion of the address was edited by pasting text, the request may be unexpectedly sent over HTTP. This issue was addressed by improved handling of HTTPS URLs.", "id": "CVE-2012-3715", "impact": "After editing a HTTPS URL in the address bar, a request may be unexpectedly sent over HTTP", "links": [ "http://support.apple.com/en-us/HT5502" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4" ], "credit": "Jesse Ruderman of Mozilla Corporation", "description": "A bounds checking issue existed in the handling of text glyphs, which may lead to out of bounds memory reads or writes. This issue was addressed through improved bounds checking. This issue does not affect Mac OS X v10.6 or OS X Mountain Lion systems.", "id": "CVE-2012-3716", "impact": "Applications that use CoreText may be vulnerable to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5501" ], "module": "CoreText", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "Adam Gowdiak of Security Explorations", "description": "A privilege escalation issue existed in the JAI API. An unsigned applet may have been able to execute arbitrary code. This issue was addressed by preventing the JAI and J3D APIs from being used by unsigned applets.", "id": "CVE-2012-3717", "impact": "Visiting a maliciously crafted website with Java enabled may lead to arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5473" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8 and v10.8.1" ], "credit": "Lukhnos Liu", "description": "A user-installed input method could intercept password keystrokes from Login Window or Screen Saver Unlock. This issue was addressed by preventing user-installed methods from being used when the system is handling login information.", "id": "CVE-2012-3718", "impact": "A local user may be able to obtain other user's login passwords", "links": [ "http://support.apple.com/en-us/HT5501" ], "module": "LoginWindow", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4" ], "credit": "Will Dormann of the CERT/CC", "description": "An input validation error existed in Mail's handling of embedded web plugins. This issue was addressed by disabling third-party plug-ins in Mail. This issue does not affect OS X Mountain Lion systems.", "id": "CVE-2012-3719", "impact": "Viewing an e-mail message may lead to execution of web plugins", "links": [ "http://support.apple.com/en-us/HT5501" ], "module": "Mail", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8 and v10.8.1" ], "credit": "Harald Wagener of Google, Inc.", "description": "Creating a mobile account saved a hash of the password in the account, which was used to login when the mobile account was used as an external account. The password hash could be used to determine the user's password. This issue was addressed by creating the password hash only if external accounts are enabled on the system where the mobile account is created.", "id": "CVE-2012-3720", "impact": "A user with access to the contents of a mobile account may obtain the account password", "links": [ "http://support.apple.com/en-us/HT5501" ], "module": "Mobile Accounts", "rsr": "", "update": "" }, { "available": [ "OS X Lion Server v10.7 to v10.7.4" ], "credit": "Derick Cassidy of XEquals Corporation", "description": "An authentication issue existed in the Device Management private interface. This issue was addressed by removing the interface.", "id": "CVE-2012-3721", "impact": "An unauthenticated user could enumerate managed devices", "links": [ "http://support.apple.com/en-us/HT5501" ], "module": "Profile Manager", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Will Dormann of the CERT/CC", "description": "An uninitialized memory access existed in the handling of Sorenson encoded movie files. This issue was addressed through improved memory initialization. This issue does not affect OS X Mountain Lion systems.", "id": "CVE-2012-3722", "impact": "Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5501", "http://support.apple.com/en-us/HT5503", "http://support.apple.com/en-us/HT5504" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4" ], "credit": "Andy Davis of NGS Secure", "description": "A memory corruption issue existed in the handling of USB hub descriptors. This issue was addressed through improved handling of the bNbrPorts descriptor field. This issue does not affect OS X Mountain Lion systems.", "id": "CVE-2012-3723", "impact": "Attaching a USB device may lead to an unexpected system termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5501" ], "module": "USB", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Erling Ellingsen of Facebook", "description": "An issue existed in CFNetwork's handling of malformed URLs. CFNetwork may send requests to an incorrect hostname, resulting in the disclosure of sensitive information. This issue was addressed through improvements to URL handling.", "id": "CVE-2012-3724", "impact": "Visiting a maliciously crafted website may lead to the disclosure of sensitive information", "links": [ "http://support.apple.com/en-us/HT5503" ], "module": "CFNetwork", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Mark Wuergler of Immunity, Inc.", "description": "Upon connecting to a Wi-Fi network, iOS may broadcast MAC addresses of previously accessed networks per the DNAv4 protocol. This issue was addressed by disabling DNAv4 on unencrypted Wi-Fi networks.", "id": "CVE-2012-3725", "impact": "A malicious Wi-Fi network may be able to determine networks a device has previously accessed", "links": [ "http://support.apple.com/en-us/HT5503", "http://support.apple.com/en-us/HT5504" ], "module": "DHCP", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Phil of PKJE Consulting", "description": "A double free issue existed in ImageIO's handling of JPEG images. This issue was addressed through improved memory management.", "id": "CVE-2012-3726", "impact": "Viewing a maliciously crafted JPEG image may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5503", "http://support.apple.com/en-us/HT5504" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "iOS Jailbreak Dream Team", "description": "A buffer overflow existed in the handling of racoon configuration files. This issue was addressed through improved bounds checking.", "id": "CVE-2012-3727", "impact": "Loading a maliciously crafted racoon configuration file may lead to arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5503" ], "module": "IPSec", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "iOS Jailbreak Dream Team", "description": "An invalid pointer dereference issue existed in the kernel's handling of packet filter ioctls. This may allow an attacker to alter kernel memory. This issue was addressed through improved error handling.", "id": "CVE-2012-3728", "impact": "A local user may be able to execute arbitrary code with system privileges", "links": [ "http://support.apple.com/en-us/HT5503" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Dan Rosenberg", "description": "An uninitialized memory access issue existed in the Berkeley Packet Filter interpreter, which led to the disclosure of memory content. This issue was addressed through improved memory initialization.", "id": "CVE-2012-3729", "impact": "A local user may be able to determine kernel memory layout", "links": [ "http://support.apple.com/en-us/HT5503" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Angelo Prado of the salesforce.com Product Security Team", "description": "A logic issue existed in Mail's handling of attachments. If a subsequent mail attachment used the same Content-ID as a previous one, the previous attachment would be displayed, even in the case where the 2 mails originated from different senders. This could facilitate some spoofing or phishing attacks. This issue was addressed through improved handling of attachments.", "id": "CVE-2012-3730", "impact": "Mail may present the wrong attachment in a message", "links": [ "http://support.apple.com/en-us/HT5503" ], "module": "Mail", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Stephen Prairie of Travelers Insurance, Erich Stuntebeck of AirWatch", "description": "A logic issue existed in Mail's use of Data Protection on email attachments. This issue was addressed by properly setting the Data Protection class for email attachments.", "id": "CVE-2012-3731", "impact": "Email attachments may be read without user's passcode", "links": [ "http://support.apple.com/en-us/HT5503" ], "module": "Mail", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "An anonymous researcher.", "description": "S/MIME signed messages displayed the untrusted 'From' address, instead of the name associated with the message signer's identity. This issue was addressed by displaying the address associated with the message signer's identity when it is available.", "id": "CVE-2012-3732", "impact": "An attacker may spoof the sender of a S/MIME signed message", "links": [ "http://support.apple.com/en-us/HT5503" ], "module": "Mail", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Rodney S. Foley of Gnomesoft, LLC", "description": "When a user had multiple email addresses associated with iMessage, replying to a message may have resulted in the reply being sent from a different email address. This may disclose another email address associated to the user's account. This issue was addressed by always replying from the email address the original message was sent to.", "id": "CVE-2012-3733", "impact": "A user may unintentionally disclose the existence of their email addresses", "links": [ "http://support.apple.com/en-us/HT5503" ], "module": "Messages", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Salvatore Cataudella of Open Systems Technologies", "description": "An information disclosure issue existed in the support for viewing Microsoft Office files. When viewing a document, the Office Viewer would write a temporary file containing data from the viewed document to the temporary directory of the invoking process. For an application that uses data protection or other encryption to protect the user\u2019s files, this could lead to information disclosure. This issue was addressed by avoiding creation of temporary files when viewing Office documents.", "id": "CVE-2012-3734", "impact": "Unencrypted document data may be written to a temporary file", "links": [ "http://support.apple.com/en-us/HT5503" ], "module": "Office Viewer", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Chris Lawrence DBB", "description": "A logic issue existed with the display of the \"Slide to Power Off\" slider on the lock screen. This issue was addressed through improved lock state management.", "id": "CVE-2012-3735", "impact": "A person with physical access to the device could briefly view the last used third-party app on a locked device", "links": [ "http://support.apple.com/en-us/HT5503" ], "module": "Passcode Lock", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Ian Vitek of 2Secure AB", "description": "A logic issue existed in the termination of FaceTime calls from the lock screen. This issue was addressed through improved lock state management.", "id": "CVE-2012-3736", "impact": "A person with physical access to the device may be able to bypass the screen lock", "links": [ "http://support.apple.com/en-us/HT5503" ], "module": "Passcode Lock", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Ade Barkah of BlueWax Inc.", "description": "A design issue existed in the support for viewing photos that were taken at the lock screen. In order to determine which photos to permit access to, the passcode lock consulted the time at which the device was locked and compared it to the time that a photo was taken. By spoofing the current time, an attacker could gain access to photos that were taken before the device was locked. This issues was addressed by explicitly keeping track of the photos that were taken while the device was locked.", "id": "CVE-2012-3737", "impact": "All photos may be accessible at the lock screen", "links": [ "http://support.apple.com/en-us/HT5503" ], "module": "Passcode Lock", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Ade Barkah of BlueWax Inc.", "description": "A logic issue existed in the Emergency Dialer screen, which permitted FaceTime calls via Voice Dialing on the locked device. This could also disclose the user's contacts via contact suggestions. This issue was addressed by disabling Voice Dialing on the Emergency Dialer screen.", "id": "CVE-2012-3738", "impact": "A person with physical access to a locked device may perform FaceTime calls", "links": [ "http://support.apple.com/en-us/HT5503" ], "module": "Passcode Lock", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Sebastian Spanninger of the Austrian Federal Computing Centre (BRZ)", "description": "Using the camera from the screen lock could in some cases interfere with automatic lock functionality, allowing a person with physical access to the device to bypass the Passcode Lock screen. This issue was addressed through improved lock state management.", "id": "CVE-2012-3739", "impact": "A person with physical access to the device may be able to bypass the screen lock", "links": [ "http://support.apple.com/en-us/HT5503" ], "module": "Passcode Lock", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Ian Vitek of 2Secure AB", "description": "A state management issue existed in the handling of the screen lock. This issue was addressed through improved lock state management.", "id": "CVE-2012-3740", "impact": "A person with physical access to the device may be able to bypass the screen lock", "links": [ "http://support.apple.com/en-us/HT5503" ], "module": "Passcode Lock", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Kevin Makens of Redwood High School", "description": "After disabling Restrictions, iOS may not ask for the user's password during a transaction. This issue was addressed by additional enforcement of purchase authorization.", "id": "CVE-2012-3741", "impact": "A user may be able to make purchases without entering Apple ID credentials", "links": [ "http://support.apple.com/en-us/HT5503" ], "module": "Restrictions", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Boku Kihara of Lepidum", "description": "Websites could use a Unicode character to create a lock icon in the page title. This icon was similar in appearance to the icon used to indicate a secure connection, and could have lead the user to believe a secure connection had been established. This issue was addressed by removing these characters from page titles.", "id": "CVE-2012-3742", "impact": "Websites may use characters with an appearance similar to the lock icon in their titles", "links": [ "http://support.apple.com/en-us/HT5503" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "", "description": "Sandboxed apps had read access to /var/log directory, which may allow them to obtain sensitive information contained in system logs. This issue was addressed by denying sandboxed apps access to the /var/log directory.", "id": "CVE-2012-3743", "impact": "Sandboxed apps may obtain system log content", "links": [ "http://support.apple.com/en-us/HT5503" ], "module": "System Logs", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "pod2g", "description": "Messages displayed the return address of an SMS message as the sender. Return addresses may be spoofed. This issue was addressed by always displaying the originating address instead of the return address.", "id": "CVE-2012-3744", "impact": "An SMS message may appear to have been sent by an arbitrary user", "links": [ "http://support.apple.com/en-us/HT5503" ], "module": "Telephony", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "pod2g", "description": "An off-by-one buffer overflow existed in the handling of SMS user data headers. This issue was addressed through improved bounds checking.", "id": "CVE-2012-3745", "impact": "An SMS message may disrupt cellular connectivity", "links": [ "http://support.apple.com/en-us/HT5503" ], "module": "Telephony", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Ben Smith of Box", "description": "Applications that use UIWebView may leave unencrypted files on the file system even when a passcode is enabled. This issue was addressed through improved use of data protection.", "id": "CVE-2012-3746", "impact": "An attacker that gains access to a device's filesystem may be able to read files that were being displayed in a UIWebView", "links": [ "http://support.apple.com/en-us/HT5503" ], "module": "UIKit", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "David Bloom of Cue", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3747", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5503" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.2", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Joost Pol and Daan Keuper of Certified Secure working with HP TippingPoint's Zero Day Initiative", "description": "A time of check to time of use issue existed in the handling of JavaScript arrays. This issue was addressed through additional validation of JavaScript arrays.", "id": "CVE-2012-3748", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5567", "http://support.apple.com/en-us/HT5568", "http://support.apple.com/en-us/HT5598" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Mark Dowd of Azimuth Security, Eric Monti of Square, and additional anonymous researchers", "description": "An information disclosure issue existed in the handling of APIs related to kernel extensions. Responses containing an OSBundleMachOHeaders key may have included kernel addresses, which may aid in bypassing address space layout randomization protection. This issue was addressed by unsliding the addresses before returning them.", "id": "CVE-2012-3749", "impact": "Maliciously crafted or compromised iOS applications may be able to determine addresses in the kernel", "links": [ "http://support.apple.com/en-us/HT5567", "http://support.apple.com/en-us/HT5598" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Anton Tsviatkou", "description": "A state management issue existed in the handling of Passbook passes at the lock screen. This issue was addressed through improved handling of Passbook passes.", "id": "CVE-2012-3750", "impact": "A person with physical access to the device may be able to access Passbook passes without entering a passcode", "links": [ "http://support.apple.com/en-us/HT5567" ], "module": "Passcode Lock", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later" ], "credit": "chkr_d591 working with iDefense VCP", "description": "A use after free issue existed in the QuickTime plugin's handling of '_qtactivex_' parameters within a HTML object element. This issue was addressed through improved memory handling.", "id": "CVE-2012-3751", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5581" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later" ], "credit": "Arezou Hosseinzad-Amirkhizi, Vulnerability Research Team, TELUS Security Labs", "description": "Multiple buffer overflows existed in the handling of style elements in QuickTime TeXML files. These issues were addressed through improved bounds checking.", "id": "CVE-2012-3752", "impact": "Viewing a maliciously crafted QuickTime TeXML file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5581" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later" ], "credit": "Pavel Polischouk, Vulnerability Research Team, TELUS Security Labs", "description": "A buffer overflow existed in the QuickTime plugin's handling of MIME types. This issue was addressed through improved bounds checking.", "id": "CVE-2012-3753", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5581" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later" ], "credit": "CHkr_d591 working with iDefense VCP", "description": "A use after free issue existed in the QuickTime ActiveX control's handling of the Clear() method. This issue was addressed through improved memory management.", "id": "CVE-2012-3754", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5581" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later" ], "credit": "Senator of Pirates", "description": "A buffer overflow existed in the handling of Targa image files. This issue was addressed through improved bounds checking.", "id": "CVE-2012-3755", "impact": "Viewing a maliciously crafted Targa file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5581" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later" ], "credit": "Kevin Szkudlapski of QuarksLab", "description": "A buffer overflow existed in the handling of 'rnet' boxes in MP4 files. This issue was addressed through improved bounds checking.", "id": "CVE-2012-3756", "impact": "Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5581" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later" ], "credit": "Jeremy Brown at Microsoft and Microsoft Vulnerability Research (MSVR)", "description": "A memory corruption issue existed in the handling of PICT files. This issue was addressed through improved bounds checking.", "id": "CVE-2012-3757", "impact": "Viewing a maliciously crafted PICT file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5581" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later" ], "credit": "Alexander Gavrun working with HP TippingPoint's Zero Day Initiative", "description": "A buffer overflow existed in the handling of the transform attribute in text3GTrack elements. This issue was addressed through improved bounds checking.", "id": "CVE-2012-3758", "impact": "Viewing a maliciously crafted QuickTime TeXML file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5581" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_35, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_37. Further information is available via the Java website at", "id": "CVE-2012-4416", "impact": "Multiple vulnerabilities in Java 1.6.0_35", "links": [ "http://support.apple.com/en-us/HT5549" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_35, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_37. Further information is available via the Java website at", "id": "CVE-2012-5068", "impact": "Multiple vulnerabilities in Java 1.6.0_35", "links": [ "http://support.apple.com/en-us/HT5549" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_35, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_37. Further information is available via the Java website at", "id": "CVE-2012-5069", "impact": "Multiple vulnerabilities in Java 1.6.0_35", "links": [ "http://support.apple.com/en-us/HT5549" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_35, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_37. Further information is available via the Java website at", "id": "CVE-2012-5071", "impact": "Multiple vulnerabilities in Java 1.6.0_35", "links": [ "http://support.apple.com/en-us/HT5549" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_35, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_37. Further information is available via the Java website at", "id": "CVE-2012-5072", "impact": "Multiple vulnerabilities in Java 1.6.0_35", "links": [ "http://support.apple.com/en-us/HT5549" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_35, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_37. Further information is available via the Java website at", "id": "CVE-2012-5073", "impact": "Multiple vulnerabilities in Java 1.6.0_35", "links": [ "http://support.apple.com/en-us/HT5549" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_35, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_37. Further information is available via the Java website at", "id": "CVE-2012-5075", "impact": "Multiple vulnerabilities in Java 1.6.0_35", "links": [ "http://support.apple.com/en-us/HT5549" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_35, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_37. Further information is available via the Java website at", "id": "CVE-2012-5077", "impact": "Multiple vulnerabilities in Java 1.6.0_35", "links": [ "http://support.apple.com/en-us/HT5549" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_35, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_37. Further information is available via the Java website at", "id": "CVE-2012-5079", "impact": "Multiple vulnerabilities in Java 1.6.0_35", "links": [ "http://support.apple.com/en-us/HT5549" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_35, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_37. Further information is available via the Java website at", "id": "CVE-2012-5081", "impact": "Multiple vulnerabilities in Java 1.6.0_35", "links": [ "http://support.apple.com/en-us/HT5549" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_35, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_37. Further information is available via the Java website at", "id": "CVE-2012-5083", "impact": "Multiple vulnerabilities in Java 1.6.0_35", "links": [ "http://support.apple.com/en-us/HT5549" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_35, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_37. Further information is available via the Java website at", "id": "CVE-2012-5084", "impact": "Multiple vulnerabilities in Java 1.6.0_35", "links": [ "http://support.apple.com/en-us/HT5549" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_35, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_37. Further information is available via the Java website at", "id": "CVE-2012-5086", "impact": "Multiple vulnerabilities in Java 1.6.0_35", "links": [ "http://support.apple.com/en-us/HT5549" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities exist in Java 1.6.0_35, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_37. Further information is available via the Java website at", "id": "CVE-2012-5089", "impact": "Multiple vulnerabilities in Java 1.6.0_35", "links": [ "http://support.apple.com/en-us/HT5549" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.2", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Pinkie Pie working with Google's Pwnium 2 contest", "description": "A use after free issue existed in the handling of SVG images. This issue was addressed through improved memory handling.", "id": "CVE-2012-5112", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5567", "http://support.apple.com/en-us/HT5568" ], "module": "WebKit", "rsr": "", "update": "" } ] ================================================ FILE: 2012/README.md ================================================ # Apple CVE 2012 * data source: https://support.apple.com/en-us/HT201222 * [2012.json](2012.json) ## Modules | Index | Module Name | CVE Count | |:-----:|:------------------ |:---------:| | 1 | WebKit | 264 | | 2 | Java | 45 | | 3 | QuickTime | 29 | | 4 | PHP | 20 | | 5 | CoreGraphics | 19 | | 6 | Safari | 10 | | 7 | ImageIO | 8 | | 8 | Passcode Lock | 8 | | 9 | Apache | 7 | | 10 | SquirrelMail | 5 | | 11 | Kernel | 5 | | 12 | Ruby | 4 | | 13 | libxml | 4 | | 14 | CFNetwork | 4 | | 15 | Mail | 4 | | 16 | Subversion | 3 | | 17 | libsecurity | 3 | | 18 | libarchive | 2 | | 19 | curl | 2 | | 20 | CoreText | 2 | | 21 | Time Machine | 2 | | 22 | BIND | 2 | | 23 | Samba | 2 | | 24 | PostgreSQL | 2 | | 25 | Telephony | 2 | | 26 | ColorSync | 1 | | 27 | Tomcat | 1 | | 28 | X11 | 1 | | 29 | Webmail | 1 | | 30 | CoreAudio | 1 | | 31 | Safari Downloads | 1 | | 32 | Libinfo | 1 | | 33 | Address Book | 1 | | 34 | ATS | 1 | | 35 | CoreMedia | 1 | | 36 | CoreUI | 1 | | 37 | Internet Sharing | 1 | | 38 | libresolv | 1 | | 39 | OpenGL | 1 | | 40 | WebDAV Sharing | 1 | | 41 | International Components for Unicode | 1 | | 42 | HFS | 1 | | 43 | Siri | 1 | | 44 | VPN | 1 | | 45 | Bluetooth | 1 | | 46 | DirectoryService | 1 | | 47 | Directory Service | 1 | | 48 | Installer | 1 | | 49 | LoginUIFramework | 1 | | 50 | Quartz Composer | 1 | | 51 | Security Framework | 1 | | 52 | QuickLook | 1 | | 53 | iTunes | 1 | | 54 | Apple Remote Desktop | 1 | | 55 | Messages Server | 1 | | 56 | Xcode | 1 | | 57 | LoginWindow | 1 | | 58 | Mobile Accounts | 1 | | 59 | Profile Manager | 1 | | 60 | USB | 1 | | 61 | DHCP | 1 | | 62 | IPSec | 1 | | 63 | Messages | 1 | | 64 | Office Viewer | 1 | | 65 | Restrictions | 1 | | 66 | System Logs | 1 | | 67 | UIKit | 1 | ================================================ FILE: 2013/2013.json ================================================ [ { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.5, OS X Lion Server v10.7 to v10.7.5, OS X Mountain Lion v10.8 to v10.8.3" ], "credit": "", "description": "OpenSSL was updated to version 0.9.8x to address multiple vulnerabilities, which may lead to denial of service or disclosure of a private key. Further information is available via the OpenSSL website at", "id": "CVE-2011-1945", "impact": "Multiple vulnerabilities in OpenSSL", "links": [ "http://support.apple.com/en-us/HT5784" ], "module": "OpenSSL", "rsr": "", "update": "" }, { "available": [ "", "Apple TV 2nd generation and later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Marc Heuse", "description": "An attacker on a local network can send specially crafted IPv6 ICMP packets and cause high CPU load. The issue was addressed by rate limiting ICMP packets before verifying their checksum.", "id": "CVE-2011-2391", "impact": "An attacker on a local network can cause a denial of service", "links": [ "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935", "http://support.apple.com/en-us/HT6011" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.5, OS X Lion Server v10.7 to v10.7.5, OS X Mountain Lion v10.8 to v10.8.2", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Masato Kinugawa", "description": "A canonicalization issue existed in the handling of the EUC-JP encoding, which could lead to a cross-site scripting attack on EUC-JP encoded websites. This issue was addressed by updating the EUC-JP mapping table.", "id": "CVE-2011-3058", "impact": "Visiting a maliciously crafted website may lead to a cross-site scripting attack", "links": [ "http://support.apple.com/en-us/HT5642", "http://support.apple.com/en-us/HT5672" ], "module": "International Components for Unicode", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "J\u00fcri Aedla", "description": "Multiple memory corruption issues existed in libxml. These issues were addressed by updating libxml to version 2.9.0.", "id": "CVE-2011-3102", "impact": "Viewing a maliciously crafted web page may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935" ], "module": "libxml", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.5, OS X Lion Server v10.7 to v10.7.5, OS X Mountain Lion v10.8 to v10.8.3" ], "credit": "", "description": "OpenSSL was updated to version 0.9.8x to address multiple vulnerabilities, which may lead to denial of service or disclosure of a private key. Further information is available via the OpenSSL website at", "id": "CVE-2011-3207", "impact": "Multiple vulnerabilities in OpenSSL", "links": [ "http://support.apple.com/en-us/HT5784" ], "module": "OpenSSL", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.5, OS X Lion Server v10.7 to v10.7.5, OS X Mountain Lion v10.8 to v10.8.3" ], "credit": "", "description": "OpenSSL was updated to version 0.9.8x to address multiple vulnerabilities, which may lead to denial of service or disclosure of a private key. Further information is available via the OpenSSL website at", "id": "CVE-2011-3210", "impact": "Multiple vulnerabilities in OpenSSL", "links": [ "http://support.apple.com/en-us/HT5784" ], "module": "OpenSSL", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "", "description": "Only the SSLv3 and TLS 1.0 versions of SSL were used. These versions are subject to a protocol weakness when using block ciphers. A man-in-the-middle attacker could have injected invalid data, causing the connection to close but revealing some information about the previous data. If the same connection was attempted repeatedly the attacker may eventually have been able to decrypt the data being sent, such as a password. This issue was addressed by enabling TLS 1.2.", "id": "CVE-2011-3389", "impact": "An attacker could decrypt part of a SSL connection", "links": [ "http://support.apple.com/en-us/HT6011" ], "module": "CFNetwork SSL", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "", "description": "Certificates signed using the MD5 hash algorithm were accepted by OS X. This algorithm has known cryptographic weaknesses. Further research or a misconfigured certificate authority could have allowed the creation of X.509 certificates with attacker controlled values that would have been trusted by the system. This would have exposed X.509 based protocols to spoofing, man in the middle attacks, and information disclosure. This update disables support for an X.509 certificate with an MD5 hash for any use other than as a trusted root certificate.", "id": "CVE-2011-3427", "impact": "Support for X.509 certificates with MD5 hashes may expose users to spoofing and information disclosure as attacks improve", "links": [ "http://support.apple.com/en-us/HT6011" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.5, OS X Lion Server v10.7 to v10.7.5, OS X Mountain Lion v10.8 to v10.8.3" ], "credit": "", "description": "OpenSSL was updated to version 0.9.8x to address multiple vulnerabilities, which may lead to denial of service or disclosure of a private key. Further information is available via the OpenSSL website at", "id": "CVE-2011-4108", "impact": "Multiple vulnerabilities in OpenSSL", "links": [ "http://support.apple.com/en-us/HT5784" ], "module": "OpenSSL", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.5, OS X Lion Server v10.7 to v10.7.5, OS X Mountain Lion v10.8 to v10.8.3" ], "credit": "", "description": "OpenSSL was updated to version 0.9.8x to address multiple vulnerabilities, which may lead to denial of service or disclosure of a private key. Further information is available via the OpenSSL website at", "id": "CVE-2011-4109", "impact": "Multiple vulnerabilities in OpenSSL", "links": [ "http://support.apple.com/en-us/HT5784" ], "module": "OpenSSL", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.5, OS X Lion Server v10.7 to v10.7.5, OS X Mountain Lion v10.8 to v10.8.3" ], "credit": "", "description": "OpenSSL was updated to version 0.9.8x to address multiple vulnerabilities, which may lead to denial of service or disclosure of a private key. Further information is available via the OpenSSL website at", "id": "CVE-2011-4576", "impact": "Multiple vulnerabilities in OpenSSL", "links": [ "http://support.apple.com/en-us/HT5784" ], "module": "OpenSSL", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.5, OS X Lion Server v10.7 to v10.7.5, OS X Mountain Lion v10.8 to v10.8.3" ], "credit": "", "description": "OpenSSL was updated to version 0.9.8x to address multiple vulnerabilities, which may lead to denial of service or disclosure of a private key. Further information is available via the OpenSSL website at", "id": "CVE-2011-4577", "impact": "Multiple vulnerabilities in OpenSSL", "links": [ "http://support.apple.com/en-us/HT5784" ], "module": "OpenSSL", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.5, OS X Lion Server v10.7 to v10.7.5, OS X Mountain Lion v10.8 to v10.8.3" ], "credit": "", "description": "OpenSSL was updated to version 0.9.8x to address multiple vulnerabilities, which may lead to denial of service or disclosure of a private key. Further information is available via the OpenSSL website at", "id": "CVE-2011-4619", "impact": "Multiple vulnerabilities in OpenSSL", "links": [ "http://support.apple.com/en-us/HT5784" ], "module": "OpenSSL", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "", "description": "Multiple vulnerabilities existed in python 2.7.2, the most serious of which may lead to decryption of the content of a SSL connection. This update addresses the issues by updating python to version 2.7.5. Further information is available via the python site at", "id": "CVE-2011-4944", "impact": "Multiple vulnerabilities in python 2.7", "links": [ "http://support.apple.com/en-us/HT6011" ], "module": "python", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.5, OS X Lion Server v10.7 to v10.7.5, OS X Mountain Lion v10.8 to v10.8.3" ], "credit": "", "description": "OpenSSL was updated to version 0.9.8x to address multiple vulnerabilities, which may lead to denial of service or disclosure of a private key. Further information is available via the OpenSSL website at", "id": "CVE-2012-0050", "impact": "Multiple vulnerabilities in OpenSSL", "links": [ "http://support.apple.com/en-us/HT5784" ], "module": "OpenSSL", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "", "description": "Multiple memory corruption issues existed in libxml. These issues were addressed by updating libxml to version 2.9.0.", "id": "CVE-2012-0841", "impact": "Viewing a maliciously crafted web page may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935" ], "module": "libxml", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "", "description": "Multiple vulnerabilities existed in python 2.7.2, the most serious of which may lead to decryption of the content of a SSL connection. This update addresses the issues by updating python to version 2.7.5. Further information is available via the python site at", "id": "CVE-2012-0845", "impact": "Multiple vulnerabilities in python 2.7", "links": [ "http://support.apple.com/en-us/HT6011" ], "module": "python", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "", "description": "Multiple vulnerabilities existed in python 2.7.2, the most serious of which may lead to decryption of the content of a SSL connection. This update addresses the issues by updating python to version 2.7.5. Further information is available via the python site at", "id": "CVE-2012-0876", "impact": "Multiple vulnerabilities in python 2.7", "links": [ "http://support.apple.com/en-us/HT6011" ], "module": "python", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4" ], "credit": "", "description": "Multiple vulnerabilities existed in Apache, the most serious of which may lead to cross-site scripting. These issues were addressed by updating Apache to version 2.2.24.", "id": "CVE-2012-0883", "impact": "Multiple vulnerabilities in Apache", "links": [ "http://support.apple.com/en-us/HT5880" ], "module": "Apache", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "", "description": "Multiple vulnerabilities existed in python 2.7.2, the most serious of which may lead to decryption of the content of a SSL connection. This update addresses the issues by updating python to version 2.7.5. Further information is available via the python site at", "id": "CVE-2012-1150", "impact": "Multiple vulnerabilities in python 2.7", "links": [ "http://support.apple.com/en-us/HT6011" ], "module": "python", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.5, OS X Lion Server v10.7 to v10.7.5, OS X Mountain Lion v10.8 to v10.8.2" ], "credit": "", "description": "A buffer overflow existed in libtiff's handling of TIFF images. This issue was addressed through additional validation of TIFF images.", "id": "CVE-2012-2088", "impact": "Viewing a maliciously crafted TIFF file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5672" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.5, OS X Lion Server v10.7 to v10.7.5, OS X Mountain Lion v10.8 to v10.8.3" ], "credit": "", "description": "OpenSSL was updated to version 0.9.8x to address multiple vulnerabilities, which may lead to denial of service or disclosure of a private key. Further information is available via the OpenSSL website at", "id": "CVE-2012-2110", "impact": "Multiple vulnerabilities in OpenSSL", "links": [ "http://support.apple.com/en-us/HT5784" ], "module": "OpenSSL", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.5, OS X Lion Server v10.7 to v10.7.5, OS X Mountain Lion v10.8 to v10.8.3" ], "credit": "", "description": "OpenSSL was updated to version 0.9.8x to address multiple vulnerabilities, which may lead to denial of service or disclosure of a private key. Further information is available via the OpenSSL website at", "id": "CVE-2012-2131", "impact": "Multiple vulnerabilities in OpenSSL", "links": [ "http://support.apple.com/en-us/HT5784" ], "module": "OpenSSL", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.5, OS X Lion Server v10.7 to v10.7.5, OS X Mountain Lion v10.8 to v10.8.3" ], "credit": "", "description": "OpenSSL was updated to version 0.9.8x to address multiple vulnerabilities, which may lead to denial of service or disclosure of a private key. Further information is available via the OpenSSL website at", "id": "CVE-2012-2333", "impact": "Multiple vulnerabilities in OpenSSL", "links": [ "http://support.apple.com/en-us/HT5784" ], "module": "OpenSSL", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation", "iPhone 3GS, iPhone 4, iPod touch (4th generation), iPad 2" ], "credit": "Andres Blanco and Matias Eissler of Core Security", "description": "An out of bounds read issue exists in Broadcom's BCM4325 and BCM4329 firmware's handling of 802.11i information elements. This issue was addressed through additional validation of 802.11i information elements.", "id": "CVE-2012-2619", "impact": "A remote attacker on the same Wi-Fi network may be able to temporarily disable Wi-Fi", "links": [ "http://support.apple.com/en-us/HT5642", "http://support.apple.com/en-us/HT5643" ], "module": "Wi-Fi", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4" ], "credit": "", "description": "Multiple vulnerabilities existed in OpenSSL, the most serious of which may lead to disclosure of user data. These issues were addressed by updating OpenSSL to version 0.9.8y.", "id": "CVE-2012-2686", "impact": "Multiple vulnerabilities in OpenSSL", "links": [ "http://support.apple.com/en-us/HT5880" ], "module": "OpenSSL", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4" ], "credit": "", "description": "Multiple vulnerabilities existed in Apache, the most serious of which may lead to cross-site scripting. These issues were addressed by updating Apache to version 2.2.24.", "id": "CVE-2012-2687", "impact": "Multiple vulnerabilities in Apache", "links": [ "http://support.apple.com/en-us/HT5880" ], "module": "Apache", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "J\u00fcri Aedla", "description": "Multiple memory corruption issues existed in libxml. These issues were addressed by updating libxml to version 2.9.0.", "id": "CVE-2012-2807", "impact": "Viewing a maliciously crafted web page may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935" ], "module": "libxml", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.2", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "miaubiz", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-2824", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5642", "http://support.apple.com/en-us/HT5671", "http://support.apple.com/en-us/HT5766" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Nicolas Gregoire", "description": "Multiple memory corruption issues existed in libxslt. These issues were addressed by updating libxslt to version 1.1.28.", "id": "CVE-2012-2825", "impact": "Viewing a maliciously crafted web page may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935" ], "module": "libxslt", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.2", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Arthur Gerkis", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-2857", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5642", "http://support.apple.com/en-us/HT5671", "http://support.apple.com/en-us/HT5766" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Nicolas Gregoire", "description": "Multiple memory corruption issues existed in libxslt. These issues were addressed by updating libxslt to version 1.1.28.", "id": "CVE-2012-2870", "impact": "Viewing a maliciously crafted web page may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935" ], "module": "libxslt", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Kai Lu of Fortinet's FortiGuard Labs, Nicolas Gregoire", "description": "Multiple memory corruption issues existed in libxslt. These issues were addressed by updating libxslt to version 1.1.28.", "id": "CVE-2012-2871", "impact": "Viewing a maliciously crafted web page may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935" ], "module": "libxslt", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.2", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Sergey Glazunov", "description": "A cross-site scripting issue existed in the handling of frame elements. This issue was addressed through improved origin tracking.", "id": "CVE-2012-2889", "impact": "Visiting a maliciously crafted website may lead to a cross-site scripting attack", "links": [ "http://support.apple.com/en-us/HT5642", "http://support.apple.com/en-us/HT5671" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8", "OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_37, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_41. For Mac OS X v10.6 systems, these issues were addressed in Java for Mac OS X v10.6 Update 13. Further information is available via the Java website at", "id": "CVE-2012-3213", "impact": "Multiple vulnerabilities in Java 1.6.0_37", "links": [ "http://support.apple.com/en-us/HT5647", "http://support.apple.com/en-us/HT5666" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8", "OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_37, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_41. For Mac OS X v10.6 systems, these issues were addressed in Java for Mac OS X v10.6 Update 13. Further information is available via the Java website at", "id": "CVE-2012-3342", "impact": "Multiple vulnerabilities in Java 1.6.0_37", "links": [ "http://support.apple.com/en-us/HT5647", "http://support.apple.com/en-us/HT5666" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X Server 10.6.8, OS X Lion Server v10.7 to v10.7.5" ], "credit": "", "description": "PostgreSQL was updated to version 9.1.5 to address multiple vulnerabilities, the most serious of which may allow database users to read files from the file system with the privileges of the database server role account. Further information is available via the PostgreSQL web site at", "id": "CVE-2012-3488", "impact": "Multiple vulnerabilities in PostgreSQL", "links": [ "http://support.apple.com/en-us/HT5672" ], "module": "PostgreSQL", "rsr": "", "update": "" }, { "available": [ "Mac OS X Server 10.6.8, OS X Lion Server v10.7 to v10.7.5" ], "credit": "", "description": "PostgreSQL was updated to version 9.1.5 to address multiple vulnerabilities, the most serious of which may allow database users to read files from the file system with the privileges of the database server role account. Further information is available via the PostgreSQL web site at", "id": "CVE-2012-3489", "impact": "Multiple vulnerabilities in PostgreSQL", "links": [ "http://support.apple.com/en-us/HT5672" ], "module": "PostgreSQL", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4" ], "credit": "", "description": "Multiple vulnerabilities existed in Apache, the most serious of which may lead to cross-site scripting. These issues were addressed by updating Apache to version 2.2.24.", "id": "CVE-2012-3499", "impact": "Multiple vulnerabilities in Apache", "links": [ "http://support.apple.com/en-us/HT5880" ], "module": "Apache", "rsr": "", "update": "" }, { "available": [ "Mac OS X Server 10.6.8, OS X Lion Server v10.7 to v10.7.5" ], "credit": "", "description": "An issue existed in the Jabber server's handling of dialback result messages. An attacker may cause the Jabber server to disclose information intended for users of federated servers. This issue was addressed through improved handling of dialback result messages.", "id": "CVE-2012-3525", "impact": "A remote attacker may reroute federated Jabber messages", "links": [ "http://support.apple.com/en-us/HT5672" ], "module": "Messages Server", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9 or later" ], "credit": "", "description": "A buffer overflow existed in FreeRADIUS when parsing the 'not after' timestamp in a client certificate, when using TLS-based EAP methods. This issue was addressed by updating FreeRADIUS to version 2.2.0.", "id": "CVE-2012-3547", "impact": "A remote attacker may be able to cause a denial of service or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5999" ], "module": "FreeRADIUS", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Abhishek Arya (Inferno) of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3606", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5642" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Abhishek Arya (Inferno) of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3607", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5642" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Skylined of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3621", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5642" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Abhishek Arya (Inferno) of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3632", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5642" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "kuzzcc", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3687", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5642" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Abhishek Arya (Inferno) of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-3701", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5642" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8", "Windows 7, Vista, XP SP2 or later" ], "credit": "Joost Pol and Daan Keuper of Certified Secure working with HP TippingPoint's Zero Day Initiative", "description": "Multiple memory corruption issues existed in JavaScriptCore's JSArray::sort() method. These issues were addressed through additional bounds checking.", "id": "CVE-2012-3748", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5766", "http://support.apple.com/en-us/HT5921" ], "module": "JavaScriptCore", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8 to v10.8.2" ], "credit": "Mark Dowd of Azimuth Security, Eric Monti of Square, and additional anonymous researchers", "description": "An information disclosure issue existed in the handling of APIs related to kernel extensions. Responses containing an OSBundleMachOHeaders key may have included kernel addresses, which may aid in bypassing address space layout randomization protection. This issue was addressed by unsliding the addresses before returning them.", "id": "CVE-2012-3749", "impact": "Maliciously crafted or compromised applications may be able to determine addresses in the kernel", "links": [ "http://support.apple.com/en-us/HT5672" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.5, OS X Lion Server v10.7 to v10.7.5, OS X Mountain Lion v10.8 to v10.8.2" ], "credit": "Kevin Szkudlapski of QuarksLab", "description": "A buffer overflow existed in the handling of 'rnet' boxes in MP4 files. This issue was addressed through improved bounds checking.", "id": "CVE-2012-3756", "impact": "Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5672" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4" ], "credit": "", "description": "Multiple vulnerabilities existed in BIND, the most serious of which may lead to a denial of service. These issues were addressed by updating BIND to version 9.8.5-P1. CVE-2012-5688 did not affect Mac OS X v10.7 systems.", "id": "CVE-2012-3817", "impact": "Multiple vulnerabilities in BIND", "links": [ "http://support.apple.com/en-us/HT5880" ], "module": "Bind", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4" ], "credit": "", "description": "Multiple vulnerabilities existed in BIND, the most serious of which may lead to a denial of service. These issues were addressed by updating BIND to version 9.8.5-P1. CVE-2012-5688 did not affect Mac OS X v10.7 systems.", "id": "CVE-2012-4244", "impact": "Multiple vulnerabilities in BIND", "links": [ "http://support.apple.com/en-us/HT5880" ], "module": "Bind", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4" ], "credit": "", "description": "Multiple vulnerabilities existed in Apache, the most serious of which may lead to cross-site scripting. These issues were addressed by updating Apache to version 2.2.24.", "id": "CVE-2012-4558", "impact": "Multiple vulnerabilities in Apache", "links": [ "http://support.apple.com/en-us/HT5880" ], "module": "Apache", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.5, OS X Lion Server v10.7 to v10.7.5, OS X Mountain Lion v10.8 to v10.8.3" ], "credit": "Juliano Rizzo and Thai Duong", "description": "There were known attacks on the confidentiality of TLS 1.0 when compression was enabled. This issue was addressed by disabling compression in OpenSSL.", "id": "CVE-2012-4929", "impact": "An attacker may be able to decrypt data protected by SSL", "links": [ "http://support.apple.com/en-us/HT5784" ], "module": "OpenSSL", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later" ], "credit": "Pinkie Pie working with Google's Pwnium 2 contest", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2012-5112", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5766" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Google Chrome Security Team (J\u00fcri Aedla)", "description": "Multiple memory corruption issues existed in libxml. These issues were addressed by updating libxml to version 2.9.0.", "id": "CVE-2012-5134", "impact": "Viewing a maliciously crafted web page may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935" ], "module": "libxml", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4" ], "credit": "", "description": "Multiple vulnerabilities existed in BIND, the most serious of which may lead to a denial of service. These issues were addressed by updating BIND to version 9.8.5-P1. CVE-2012-5688 did not affect Mac OS X v10.7 systems.", "id": "CVE-2012-5166", "impact": "Multiple vulnerabilities in BIND", "links": [ "http://support.apple.com/en-us/HT5880" ], "module": "Bind", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8 to v10.8.3" ], "credit": "", "description": "A privilege escalation issue existed in the handling of CUPS configuration via the CUPS web interface. A local user in the lpadmin group may be able to read or write arbitrary files with system privileges. This issue was addressed by moving certain configuration directives to cups-files.conf, which can not be modified from the CUPS web interface.", "id": "CVE-2012-5519", "impact": "A local user in the lpadmin group may be able to read or write arbitrary files with system privileges", "links": [ "http://support.apple.com/en-us/HT5784" ], "module": "CUPS", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4" ], "credit": "", "description": "Multiple vulnerabilities existed in BIND, the most serious of which may lead to a denial of service. These issues were addressed by updating BIND to version 9.8.5-P1. CVE-2012-5688 did not affect Mac OS X v10.7 systems.", "id": "CVE-2012-5688", "impact": "Multiple vulnerabilities in BIND", "links": [ "http://support.apple.com/en-us/HT5880" ], "module": "Bind", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8" ], "credit": "", "description": "Multiple vulnerabilities existed in Ruby on Rails, the most serious of which may lead to arbitrary code execution on systems running Ruby on Rails applications. These issues were addressed by updating Ruby on Rails to version 2.3.18. This issue may affect OS X Lion or OS X Mountain Lion systems that were upgraded from Mac OS X 10.6.8 or earlier. Users can update affected gems on such systems by using the /usr/bin/gem utility.", "id": "CVE-2013-0155", "impact": "Multiple vulnerabilities in Ruby on Rails", "links": [ "http://support.apple.com/en-us/HT5784" ], "module": "Ruby", "rsr": "", "update": "" }, { "available": [ "Mac OS X Server 10.6.8", "Mac OS X Server 10.6.8, OS X Lion Server v10.7 to v10.7.5", "OS X Lion Server v10.7 to v10.7.5", "OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "A type casting issue existed in Ruby on Rails' handling of XML parameters. This issue was addressed by disabling XML parameters in the Rails implementation used by Podcast Producer Server.", "id": "CVE-2013-0156", "impact": "A remote attacker may be able to cause arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5644", "http://support.apple.com/en-us/HT5672" ], "module": "Podcast Producer Server", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4" ], "credit": "", "description": "Multiple vulnerabilities existed in OpenSSL, the most serious of which may lead to disclosure of user data. These issues were addressed by updating OpenSSL to version 0.9.8y.", "id": "CVE-2013-0166", "impact": "Multiple vulnerabilities in OpenSSL", "links": [ "http://support.apple.com/en-us/HT5880" ], "module": "OpenSSL", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4", "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in OpenSSL, the most serious of which may lead to disclosure of user data. These issues were addressed by updating OpenSSL to version 0.9.8y.", "id": "CVE-2013-0169", "impact": "Multiple vulnerabilities in OpenSSL", "links": [ "http://support.apple.com/en-us/HT5666", "http://support.apple.com/en-us/HT5880" ], "module": "OpenSSL", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "", "description": "Multiple vulnerabilities existed in curl, the most serious of which may lead to arbitrary code execution. These issues were addressed by updating curl to version 7.30.0", "id": "CVE-2013-0249", "impact": "Multiple vulnerabilities in curl", "links": [ "http://support.apple.com/en-us/HT6011" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9 or later" ], "credit": "", "description": "The JSON Ruby Gem permanently allocated memory when parsing certain constructs in its input. An attacker could exploit this to use all available memory leading to a denial of service. This issue was addressed through additional validation of JSON data.", "id": "CVE-2013-0269", "impact": "A remote attacker may be able to cause a denial of service", "links": [ "http://support.apple.com/en-us/HT5999" ], "module": "Profile Manager", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8" ], "credit": "", "description": "Multiple vulnerabilities existed in Ruby on Rails, the most serious of which may lead to arbitrary code execution on systems running Ruby on Rails applications. These issues were addressed by updating Ruby on Rails to version 2.3.18. This issue may affect OS X Lion or OS X Mountain Lion systems that were upgraded from Mac OS X 10.6.8 or earlier. Users can update affected gems on such systems by using the /usr/bin/gem utility.", "id": "CVE-2013-0276", "impact": "Multiple vulnerabilities in Ruby on Rails", "links": [ "http://support.apple.com/en-us/HT5784" ], "module": "Ruby", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8" ], "credit": "", "description": "Multiple vulnerabilities existed in Ruby on Rails, the most serious of which may lead to arbitrary code execution on systems running Ruby on Rails applications. These issues were addressed by updating Ruby on Rails to version 2.3.18. This issue may affect OS X Lion or OS X Mountain Lion systems that were upgraded from Mac OS X 10.6.8 or earlier. Users can update affected gems on such systems by using the /usr/bin/gem utility.", "id": "CVE-2013-0277", "impact": "Multiple vulnerabilities in Ruby on Rails", "links": [ "http://support.apple.com/en-us/HT5784" ], "module": "Ruby", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.4 or later" ], "credit": "", "description": "When using the imap-send command, git did not verify that the server hostname matched a domain name in the X.509 certificate, which allowed a man-in-the-middle attacker to spoof SSL servers via an arbitrary valid certificate. This issue was addressed by updating git to version 1.8.3.1.", "id": "CVE-2013-0308", "impact": "An attacker with a privileged network position may intercept user credentials or other sensitive information", "links": [ "http://support.apple.com/en-us/HT5937" ], "module": "Git", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8", "OS X Lion Server v10.7 to v10.7.5", "OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Ruby on Rails, the most serious of which may lead to arbitrary code execution on systems running Ruby on Rails applications. These issues were addressed by updating Ruby on Rails to version 2.3.18. This issue may affect OS X Lion or OS X Mountain Lion systems that were upgraded from Mac OS X 10.6.8 or earlier. Users can update affected gems on such systems by using the /usr/bin/gem utility.", "id": "CVE-2013-0333", "impact": "Multiple vulnerabilities in Ruby on Rails", "links": [ "http://support.apple.com/en-us/HT5644", "http://support.apple.com/en-us/HT5672", "http://support.apple.com/en-us/HT5784" ], "module": "Ruby", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8", "OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_37, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_41. For Mac OS X v10.6 systems, these issues were addressed in Java for Mac OS X v10.6 Update 13. Further information is available via the Java website at", "id": "CVE-2013-0351", "impact": "Multiple vulnerabilities in Java 1.6.0_37", "links": [ "http://support.apple.com/en-us/HT5647", "http://support.apple.com/en-us/HT5666" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8", "OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_37, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_41. For Mac OS X v10.6 systems, these issues were addressed in Java for Mac OS X v10.6 Update 13. Further information is available via the Java website at", "id": "CVE-2013-0409", "impact": "Multiple vulnerabilities in Java 1.6.0_37", "links": [ "http://support.apple.com/en-us/HT5647", "http://support.apple.com/en-us/HT5666" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8", "OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_37, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_41. For Mac OS X v10.6 systems, these issues were addressed in Java for Mac OS X v10.6 Update 13. Further information is available via the Java website at", "id": "CVE-2013-0419", "impact": "Multiple vulnerabilities in Java 1.6.0_37", "links": [ "http://support.apple.com/en-us/HT5647", "http://support.apple.com/en-us/HT5666" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8", "OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_37, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_41. For Mac OS X v10.6 systems, these issues were addressed in Java for Mac OS X v10.6 Update 13. Further information is available via the Java website at", "id": "CVE-2013-0423", "impact": "Multiple vulnerabilities in Java 1.6.0_37", "links": [ "http://support.apple.com/en-us/HT5647", "http://support.apple.com/en-us/HT5666" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8", "OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_37, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_41. For Mac OS X v10.6 systems, these issues were addressed in Java for Mac OS X v10.6 Update 13. Further information is available via the Java website at", "id": "CVE-2013-0424", "impact": "Multiple vulnerabilities in Java 1.6.0_37", "links": [ "http://support.apple.com/en-us/HT5647", "http://support.apple.com/en-us/HT5666" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8", "OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_37, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_41. For Mac OS X v10.6 systems, these issues were addressed in Java for Mac OS X v10.6 Update 13. Further information is available via the Java website at", "id": "CVE-2013-0425", "impact": "Multiple vulnerabilities in Java 1.6.0_37", "links": [ "http://support.apple.com/en-us/HT5647", "http://support.apple.com/en-us/HT5666" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8", "OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_37, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_41. For Mac OS X v10.6 systems, these issues were addressed in Java for Mac OS X v10.6 Update 13. Further information is available via the Java website at", "id": "CVE-2013-0426", "impact": "Multiple vulnerabilities in Java 1.6.0_37", "links": [ "http://support.apple.com/en-us/HT5647", "http://support.apple.com/en-us/HT5666" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8", "OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_37, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_41. For Mac OS X v10.6 systems, these issues were addressed in Java for Mac OS X v10.6 Update 13. Further information is available via the Java website at", "id": "CVE-2013-0427", "impact": "Multiple vulnerabilities in Java 1.6.0_37", "links": [ "http://support.apple.com/en-us/HT5647", "http://support.apple.com/en-us/HT5666" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8", "OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_37, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_41. For Mac OS X v10.6 systems, these issues were addressed in Java for Mac OS X v10.6 Update 13. Further information is available via the Java website at", "id": "CVE-2013-0428", "impact": "Multiple vulnerabilities in Java 1.6.0_37", "links": [ "http://support.apple.com/en-us/HT5647", "http://support.apple.com/en-us/HT5666" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8", "OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_37, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_41. For Mac OS X v10.6 systems, these issues were addressed in Java for Mac OS X v10.6 Update 13. Further information is available via the Java website at", "id": "CVE-2013-0429", "impact": "Multiple vulnerabilities in Java 1.6.0_37", "links": [ "http://support.apple.com/en-us/HT5647", "http://support.apple.com/en-us/HT5666" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8", "OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_37, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_41. For Mac OS X v10.6 systems, these issues were addressed in Java for Mac OS X v10.6 Update 13. Further information is available via the Java website at", "id": "CVE-2013-0432", "impact": "Multiple vulnerabilities in Java 1.6.0_37", "links": [ "http://support.apple.com/en-us/HT5647", "http://support.apple.com/en-us/HT5666" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8", "OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_37, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_41. For Mac OS X v10.6 systems, these issues were addressed in Java for Mac OS X v10.6 Update 13. Further information is available via the Java website at", "id": "CVE-2013-0433", "impact": "Multiple vulnerabilities in Java 1.6.0_37", "links": [ "http://support.apple.com/en-us/HT5647", "http://support.apple.com/en-us/HT5666" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8", "OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_37, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_41. For Mac OS X v10.6 systems, these issues were addressed in Java for Mac OS X v10.6 Update 13. Further information is available via the Java website at", "id": "CVE-2013-0434", "impact": "Multiple vulnerabilities in Java 1.6.0_37", "links": [ "http://support.apple.com/en-us/HT5647", "http://support.apple.com/en-us/HT5666" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8", "OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_37, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_41. For Mac OS X v10.6 systems, these issues were addressed in Java for Mac OS X v10.6 Update 13. Further information is available via the Java website at", "id": "CVE-2013-0435", "impact": "Multiple vulnerabilities in Java 1.6.0_37", "links": [ "http://support.apple.com/en-us/HT5647", "http://support.apple.com/en-us/HT5666" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8", "OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_37, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_41. For Mac OS X v10.6 systems, these issues were addressed in Java for Mac OS X v10.6 Update 13. Further information is available via the Java website at", "id": "CVE-2013-0438", "impact": "Multiple vulnerabilities in Java 1.6.0_37", "links": [ "http://support.apple.com/en-us/HT5647", "http://support.apple.com/en-us/HT5666" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8", "OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_37, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_41. For Mac OS X v10.6 systems, these issues were addressed in Java for Mac OS X v10.6 Update 13. Further information is available via the Java website at", "id": "CVE-2013-0440", "impact": "Multiple vulnerabilities in Java 1.6.0_37", "links": [ "http://support.apple.com/en-us/HT5647", "http://support.apple.com/en-us/HT5666" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8", "OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_37, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_41. For Mac OS X v10.6 systems, these issues were addressed in Java for Mac OS X v10.6 Update 13. Further information is available via the Java website at", "id": "CVE-2013-0441", "impact": "Multiple vulnerabilities in Java 1.6.0_37", "links": [ "http://support.apple.com/en-us/HT5647", "http://support.apple.com/en-us/HT5666" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8", "OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_37, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_41. For Mac OS X v10.6 systems, these issues were addressed in Java for Mac OS X v10.6 Update 13. Further information is available via the Java website at", "id": "CVE-2013-0442", "impact": "Multiple vulnerabilities in Java 1.6.0_37", "links": [ "http://support.apple.com/en-us/HT5647", "http://support.apple.com/en-us/HT5666" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8", "OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_37, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_41. For Mac OS X v10.6 systems, these issues were addressed in Java for Mac OS X v10.6 Update 13. Further information is available via the Java website at", "id": "CVE-2013-0443", "impact": "Multiple vulnerabilities in Java 1.6.0_37", "links": [ "http://support.apple.com/en-us/HT5647", "http://support.apple.com/en-us/HT5666" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8", "OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_37, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_41. For Mac OS X v10.6 systems, these issues were addressed in Java for Mac OS X v10.6 Update 13. Further information is available via the Java website at", "id": "CVE-2013-0445", "impact": "Multiple vulnerabilities in Java 1.6.0_37", "links": [ "http://support.apple.com/en-us/HT5647", "http://support.apple.com/en-us/HT5666" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8", "OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_37, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_41. For Mac OS X v10.6 systems, these issues were addressed in Java for Mac OS X v10.6 Update 13. Further information is available via the Java website at", "id": "CVE-2013-0446", "impact": "Multiple vulnerabilities in Java 1.6.0_37", "links": [ "http://support.apple.com/en-us/HT5647", "http://support.apple.com/en-us/HT5666" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8", "OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_37, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_41. For Mac OS X v10.6 systems, these issues were addressed in Java for Mac OS X v10.6 Update 13. Further information is available via the Java website at", "id": "CVE-2013-0450", "impact": "Multiple vulnerabilities in Java 1.6.0_37", "links": [ "http://support.apple.com/en-us/HT5647", "http://support.apple.com/en-us/HT5666" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_41, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_43. Further information is available via the Java website at", "id": "CVE-2013-0809", "impact": "Multiple vulnerabilities in Java 1.6.0_41", "links": [ "http://support.apple.com/en-us/HT5677" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.3", "Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Atte Kettunen of OUSPG", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-0879", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5766", "http://support.apple.com/en-us/HT5785", "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.3", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Nils and Jon from MWR Labs working with HP TippingPoint's Zero Day Initiative", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-0912", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5701", "http://support.apple.com/en-us/HT5704", "http://support.apple.com/en-us/HT5766" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.3", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Aditya Gupta, Subho Halder, and Dev Kar of xys3c (xysec.com)", "description": "A cross-site scripting issue existed in the handling of copied and pasted data in HTML documents. This issue was addressed through additional validation of pasted content.", "id": "CVE-2013-0926", "impact": "Copying and pasting a malicious HTML snippet may lead to a cross-site scripting attack", "links": [ "http://support.apple.com/en-us/HT5785", "http://support.apple.com/en-us/HT5934" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.2", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Abhishek Arya (Inferno) of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-0948", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5642", "http://support.apple.com/en-us/HT5671", "http://support.apple.com/en-us/HT5766" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.2", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Abhishek Arya (Inferno) of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-0949", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5642", "http://support.apple.com/en-us/HT5671", "http://support.apple.com/en-us/HT5766" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.2", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Abhishek Arya (Inferno) of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-0950", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5642", "http://support.apple.com/en-us/HT5671", "http://support.apple.com/en-us/HT5766" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.2", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-0951", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5642", "http://support.apple.com/en-us/HT5671", "http://support.apple.com/en-us/HT5766" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.2", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Abhishek Arya (Inferno) of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-0952", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5642", "http://support.apple.com/en-us/HT5671", "http://support.apple.com/en-us/HT5766" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.2", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Abhishek Arya (Inferno) of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-0953", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5642", "http://support.apple.com/en-us/HT5671", "http://support.apple.com/en-us/HT5766" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.2", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Dominic Cooney of Google and Martin Barbella of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-0954", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5642", "http://support.apple.com/en-us/HT5671", "http://support.apple.com/en-us/HT5766" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.2", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-0955", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5642", "http://support.apple.com/en-us/HT5671", "http://support.apple.com/en-us/HT5766" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.2", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Apple Product Security", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-0956", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5642", "http://support.apple.com/en-us/HT5671", "http://support.apple.com/en-us/HT5766" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Jin Han of the Institute for Infocomm Research working with Qiang Yan and Su Mon Kywe of Singapore Management University", "description": "A privilege separation issue existed in Data Protection. An app within the third-party sandbox could repeatedly attempt to determine the user's passcode regardless of the user's \"Erase Data\" setting. This issue was addressed by requiring additional entitlement checks.", "id": "CVE-2013-0957", "impact": "Apps could bypass passcode-attempt restrictions", "links": [ "http://support.apple.com/en-us/HT5934" ], "module": "Data Protection", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.2", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Abhishek Arya (Inferno) of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-0958", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5642", "http://support.apple.com/en-us/HT5671", "http://support.apple.com/en-us/HT5766" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.2", "Windows 7, Vista, XP SP2 or later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Abhishek Arya (Inferno) of the Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-0959", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5642", "http://support.apple.com/en-us/HT5671", "http://support.apple.com/en-us/HT5766" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.2", "Windows 7, Vista, XP SP2 or later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-0960", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5671", "http://support.apple.com/en-us/HT5766" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.2", "Windows 7, Vista, XP SP2 or later" ], "credit": "wushi of team509 working with iDefense VCP", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-0961", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5671", "http://support.apple.com/en-us/HT5766" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.2", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Mario Heiderich of Cure53", "description": "A cross-site scripting issue existed in the handling of content pasted from a different origin. This issue was addressed through additional validation of pasted content.", "id": "CVE-2013-0962", "impact": "Copying and pasting content on a malicious website may lead to a cross-site scripting attack", "links": [ "http://support.apple.com/en-us/HT5642", "http://support.apple.com/en-us/HT5671" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7 to v10.7.5, OS X Lion Server v10.7 to v10.7.5, OS X Mountain Lion v10.8 to v10.8.2", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "", "description": "An error handling issue existed in Identity Services. If the user's AppleID certificate failed to validate, the user's AppleID was assumed to be the empty string. If multiple systems belonging to different users enter this state, applications relying on this identity determination may erroneously extend trust. This issue was addressed by ensuring that NULL is returned instead of an empty string.", "id": "CVE-2013-0963", "impact": "Authentication relying on certificate-based Apple ID authentication may be bypassed", "links": [ "http://support.apple.com/en-us/HT5642", "http://support.apple.com/en-us/HT5672" ], "module": "Identity Services", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Mark Dowd of Azimuth Security", "description": "The iOS kernel has checks to validate that the user-mode pointer and length passed to the copyin and copyout functions would not result in a user-mode process being able to directly access kernel memory. The checks were not being used if the length was smaller than one page. This issue was addressed through additional validation of the arguments to copyin and copyout.", "id": "CVE-2013-0964", "impact": "A user-mode process may be able to access the first page of kernel memory", "links": [ "http://support.apple.com/en-us/HT5642", "http://support.apple.com/en-us/HT5643" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.5, OS X Lion Server v10.7 to v10.7.5, OS X Mountain Lion v10.8 to v10.8.2" ], "credit": "Clint Ruoho of Laconic Security", "description": "A canonicalization issue existed in the handling of URIs with ignorable Unicode character sequences. This issue was addressed by updating mod_hfs_apple to forbid access to URIs with ignorable Unicode character sequences.", "id": "CVE-2013-0966", "impact": "An attacker may be able to access directories that are protected with HTTP authentication without knowing the correct credentials", "links": [ "http://support.apple.com/en-us/HT5672" ], "module": "Apache", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7 to v10.7.5, OS X Lion Server v10.7 to v10.7.5, OS X Mountain Lion v10.8 to v10.8.2" ], "credit": "", "description": "Java Web Start applications would run even if the Java plug-in was disabled. This issue was addressed by removing JNLP files from the CoreTypes safe file type list, so the Web Start application will not be run unless the user opens it in the Downloads directory.", "id": "CVE-2013-0967", "impact": "Visiting a maliciously crafted website could allow a Java Web Start application to be launched automatically even if the Java plug-in is disabled", "links": [ "http://support.apple.com/en-us/HT5672" ], "module": "CoreTypes", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Aaron Nelson", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-0968", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5642" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8 to v10.8.2" ], "credit": "Eric A. Schulman of Purpletree Labs", "description": "A logic error existed in VoiceOver's handling of the Login Window, whereby an attacker with access to the keyboard could launch System Preferences and modify the system configuration. This issue was addressed by preventing VoiceOver from launching applications at the Login Window.", "id": "CVE-2013-0969", "impact": "An attacker with keyboard access may modify the system configuration", "links": [ "http://support.apple.com/en-us/HT5672" ], "module": "Login Window", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8 to v10.8.2" ], "credit": "Aaron Sigel of vtty.com", "description": "Clicking on a specifically-formatted FaceTime:// URL in Messages could bypass the standard confirmation prompt. This issue was addressed by additional validation of FaceTime:// URLs.", "id": "CVE-2013-0970", "impact": "Clicking a link from Messages may initiate a FaceTime call without prompting", "links": [ "http://support.apple.com/en-us/HT5672" ], "module": "Messages", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.5, OS X Lion Server v10.7 to v10.7.5, OS X Mountain Lion v10.8 to v10.8.2" ], "credit": "Tobias Klein working with HP TippingPoint's Zero Day Initiative", "description": "A use after free issue existed in the handling of ink annotations in PDF files. This issue was addressed through improved memory management.", "id": "CVE-2013-0971", "impact": "Viewing a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5672" ], "module": "PDFKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.5, OS X Lion Server v10.7 to v10.7.5" ], "credit": "Emilio Escobar", "description": "Software Update allowed a man in the middle attacker to insert plugin content into the marketing text displayed for updates. This may allow the exploitation of a vulnerable plugin, or facilitate social engineering attacks involving plugins. This issue does not affect OS X Mountain Lion systems. This issue was addressed by preventing plugins from being loaded in Software Update's marketing text WebView.", "id": "CVE-2013-0973", "impact": "An attacker with a privileged network position may be able to cause arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5672" ], "module": "Software Update", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Andrew Plotkin of Zarfhome Software Consulting, Ben Madison of BitCloud, Marek Durcek", "description": "If a user disabled JavaScript in Safari Preferences, visiting a site which displayed a Smart App Banner would re-enable JavaScript without warning the user. This issue was addressed by not enabling JavaScript when visiting a site with a Smart App Banner.", "id": "CVE-2013-0974", "impact": "JavaScript may be enabled in Mobile Safari without user interaction", "links": [ "http://support.apple.com/en-us/HT5642" ], "module": "StoreKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7 to v10.7.5, OS X Lion Server v10.7 to v10.7.5, OS X Mountain Lion v10.8 to v10.8.2" ], "credit": "Tobias Klein working with HP's Zero Day Initiative", "description": "A buffer overflow existed in the handling of PICT images. This issue was addressed through improved bounds checking.", "id": "CVE-2013-0975", "impact": "Opening a maliciously crafted PICT image may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5784" ], "module": "QuickDraw Manager", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8 to v10.8.2" ], "credit": "an anonymous researcher", "description": "A memory corruption issue existed in the handling of graphics data. This issue was addressed through improved bounds checking.", "id": "CVE-2013-0976", "impact": "Viewing a maliciously crafted image may lead to an unexpected system termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5672" ], "module": "IOAcceleratorFamily", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "evad3rs", "description": "A state management issue existed in the handling of Mach-O executable files with overlapping segments. This issue was addressed by refusing to load an executable with overlapping segments.", "id": "CVE-2013-0977", "impact": "A local user may be able to execute unsigned code", "links": [ "http://support.apple.com/en-us/HT5702", "http://support.apple.com/en-us/HT5704" ], "module": "dyld", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "evad3rs", "description": "An information disclosure issue existed in the ARM prefetch abort handler. This issue was addressed by panicking if the prefetch abort handler is not being called from an abort context.", "id": "CVE-2013-0978", "impact": "A local user may be able to determine the address of structures in the kernel", "links": [ "http://support.apple.com/en-us/HT5702", "http://support.apple.com/en-us/HT5704" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "evad3rs", "description": "When restoring from backup, lockdownd changed permissions on certain files even if the path to the file included a symbolic link. This issue was addressed by not changing permissions on any file with a symlink in its path.", "id": "CVE-2013-0979", "impact": "A local user may be able to change permissions on arbitrary files", "links": [ "http://support.apple.com/en-us/HT5704" ], "module": "Lockdown", "rsr": "", "update": "" }, { "available": [ "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Christopher Heffley of theMedium.ca, videosdebarraquito", "description": "A logic issue existed in the handling of emergency calls from the lock screen. This issue was addressed through improved lock state management.", "id": "CVE-2013-0980", "impact": "A person with physical access to the device may be able to bypass the screen lock", "links": [ "http://support.apple.com/en-us/HT5704" ], "module": "Passcode Lock", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "evad3rs", "description": "The IOUSBDeviceFamily driver used pipe object pointers that came from userspace. This issue was addressed by performing additional validation of pipe object pointers.", "id": "CVE-2013-0981", "impact": "A local user may be able to execute arbitrary code in the kernel", "links": [ "http://support.apple.com/en-us/HT5702", "http://support.apple.com/en-us/HT5704" ], "module": "USB", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8 to v10.8.3" ], "credit": "Alexander Traud of www.traud.de", "description": "Permanent cookies were saved after quitting Safari, even when Private Browsing was enabled. This issue was addressed by improved handling of cookies.", "id": "CVE-2013-0982", "impact": "An attacker with access to a user's session may be able to log into previously accessed sites, even if Private Browsing was used", "links": [ "http://support.apple.com/en-us/HT5784" ], "module": "CFNetwork", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8 to v10.8.3" ], "credit": "David Fifield of Stanford University, Ben Syverson", "description": "An unbounded stack allocation issue existed in the handling of text glyphs. This could be triggered by maliciously crafted URLs in Safari. The issue was addressed through improved bounds checking.", "id": "CVE-2013-0983", "impact": "Visiting a maliciously crafted site may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5784" ], "module": "CoreAnimation", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8" ], "credit": "Nicolas Economou of Core Security", "description": "An issue existed in the directory server's handling of messages from the network. By sending a maliciously crafted message, a remote attacker could cause the directory server to terminate or execute arbitrary code with system privileges. This issue was addressed through improved bounds checking. This issue does not affect OS X Lion or OS X Mountain Lion systems.", "id": "CVE-2013-0984", "impact": "A remote attacker may execute arbitrary code with system privileges on systems with Directory Service enabled", "links": [ "http://support.apple.com/en-us/HT5784" ], "module": "Directory Service", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8 to v10.8.3" ], "credit": "", "description": "A local user who is not an administrator may disable FileVault using the command-line. This issue was addressed by adding additional authentication.", "id": "CVE-2013-0985", "impact": "A local user may disable FileVault", "links": [ "http://support.apple.com/en-us/HT5784" ], "module": "Disk Management", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.5, OS X Lion Server v10.7 to v10.7.5, OS X Mountain Lion v10.8 to v10.8.3", "Windows 7, Vista, XP SP2 or later" ], "credit": "Tom Gallagher (Microsoft) & Paul Bates (Microsoft) working with HP's Zero Day Initiative", "description": "A buffer overflow existed in the handling of 'enof' atoms. This issue was addressed through improved bounds checking.", "id": "CVE-2013-0986", "impact": "Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5770", "http://support.apple.com/en-us/HT5784" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.5, OS X Lion Server v10.7 to v10.7.5, OS X Mountain Lion v10.8 to v10.8.3", "Windows 7, Vista, XP SP2 or later" ], "credit": "roob working with iDefense VCP", "description": "A memory corruption issue existed in the handling of QTIF files. This issue was addressed through improved bounds checking.", "id": "CVE-2013-0987", "impact": "Viewing a maliciously crafted QTIF file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5770", "http://support.apple.com/en-us/HT5784" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.5, OS X Lion Server v10.7 to v10.7.5, OS X Mountain Lion v10.8 to v10.8.3", "Windows 7, Vista, XP SP2 or later" ], "credit": "G. Geshev working with HP's Zero Day Initiative", "description": "A buffer overflow existed in the handling of FPX files. This issue was addressed through improved bounds checking.", "id": "CVE-2013-0988", "impact": "Viewing a maliciously crafted FPX file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5770", "http://support.apple.com/en-us/HT5784" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8 to v10.8.3", "Windows 7, Vista, XP SP2 or later" ], "credit": "G. Geshev working with HP's Zero Day Initiative", "description": "A buffer overflow existed in the handling of MP3 files. This issue was addressed through improved bounds checking.", "id": "CVE-2013-0989", "impact": "Playing a maliciously crafted MP3 file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5770", "http://support.apple.com/en-us/HT5784" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7 to v10.7.5, OS X Lion Server v10.7 to v10.7.5, OS X Mountain Lion v10.8 to v10.8.3" ], "credit": "Ward van Wanrooij", "description": "If SMB file sharing is enabled, an authenticated user may be able to write files outside the shared directory. This issue was addressed through improved access control.", "id": "CVE-2013-0990", "impact": "An authenticated user may be able to write files outside the shared directory", "links": [ "http://support.apple.com/en-us/HT5784" ], "module": "SMB", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.3", "Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Jay Civelli of the Chromium development community", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-0991", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5766", "http://support.apple.com/en-us/HT5785", "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.3", "Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Google Chrome Security Team (Martin Barbella)", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-0992", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5766", "http://support.apple.com/en-us/HT5785", "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.3", "Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Google Chrome Security Team (Inferno)", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-0993", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5766", "http://support.apple.com/en-us/HT5785", "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.3", "Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "David German of Google", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-0994", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5766", "http://support.apple.com/en-us/HT5785", "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.3", "Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Google Chrome Security Team (Inferno)", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-0995", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5766", "http://support.apple.com/en-us/HT5785", "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.3", "Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Google Chrome Security Team (Inferno)", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-0996", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5766", "http://support.apple.com/en-us/HT5785", "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "Mac OS X v10.6.8, Mac OS X Server v10.6.8", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.3", "Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Vitaliy Toropov working with HP's Zero Day Initiative", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-0997", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5766", "http://support.apple.com/en-us/HT5785", "http://support.apple.com/en-us/HT5921", "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.3", "Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "pa_kt working with HP's Zero Day Initiative", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-0998", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5766", "http://support.apple.com/en-us/HT5785", "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.3", "Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "pa_kt working with HP's Zero Day Initiative", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-0999", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5766", "http://support.apple.com/en-us/HT5785", "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.3", "Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Fermin J. Serna of the Google Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-1000", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5766", "http://support.apple.com/en-us/HT5785", "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.3", "Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Ryan Humenick", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-1001", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5766", "http://support.apple.com/en-us/HT5785", "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.3", "Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Sergey Glazunov", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-1002", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5766", "http://support.apple.com/en-us/HT5785", "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.3", "Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Google Chrome Security Team (Inferno)", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-1003", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5766", "http://support.apple.com/en-us/HT5785", "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.3", "Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Google Chrome Security Team (Martin Barbella)", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-1004", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5766", "http://support.apple.com/en-us/HT5785", "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.3", "Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Google Chrome Security Team (Martin Barbella)", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-1005", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5766", "http://support.apple.com/en-us/HT5785", "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.3", "Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Google Chrome Security Team (Martin Barbella)", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-1006", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5766", "http://support.apple.com/en-us/HT5785", "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.3", "Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Google Chrome Security Team (Inferno)", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-1007", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5766", "http://support.apple.com/en-us/HT5785", "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.3", "Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Sergey Glazunov", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-1008", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5766", "http://support.apple.com/en-us/HT5785", "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.3" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-1009", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5785" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.3", "Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "miaubiz", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-1010", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5766", "http://support.apple.com/en-us/HT5785", "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.3", "Windows 7, Vista, XP SP2 or later" ], "credit": "Google Chrome Security Team (Inferno)", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-1011", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5766", "http://support.apple.com/en-us/HT5785", "http://support.apple.com/en-us/HT5935" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.3", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Subodh Iyengar and Erling Ellingsen of Facebook", "description": "A cross-site scripting issue existed in the handling of iframes. This issue was addressed through improved origin tracking.", "id": "CVE-2013-1012", "impact": "Visiting a maliciously crafted website may lead to a cross-site scripting attack", "links": [ "http://support.apple.com/en-us/HT5785", "http://support.apple.com/en-us/HT5934" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.3" ], "credit": "Sam Power of Pentest Limited", "description": "XSS Auditor may rewrite URLs to prevent cross-site scripting attacks. This may lead to a malicious alteration of the behavior of a form submission. This issue was addressed through improved validation of URLs.", "id": "CVE-2013-1013", "impact": "Following a maliciously crafted link could lead to unexpected behavior on the target site", "links": [ "http://support.apple.com/en-us/HT5785" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 or later, Windows 7, Vista, XP SP2 or later" ], "credit": "Christopher of ThinkSECURE Pte Ltd, Christopher Hickstein of University of Minnesota", "description": "A certificate validation issue existed in iTunes. In certain contexts, an active network attacker could present untrusted certificates to iTunes and they would be accepted without warning. This issue was resolved by improved certificate validation.", "id": "CVE-2013-1014", "impact": "An attacker in a privileged network position may manipulate HTTPS server certificates, leading to the disclosure of sensitive information", "links": [ "http://support.apple.com/en-us/HT5766" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later" ], "credit": "Aniway.Anyway@gmail.com working with HP's Zero Day Initiative", "description": "A memory corruption issue existed in the handling of TeXML files. This issue was addressed through improved bounds checking.", "id": "CVE-2013-1015", "impact": "Opening a maliciously crafted TeXML file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5770" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later" ], "credit": "Tom Gallagher (Microsoft) & Paul Bates (Microsoft) working with HP's Zero Day Initiative", "description": "A buffer overflow existed in the handling of H.263 encoded movie files. This issue was addressed through improved bounds checking.", "id": "CVE-2013-1016", "impact": "Playing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5770" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later" ], "credit": "Tom Gallagher (Microsoft) & Paul Bates (Microsoft) working with HP's Zero Day Initiative", "description": "A buffer overflow existed in the handling of 'dref' atoms. This issue was addressed through improved bounds checking.", "id": "CVE-2013-1017", "impact": "Playing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5770" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.4", "Windows 7, Vista, XP SP2 or later" ], "credit": "G. Geshev working with HP's Zero Day Initiative", "description": "A buffer overflow existed in the handling of H.264 encoded movie files. This issue was addressed through improved bounds checking.", "id": "CVE-2013-1018", "impact": "Playing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5770", "http://support.apple.com/en-us/HT5806" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.4", "Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Tom Gallagher (Microsoft) & Paul Bates (Microsoft) working with HP's Zero Day Initiative", "description": "A buffer overflow existed in the handling of Sorenson encoded movie files. This issue was addressed through improved bounds checking.", "id": "CVE-2013-1019", "impact": "Playing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5770", "http://support.apple.com/en-us/HT5806", "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935" ], "module": "CoreMedia", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later" ], "credit": "Tom Gallagher (Microsoft) & Paul Bates (Microsoft) working with HP's Zero Day Initiative", "description": "A memory corruption issue existed in the handling of JPEG encoded data. This issue was addressed through improved bounds checking.", "id": "CVE-2013-1020", "impact": "Playing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5770" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later" ], "credit": "Mil3s beep working with HP's Zero Day Initiative", "description": "A buffer overflow existed in the handling of JPEG encoded data. This issue was addressed through improved bounds checking.", "id": "CVE-2013-1021", "impact": "Opening a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5770" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.4", "Windows 7, Vista, XP SP2 or later" ], "credit": "Andrea Micalizzi aka rgod working with HP's Zero Day Initiative", "description": "A buffer underflow existed in the handling of 'mvhd' atoms. This issue was addressed through improved bounds checking.", "id": "CVE-2013-1022", "impact": "Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5770", "http://support.apple.com/en-us/HT5806" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.3" ], "credit": "Google Chrome Security Team (Inferno)", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-1023", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5785" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7 to v10.7.5, OS X Lion Server v10.7 to v10.7.5, OS X Mountain Lion v10.8 to v10.8.3" ], "credit": "Richard Kuo and Billy Suguitan of Triemt Corporation", "description": "An uninitialized memory access issue existed in the handling of text tracks. This issue was addressed by additional validation of text tracks.", "id": "CVE-2013-1024", "impact": "Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5784" ], "module": "CoreMedia Playback", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Mountain Lion v10.8 to v10.8.4", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Felix Groebert of the Google Security Team", "description": "A buffer overflow existed in the handling of JBIG2 encoded data in PDF files. This issue was addressed through additional bounds checking.", "id": "CVE-2013-1025", "impact": "Viewing a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5880", "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935" ], "module": "CoreGraphics", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Mountain Lion v10.8 to v10.8.4", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Felix Groebert of the Google Security Team", "description": "A buffer overflow existed in the handling of JPEG2000 encoded data in PDF files. This issue was addressed through additional bounds checking.", "id": "CVE-2013-1026", "impact": "Viewing a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5880", "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4" ], "credit": "", "description": "When Installer encountered a revoked certificate, it would present a dialog with an option to continue. The issue was addressed by removing the dialog and refusing any revoked package.", "id": "CVE-2013-1027", "impact": "Packages could be opened after certificate revocation", "links": [ "http://support.apple.com/en-us/HT5880" ], "module": "Installer", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Alexander Traud of www.traud.de", "description": "The DNS name of an IPSec Hybrid Auth server was not being matched against the certificate, allowing an attacker with a certificate for any server to impersonate any other. This issue was addressed by improved certificate checking.", "id": "CVE-2013-1028", "impact": "An attacker may intercept data protected with IPSec Hybrid Auth", "links": [ "http://support.apple.com/en-us/HT5880", "http://support.apple.com/en-us/HT5934" ], "module": "IPSec", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8 to v10.8.4" ], "credit": "Christopher Bohn of PROTECTSTAR INC.", "description": "An incorrect check in the IGMP packet parsing code in the kernel allowed a user who could send IGMP packets to the system to cause a kernel panic. The issue was addressed by removing the check.", "id": "CVE-2013-1029", "impact": "A local network user may cause a denial of service", "links": [ "http://support.apple.com/en-us/HT5880" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4" ], "credit": "Per Olofsson at the University of Gothenburg", "description": "A password was passed on the command-line to mdmclient, which made it visible to other users on the same system. The issue was addressed by communicating the password through a pipe.", "id": "CVE-2013-1030", "impact": "Passwords may be disclosed to other local users", "links": [ "http://support.apple.com/en-us/HT5880" ], "module": "Mobile Device Management", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8 to v10.8.4" ], "credit": "", "description": "A power assertion lock issue existed. This issue was addressed through improved lock handling.", "id": "CVE-2013-1031", "impact": "The screen saver may not start after the specified time period", "links": [ "http://support.apple.com/en-us/HT5880" ], "module": "Power Management", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4" ], "credit": "Jason Kratzer working with iDefense VCP", "description": "A memory corruption issue existed in the handling of 'idsc' atoms in QuickTime movie files. This issue was addressed through additional bounds checking.", "id": "CVE-2013-1032", "impact": "Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5880" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8 to v10.8.4" ], "credit": "Jeff Grisso of Atos IT Solutions, S\u00e9bastien Stormacq", "description": "A session management issue existed in the screen lock's handling of screen sharing sessions. This issue was addressed through improved session tracking.", "id": "CVE-2013-1033", "impact": "A user with screen sharing access may be able to bypass the screen lock when another user is logged in", "links": [ "http://support.apple.com/en-us/HT5880" ], "module": "Screen Lock", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8 or later" ], "credit": "David Hoyt of Hoyt LLC Research", "description": "Multiple cross-site scripting issues existed in Wiki Server. These issues were addressed by improved encoding of HTML output.", "id": "CVE-2013-1034", "impact": "Multiple vulnerabilities in Wiki Server", "links": [ "http://support.apple.com/en-us/HT5892" ], "module": "Wiki Server", "rsr": "", "update": "" }, { "available": [ "Windows 7, Windows Vista, and Windows XP SP2 or later" ], "credit": "Honggang Ren of Fortinet's FortiGuard Labs", "description": "A memory corruption issue existed in the iTunes ActiveX control. This issue was addressed through additional bounds checking.", "id": "CVE-2013-1035", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.", "links": [ "http://support.apple.com/en-us/HT5936" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Kai Lu of Fortinet's FortiGuard Labs", "description": "A memory corruption issue existed in the handling of XML files. This issue was addressed through additional bounds checking.", "id": "CVE-2013-1036", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT6000" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.3", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-1037", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935", "http://support.apple.com/en-us/HT6000" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.3", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-1038", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935", "http://support.apple.com/en-us/HT6000" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.3", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "own-hero Research working with iDefense VCP", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-1039", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935", "http://support.apple.com/en-us/HT6000" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.3", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-1040", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935", "http://support.apple.com/en-us/HT6000" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.3", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-1041", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935", "http://support.apple.com/en-us/HT6000" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.3", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-1042", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935", "http://support.apple.com/en-us/HT6000" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.3", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-1043", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935", "http://support.apple.com/en-us/HT6000" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.3", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-1044", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935", "http://support.apple.com/en-us/HT6000" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.3", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-1045", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935", "http://support.apple.com/en-us/HT6000" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.3", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-1046", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935", "http://support.apple.com/en-us/HT6000" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.3", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "miaubiz", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-1047", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935", "http://support.apple.com/en-us/HT6000" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8", "OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_37, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_41. For Mac OS X v10.6 systems, these issues were addressed in Java for Mac OS X v10.6 Update 13. Further information is available via the Java website at", "id": "CVE-2013-1473", "impact": "Multiple vulnerabilities in Java 1.6.0_37", "links": [ "http://support.apple.com/en-us/HT5647", "http://support.apple.com/en-us/HT5666" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8", "OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_37, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_41. For Mac OS X v10.6 systems, these issues were addressed in Java for Mac OS X v10.6 Update 13. Further information is available via the Java website at", "id": "CVE-2013-1475", "impact": "Multiple vulnerabilities in Java 1.6.0_37", "links": [ "http://support.apple.com/en-us/HT5647", "http://support.apple.com/en-us/HT5666" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8", "OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_37, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_41. For Mac OS X v10.6 systems, these issues were addressed in Java for Mac OS X v10.6 Update 13. Further information is available via the Java website at", "id": "CVE-2013-1476", "impact": "Multiple vulnerabilities in Java 1.6.0_37", "links": [ "http://support.apple.com/en-us/HT5647", "http://support.apple.com/en-us/HT5666" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8", "OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_37, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_41. For Mac OS X v10.6 systems, these issues were addressed in Java for Mac OS X v10.6 Update 13. Further information is available via the Java website at", "id": "CVE-2013-1478", "impact": "Multiple vulnerabilities in Java 1.6.0_37", "links": [ "http://support.apple.com/en-us/HT5647", "http://support.apple.com/en-us/HT5666" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8", "OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_37, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_41. For Mac OS X v10.6 systems, these issues were addressed in Java for Mac OS X v10.6 Update 13. Further information is available via the Java website at", "id": "CVE-2013-1480", "impact": "Multiple vulnerabilities in Java 1.6.0_37", "links": [ "http://support.apple.com/en-us/HT5647", "http://support.apple.com/en-us/HT5666" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8", "OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_37, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_41. For Mac OS X v10.6 systems, these issues were addressed in Java for Mac OS X v10.6 Update 13. Further information is available via the Java website at", "id": "CVE-2013-1481", "impact": "Multiple vulnerabilities in Java 1.6.0_37", "links": [ "http://support.apple.com/en-us/HT5647", "http://support.apple.com/en-us/HT5666" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_41. Further information is available via the Java website at", "id": "CVE-2013-1486", "impact": "Multiple vulnerabilities in Java", "links": [ "http://support.apple.com/en-us/HT5666" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_41. Further information is available via the Java website at", "id": "CVE-2013-1487", "impact": "Multiple vulnerabilities in Java", "links": [ "http://support.apple.com/en-us/HT5666" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_43, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_45. Further information is available via the Java website at", "id": "CVE-2013-1491", "impact": "Multiple vulnerabilities in Java 1.6.0_43", "links": [ "http://support.apple.com/en-us/HT5734" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_41, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_43. Further information is available via the Java website at", "id": "CVE-2013-1493", "impact": "Multiple vulnerabilities in Java 1.6.0_41", "links": [ "http://support.apple.com/en-us/HT5677" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_45, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_51. Further information is available via the Java website at", "id": "CVE-2013-1500", "impact": "Multiple vulnerabilities in Java 1.6.0_45", "links": [ "http://support.apple.com/en-us/HT5797" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_43, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_45. Further information is available via the Java website at", "id": "CVE-2013-1537", "impact": "Multiple vulnerabilities in Java 1.6.0_43", "links": [ "http://support.apple.com/en-us/HT5734" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_43, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_45. Further information is available via the Java website at", "id": "CVE-2013-1540", "impact": "Multiple vulnerabilities in Java 1.6.0_43", "links": [ "http://support.apple.com/en-us/HT5734" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_43, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_45. Further information is available via the Java website at", "id": "CVE-2013-1557", "impact": "Multiple vulnerabilities in Java 1.6.0_43", "links": [ "http://support.apple.com/en-us/HT5734" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_43, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_45. Further information is available via the Java website at", "id": "CVE-2013-1558", "impact": "Multiple vulnerabilities in Java 1.6.0_43", "links": [ "http://support.apple.com/en-us/HT5734" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_43, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_45. Further information is available via the Java website at", "id": "CVE-2013-1563", "impact": "Multiple vulnerabilities in Java 1.6.0_43", "links": [ "http://support.apple.com/en-us/HT5734" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_43, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_45. Further information is available via the Java website at", "id": "CVE-2013-1569", "impact": "Multiple vulnerabilities in Java 1.6.0_43", "links": [ "http://support.apple.com/en-us/HT5734" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_45, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_51. Further information is available via the Java website at", "id": "CVE-2013-1571", "impact": "Multiple vulnerabilities in Java 1.6.0_45", "links": [ "http://support.apple.com/en-us/HT5797" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP, the most serious of which may lead to arbitrary code execution. These issues were addressed by updating PHP to version 5.3.26.", "id": "CVE-2013-1635", "impact": "Multiple vulnerabilities in PHP", "links": [ "http://support.apple.com/en-us/HT5880" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP, the most serious of which may lead to arbitrary code execution. These issues were addressed by updating PHP to version 5.3.26.", "id": "CVE-2013-1643", "impact": "Multiple vulnerabilities in PHP", "links": [ "http://support.apple.com/en-us/HT5880" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "", "description": "The rehash mechanism in outdated versions of Perl may be vulnerable to denial of service in scripts that use untrusted input as hash keys. The issue is addressed by updating to Perl 5.16.2.", "id": "CVE-2013-1667", "impact": "Perl scripts may be vulnerable to denial of service.", "links": [ "http://support.apple.com/en-us/HT6011" ], "module": "perl", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4" ], "credit": "", "description": "By setting the system clock, an attacker may be able to use sudo to gain root privileges on systems where sudo has been used before. On OS X, only admin users can change the system clock. This issue was addressed by checking for an invalid timestamp.", "id": "CVE-2013-1775", "impact": "An attacker with control of an admin user's account may be able to gain root privileges without knowing the user's password", "links": [ "http://support.apple.com/en-us/HT5880" ], "module": "sudo", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP, the most serious of which may lead to arbitrary code execution. These issues were addressed by updating PHP to version 5.3.26.", "id": "CVE-2013-1824", "impact": "Multiple vulnerabilities in PHP", "links": [ "http://support.apple.com/en-us/HT5880" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8", "OS X Mavericks v10.9 or later" ], "credit": "", "description": "Multiple issues existed in Ruby on Rails, the most serious of which may lead to cross site scripting. These issues were addressed by updating the Rails implementation used by Profile Manager to version 2.3.18.", "id": "CVE-2013-1854", "impact": "Multiple issues in Ruby on Rails", "links": [ "http://support.apple.com/en-us/HT5784", "http://support.apple.com/en-us/HT5999" ], "module": "Profile Manager", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8", "OS X Mavericks v10.9 or later" ], "credit": "", "description": "Multiple issues existed in Ruby on Rails, the most serious of which may lead to cross site scripting. These issues were addressed by updating the Rails implementation used by Profile Manager to version 2.3.18.", "id": "CVE-2013-1855", "impact": "Multiple issues in Ruby on Rails", "links": [ "http://support.apple.com/en-us/HT5784", "http://support.apple.com/en-us/HT5999" ], "module": "Profile Manager", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8", "OS X Mavericks v10.9 or later" ], "credit": "", "description": "Multiple issues existed in Ruby on Rails, the most serious of which may lead to cross site scripting. These issues were addressed by updating the Rails implementation used by Profile Manager to version 2.3.18.", "id": "CVE-2013-1856", "impact": "Multiple issues in Ruby on Rails", "links": [ "http://support.apple.com/en-us/HT5784", "http://support.apple.com/en-us/HT5999" ], "module": "Profile Manager", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8", "OS X Mavericks v10.9 or later" ], "credit": "", "description": "Multiple issues existed in Ruby on Rails, the most serious of which may lead to cross site scripting. These issues were addressed by updating the Rails implementation used by Profile Manager to version 2.3.18.", "id": "CVE-2013-1857", "impact": "Multiple issues in Ruby on Rails", "links": [ "http://support.apple.com/en-us/HT5784", "http://support.apple.com/en-us/HT5999" ], "module": "Profile Manager", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4", "OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in PostgreSQL, the most serious of which may lead to data corruption or privilege escalation. This update addresses the issues by updating PostgreSQL to version 9.2.4", "id": "CVE-2013-1899", "impact": "Multiple vulnerabilities in PostgreSQL", "links": [ "http://support.apple.com/en-us/HT5880", "http://support.apple.com/en-us/HT5892" ], "module": "PostgreSQL", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4", "OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in PostgreSQL, the most serious of which may lead to data corruption or privilege escalation. This update addresses the issues by updating PostgreSQL to version 9.2.4", "id": "CVE-2013-1900", "impact": "Multiple vulnerabilities in PostgreSQL", "links": [ "http://support.apple.com/en-us/HT5880", "http://support.apple.com/en-us/HT5892" ], "module": "PostgreSQL", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4", "OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in PostgreSQL, the most serious of which may lead to data corruption or privilege escalation. This update addresses the issues by updating PostgreSQL to version 9.2.4", "id": "CVE-2013-1901", "impact": "Multiple vulnerabilities in PostgreSQL", "links": [ "http://support.apple.com/en-us/HT5880", "http://support.apple.com/en-us/HT5892" ], "module": "PostgreSQL", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "", "description": "Multiple vulnerabilities existed in curl, the most serious of which may lead to arbitrary code execution. These issues were addressed by updating curl to version 7.30.0", "id": "CVE-2013-1944", "impact": "Multiple vulnerabilities in curl", "links": [ "http://support.apple.com/en-us/HT6011" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7.5, OS X Lion Server v10.7.5", "OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in ClamAV, the most serious of which may lead to arbitrary code execution. This update addresses the issues by updating ClamAV to version 0.97.8.", "id": "CVE-2013-2020", "impact": "Multiple vulnerabilities in ClamAV", "links": [ "http://support.apple.com/en-us/HT5880", "http://support.apple.com/en-us/HT5892" ], "module": "ClamAV", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7.5, OS X Lion Server v10.7.5", "OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in ClamAV, the most serious of which may lead to arbitrary code execution. This update addresses the issues by updating ClamAV to version 0.97.8.", "id": "CVE-2013-2021", "impact": "Multiple vulnerabilities in ClamAV", "links": [ "http://support.apple.com/en-us/HT5880", "http://support.apple.com/en-us/HT5892" ], "module": "ClamAV", "rsr": "", "update": "" }, { "available": [ "Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP, the most serious of which may lead to arbitrary code execution. These issues were addressed by updating PHP to version 5.3.26.", "id": "CVE-2013-2110", "impact": "Multiple vulnerabilities in PHP", "links": [ "http://support.apple.com/en-us/HT5880" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4" ], "credit": "", "description": "Multiple vulnerabilities existed in BIND, the most serious of which may lead to a denial of service. These issues were addressed by updating BIND to version 9.8.5-P1. CVE-2012-5688 did not affect Mac OS X v10.7 systems.", "id": "CVE-2013-2266", "impact": "Multiple vulnerabilities in BIND", "links": [ "http://support.apple.com/en-us/HT5880" ], "module": "Bind", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_43, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_45. Further information is available via the Java website at", "id": "CVE-2013-2383", "impact": "Multiple vulnerabilities in Java 1.6.0_43", "links": [ "http://support.apple.com/en-us/HT5734" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_43, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_45. Further information is available via the Java website at", "id": "CVE-2013-2384", "impact": "Multiple vulnerabilities in Java 1.6.0_43", "links": [ "http://support.apple.com/en-us/HT5734" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_43, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_45. Further information is available via the Java website at", "id": "CVE-2013-2394", "impact": "Multiple vulnerabilities in Java 1.6.0_43", "links": [ "http://support.apple.com/en-us/HT5734" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_45, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_51. Further information is available via the Java website at", "id": "CVE-2013-2407", "impact": "Multiple vulnerabilities in Java 1.6.0_45", "links": [ "http://support.apple.com/en-us/HT5797" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_45, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_51. Further information is available via the Java website at", "id": "CVE-2013-2412", "impact": "Multiple vulnerabilities in Java 1.6.0_45", "links": [ "http://support.apple.com/en-us/HT5797" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_43, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_45. Further information is available via the Java website at", "id": "CVE-2013-2417", "impact": "Multiple vulnerabilities in Java 1.6.0_43", "links": [ "http://support.apple.com/en-us/HT5734" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_43, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_45. Further information is available via the Java website at", "id": "CVE-2013-2419", "impact": "Multiple vulnerabilities in Java 1.6.0_43", "links": [ "http://support.apple.com/en-us/HT5734" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_43, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_45. Further information is available via the Java website at", "id": "CVE-2013-2420", "impact": "Multiple vulnerabilities in Java 1.6.0_43", "links": [ "http://support.apple.com/en-us/HT5734" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_43, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_45. Further information is available via the Java website at", "id": "CVE-2013-2422", "impact": "Multiple vulnerabilities in Java 1.6.0_43", "links": [ "http://support.apple.com/en-us/HT5734" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_43, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_45. Further information is available via the Java website at", "id": "CVE-2013-2424", "impact": "Multiple vulnerabilities in Java 1.6.0_43", "links": [ "http://support.apple.com/en-us/HT5734" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_43, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_45. Further information is available via the Java website at", "id": "CVE-2013-2429", "impact": "Multiple vulnerabilities in Java 1.6.0_43", "links": [ "http://support.apple.com/en-us/HT5734" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_43, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_45. Further information is available via the Java website at", "id": "CVE-2013-2430", "impact": "Multiple vulnerabilities in Java 1.6.0_43", "links": [ "http://support.apple.com/en-us/HT5734" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_43, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_45. Further information is available via the Java website at", "id": "CVE-2013-2432", "impact": "Multiple vulnerabilities in Java 1.6.0_43", "links": [ "http://support.apple.com/en-us/HT5734" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_43, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_45. Further information is available via the Java website at", "id": "CVE-2013-2435", "impact": "Multiple vulnerabilities in Java 1.6.0_43", "links": [ "http://support.apple.com/en-us/HT5734" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_45, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_51. Further information is available via the Java website at", "id": "CVE-2013-2437", "impact": "Multiple vulnerabilities in Java 1.6.0_45", "links": [ "http://support.apple.com/en-us/HT5797" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_43, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_45. Further information is available via the Java website at", "id": "CVE-2013-2440", "impact": "Multiple vulnerabilities in Java 1.6.0_43", "links": [ "http://support.apple.com/en-us/HT5734" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_45, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_51. Further information is available via the Java website at", "id": "CVE-2013-2442", "impact": "Multiple vulnerabilities in Java 1.6.0_45", "links": [ "http://support.apple.com/en-us/HT5797" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_45, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_51. Further information is available via the Java website at", "id": "CVE-2013-2443", "impact": "Multiple vulnerabilities in Java 1.6.0_45", "links": [ "http://support.apple.com/en-us/HT5797" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_45, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_51. Further information is available via the Java website at", "id": "CVE-2013-2444", "impact": "Multiple vulnerabilities in Java 1.6.0_45", "links": [ "http://support.apple.com/en-us/HT5797" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_45, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_51. Further information is available via the Java website at", "id": "CVE-2013-2445", "impact": "Multiple vulnerabilities in Java 1.6.0_45", "links": [ "http://support.apple.com/en-us/HT5797" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_45, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_51. Further information is available via the Java website at", "id": "CVE-2013-2446", "impact": "Multiple vulnerabilities in Java 1.6.0_45", "links": [ "http://support.apple.com/en-us/HT5797" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_45, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_51. Further information is available via the Java website at", "id": "CVE-2013-2447", "impact": "Multiple vulnerabilities in Java 1.6.0_45", "links": [ "http://support.apple.com/en-us/HT5797" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_45, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_51. Further information is available via the Java website at", "id": "CVE-2013-2448", "impact": "Multiple vulnerabilities in Java 1.6.0_45", "links": [ "http://support.apple.com/en-us/HT5797" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_45, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_51. Further information is available via the Java website at", "id": "CVE-2013-2450", "impact": "Multiple vulnerabilities in Java 1.6.0_45", "links": [ "http://support.apple.com/en-us/HT5797" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_45, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_51. Further information is available via the Java website at", "id": "CVE-2013-2451", "impact": "Multiple vulnerabilities in Java 1.6.0_45", "links": [ "http://support.apple.com/en-us/HT5797" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_45, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_51. Further information is available via the Java website at", "id": "CVE-2013-2452", "impact": "Multiple vulnerabilities in Java 1.6.0_45", "links": [ "http://support.apple.com/en-us/HT5797" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_45, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_51. Further information is available via the Java website at", "id": "CVE-2013-2453", "impact": "Multiple vulnerabilities in Java 1.6.0_45", "links": [ "http://support.apple.com/en-us/HT5797" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_45, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_51. Further information is available via the Java website at", "id": "CVE-2013-2454", "impact": "Multiple vulnerabilities in Java 1.6.0_45", "links": [ "http://support.apple.com/en-us/HT5797" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_45, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_51. Further information is available via the Java website at", "id": "CVE-2013-2455", "impact": "Multiple vulnerabilities in Java 1.6.0_45", "links": [ "http://support.apple.com/en-us/HT5797" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_45, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_51. Further information is available via the Java website at", "id": "CVE-2013-2456", "impact": "Multiple vulnerabilities in Java 1.6.0_45", "links": [ "http://support.apple.com/en-us/HT5797" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_45, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_51. Further information is available via the Java website at", "id": "CVE-2013-2457", "impact": "Multiple vulnerabilities in Java 1.6.0_45", "links": [ "http://support.apple.com/en-us/HT5797" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_45, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_51. Further information is available via the Java website at", "id": "CVE-2013-2459", "impact": "Multiple vulnerabilities in Java 1.6.0_45", "links": [ "http://support.apple.com/en-us/HT5797" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_45, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_51. Further information is available via the Java website at", "id": "CVE-2013-2461", "impact": "Multiple vulnerabilities in Java 1.6.0_45", "links": [ "http://support.apple.com/en-us/HT5797" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_45, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_51. Further information is available via the Java website at", "id": "CVE-2013-2463", "impact": "Multiple vulnerabilities in Java 1.6.0_45", "links": [ "http://support.apple.com/en-us/HT5797" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_45, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_51. Further information is available via the Java website at", "id": "CVE-2013-2464", "impact": "Multiple vulnerabilities in Java 1.6.0_45", "links": [ "http://support.apple.com/en-us/HT5797" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_45, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_51. Further information is available via the Java website at", "id": "CVE-2013-2465", "impact": "Multiple vulnerabilities in Java 1.6.0_45", "links": [ "http://support.apple.com/en-us/HT5797" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_45, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_51. Further information is available via the Java website at", "id": "CVE-2013-2466", "impact": "Multiple vulnerabilities in Java 1.6.0_45", "links": [ "http://support.apple.com/en-us/HT5797" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_45, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_51. Further information is available via the Java website at", "id": "CVE-2013-2468", "impact": "Multiple vulnerabilities in Java 1.6.0_45", "links": [ "http://support.apple.com/en-us/HT5797" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_45, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_51. Further information is available via the Java website at", "id": "CVE-2013-2469", "impact": "Multiple vulnerabilities in Java 1.6.0_45", "links": [ "http://support.apple.com/en-us/HT5797" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_45, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_51. Further information is available via the Java website at", "id": "CVE-2013-2470", "impact": "Multiple vulnerabilities in Java 1.6.0_45", "links": [ "http://support.apple.com/en-us/HT5797" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_45, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_51. Further information is available via the Java website at", "id": "CVE-2013-2471", "impact": "Multiple vulnerabilities in Java 1.6.0_45", "links": [ "http://support.apple.com/en-us/HT5797" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_45, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_51. Further information is available via the Java website at", "id": "CVE-2013-2472", "impact": "Multiple vulnerabilities in Java 1.6.0_45", "links": [ "http://support.apple.com/en-us/HT5797" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_45, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_51. Further information is available via the Java website at", "id": "CVE-2013-2473", "impact": "Multiple vulnerabilities in Java 1.6.0_45", "links": [ "http://support.apple.com/en-us/HT5797" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.3", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Cyril Cattiaux", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-2842", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935", "http://support.apple.com/en-us/HT6000" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5", "iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later" ], "credit": "Egor Homakov", "description": "An information disclosure issue existed in XSSAuditor. This issue was addressed through improved handling of URLs.", "id": "CVE-2013-2848", "impact": "Visiting a maliciously crafted website may lead to an information disclosure", "links": [ "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT6000" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9" ], "credit": "Atte Kettunen of OUSPG", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-2909", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6082" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_45, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_51. Further information is available via the Java website at", "id": "CVE-2013-3743", "impact": "Multiple vulnerabilities in Java 1.6.0_45", "links": [ "http://support.apple.com/en-us/HT5797" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_51, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_65. Further information is available via the Java website at", "id": "CVE-2013-3829", "impact": "Multiple vulnerabilities in Java 1.6.0_51", "links": [ "http://support.apple.com/en-us/HT5982" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "", "Apple TV 2nd generation and later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Stefan Esser", "description": "Multiple buffer overflows existed in dyld's openSharedCacheFile() function. These issues were addressed through improved bounds checking.", "id": "CVE-2013-3950", "impact": "An attacker who has arbitrary code execution on a device may be able to persist code execution across reboots", "links": [ "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935", "http://support.apple.com/en-us/HT6011" ], "module": "dyld", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Stefan Esser", "description": "An information disclosure issue existed in the mach_port_space_info API. This issue was addressed by initializing the iin_collision field in structures returned from the kernel.", "id": "CVE-2013-3953", "impact": "Unprivileged processes could get access to the contents of kernel memory which could lead to privilege escalation", "links": [ "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "", "Apple TV 2nd generation and later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Stefan Esser", "description": "A memory corruption issue existed in the handling of arguments to the posix_spawn API. This issue was addressed through improved bounds checking.", "id": "CVE-2013-3954", "impact": "Unprivileged processes may be able to cause an unexpected system termination or arbitrary code execution in the kernel", "links": [ "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935", "http://support.apple.com/en-us/HT6011" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Stefan Esser", "description": "A memory corruption issue existed in the handling of AppleDouble files. This issue was addressed by removing support for AppleDouble files.", "id": "CVE-2013-3955", "impact": "An attacker who can mount a non-HFS filesystem may be able to cause an unexpected system termination or arbitrary code execution with kernel privileges", "links": [ "http://support.apple.com/en-us/HT5934" ], "module": "File Systems", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_51, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_65. Further information is available via the Java website at", "id": "CVE-2013-4002", "impact": "Multiple vulnerabilities in Java 1.6.0_51", "links": [ "http://support.apple.com/en-us/HT5982" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "", "description": "A hostname validation issue existed in Ruby's handling of SSL certificates. This issue was addressed by updating Ruby to version 2.0.0p247.", "id": "CVE-2013-4073", "impact": "An attacker with a privileged network position may intercept user credentials or other sensitive information", "links": [ "http://support.apple.com/en-us/HT6011" ], "module": "ruby", "rsr": "", "update": "" }, { "available": [ "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Andreas Kurtz of NESO Security Labs and Daniel Metz of University Erlangen-Nuremberg", "description": "An issue existed in the generation of Personal Hotspot passwords, resulting in passwords that could be predicted by an attacker to join a user's Personal Hotspot. The issue was addressed by generating passwords with higher entropy.", "id": "CVE-2013-4616", "impact": "An attacker may be able to join a Personal Hotspot network", "links": [ "http://support.apple.com/en-us/HT5934" ], "module": "Personal Hotspot", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.3", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-5125", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935", "http://support.apple.com/en-us/HT6000" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.3", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-5126", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935", "http://support.apple.com/en-us/HT6000" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.3", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-5127", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935", "http://support.apple.com/en-us/HT6000" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.3", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-5128", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935", "http://support.apple.com/en-us/HT6000" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Mario Heiderich", "description": "Dragging or pasting a selection from one site to another may allow scripts contained in the selection to be executed in the context of the new site. This issue is addressed through additional validation of content before a paste or a drag and drop operation.", "id": "CVE-2013-5129", "impact": "Dragging or pasting a selection may lead to a cross-site scripting attack", "links": [ "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT6000" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5" ], "credit": "L\u00e1szl\u00f3 V\u00e1rady of E\u00f6tv\u00f6s Lor\u00e1nd University", "description": "Using the Web Inspector disabled Private Browsing without warning. This issue was addressed by improved state management.", "id": "CVE-2013-5130", "impact": "Using the Web Inspector disabled Private Browsing", "links": [ "http://support.apple.com/en-us/HT6000" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Erling A Ellingsen", "description": "A cross-site scripting issue existed in the handling of URLs. This issue was addressed through improved origin tracking.", "id": "CVE-2013-5131", "impact": "Visiting a maliciously crafted website may lead to a cross-site scripting attack", "links": [ "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT6000" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "AirPort Extreme Base Station with 802.11n, AirPort Express Base Station with 802.11n, Time Capsule" ], "credit": "Joonas Kuorilehto of Codenomicon", "description": "An issue existed in the parsing of small frames with incorrect lengths. This issue was addressed by adding size checking to the parsing of small frames.", "id": "CVE-2013-5132", "impact": "An associated client may be able to cause an unexpected base station system termination", "links": [ "http://support.apple.com/en-us/HT5920" ], "module": "AirPort Base Station Firmware Update 7.6.4", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "", "description": "TrustWave, a trusted root CA, has issued, and subsequently revoked, a sub-CA certificate from one of its trusted anchors. This sub-CA facilitated the interception of communications secured by Transport Layer Security (TLS). This update added the involved sub-CA certificate to OS X's list of untrusted certificates.", "id": "CVE-2013-5134", "impact": "An attacker with a privileged network position may intercept user credentials or other sensitive information", "links": [ "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935" ], "module": "Data Security", "rsr": "", "update": "" }, { "available": [ "", "Apple Remote Desktop 3.0 or later" ], "credit": "SilentSignal working with iDefense VCP", "description": "A format string vulnerability existed in Remote Desktop's handling of the VNC username.", "id": "CVE-2013-5135", "impact": "A remote attacker may be able to cause arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT5997", "http://support.apple.com/en-us/HT5998", "http://support.apple.com/en-us/HT6011" ], "module": "Apple Remote Desktop", "rsr": "", "update": "" }, { "available": [ "Apple Remote Desktop 3.0 or later" ], "credit": "Mark S. C. Smith studying at Central Connecticut State University", "description": "If a third-party VNC server reported certain authentication types, Remote Desktop may have used password authentication but not warned that the connection would be unencrypted. This issue was addressed through improved handling of authentication types.", "id": "CVE-2013-5136", "impact": "A warning about use of VNC without encryption may not appear", "links": [ "http://support.apple.com/en-us/HT5998" ], "module": "Apple Remote Desktop", "rsr": "", "update": "" }, { "available": [ "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Mackenzie Straight at Mobile Labs", "description": "It was possible for background applications to inject user interface events into the foreground application using the task completion or VoIP APIs. This issue was addressed by enforcing access controls on foreground and background processes that handle interface events.", "id": "CVE-2013-5137", "impact": "Background applications could inject user interface events into the foreground app", "links": [ "http://support.apple.com/en-us/HT5934" ], "module": "IOKit", "rsr": "", "update": "" }, { "available": [ "", "Apple TV 2nd generation and later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Will Estes", "description": "A null pointer dereference existed in IOCatalogue. This issue was addressed through additional type checking.", "id": "CVE-2013-5138", "impact": "A malicious local application could cause an unexpected system termination", "links": [ "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935", "http://support.apple.com/en-us/HT6011" ], "module": "IOKitUser", "rsr": "", "update": "" }, { "available": [ "", "Apple TV 2nd generation and later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "@dent1zt", "description": "An out of bounds array access existed in the IOSerialFamily driver. This issue was addressed through improved bounds checking.", "id": "CVE-2013-5139", "impact": "Executing a malicious application may result in arbitrary code execution within the kernel", "links": [ "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935", "http://support.apple.com/en-us/HT6011" ], "module": "IOSerialFamily", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Joonas Kuorilehto of Codenomicon, an anonymous researcher working with CERT-FI, Antti Levom\u00c3\u00a4ki and Lauri Virtanen of Vulnerability Analysis Group, Stonesoft", "description": "Sending an invalid packet fragment to a device can cause a kernel assert to trigger, leading to a device restart. The issue was addressed through additional validation of packet fragments.", "id": "CVE-2013-5140", "impact": "A remote attacker can cause a device to unexpectedly restart", "links": [ "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "CESG", "description": "An integer truncation issue existed in the kernel socket interface, which could be leveraged to force the CPU into an infinite loop. The issue was addressed by using a larger sized variable.", "id": "CVE-2013-5141", "impact": "A malicious local application could cause a system hang", "links": [ "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT6011" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "", "Apple TV 2nd generation and later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Kenzley Alphonse of Kenx Technology, Inc", "description": "An information disclosure issue existed in the msgctl and segctl APIs. This issue was addressed by initializing data structures returned from the kernel.", "id": "CVE-2013-5142", "impact": "Kernel stack memory may be disclosed to local users", "links": [ "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935", "http://support.apple.com/en-us/HT6011" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9 or later" ], "credit": "Arek Dreyer of Dreyer Network Consultants, Inc.", "description": "A logic issue existed whereby the RADIUS service could choose an incorrect certificate from the list of configured certificates. The issue was addressed by using the same certificate as other services.", "id": "CVE-2013-5143", "impact": "Server may use a fallback certificate during authentication", "links": [ "http://support.apple.com/en-us/HT5999" ], "module": "Server App", "rsr": "", "update": "" }, { "available": [ "iPhone 4 and later" ], "credit": "Dany Lisiansky", "description": "A NULL dereference existed in the lock screen which would cause it to restart if the emergency call button was tapped while a notification was being swiped and while the camera pane was partly visible. While the lock screen was restarting, the call dialer could not get the lock screen state and assumed the device was unlocked, and so allowed non-emergency numbers to be dialed. This issue was addressed by avoiding the NULL dereference.", "id": "CVE-2013-5144", "impact": "A person with physical access to the device may be able to make calls to any number", "links": [ "http://support.apple.com/en-us/HT6010" ], "module": "Passcode Lock", "rsr": "", "update": "" }, { "available": [ "", "Apple TV 2nd generation and later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "\"Rainbow PRISM\"", "description": "An issue existed in kext management's handling of IPC messages from unauthenticated senders. This issue was addressed by adding additional authorization checks.", "id": "CVE-2013-5145", "impact": "An unauthorized process can disable some loaded kernel extensions", "links": [ "http://support.apple.com/en-us/HT5934", "http://support.apple.com/en-us/HT5935", "http://support.apple.com/en-us/HT6011" ], "module": "Kext Management", "rsr": "", "update": "" }, { "available": [ "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "videosdebarraquito", "description": "A race condition issue existed in the handling of phone calls and SIM card ejection at the lock screen. This issue was addressed through improved lock state management.", "id": "CVE-2013-5147", "impact": "A person with physical access to the device may be able to bypass the screen lock", "links": [ "http://support.apple.com/en-us/HT5934" ], "module": "Passcode Lock", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9 or later" ], "credit": "", "description": "In some circumstances, the screen lock would not be engaged if the computer was put to sleep while in Keynote presentation mode. This issue was addressed by improved state management.", "id": "CVE-2013-5148", "impact": "The screen may be unlocked if the computer was put to sleep while in Keynote presentation mode", "links": [ "http://support.apple.com/en-us/HT6002" ], "module": "Keynote", "rsr": "", "update": "" }, { "available": [ "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Jack Flintermann of Grouper, Inc.", "description": "An information disclosure issue existed in push notification registration. Apps requesting access to the push notification access received the token before the user approved the app's use of push notifications. This issue was addressed by withholding access to the token until the user has approved access.", "id": "CVE-2013-5149", "impact": "The push notification token may be disclosed to an app contrary to the user's decision", "links": [ "http://support.apple.com/en-us/HT5934" ], "module": "Push Notifications", "rsr": "", "update": "" }, { "available": [ "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "", "description": "Clearing Safari's history did not clear the back/forward history for open tabs. This issue was addressed by clearing the back/forward history.", "id": "CVE-2013-5150", "impact": "History of pages recently visited in an open tab may remain after clearing of history", "links": [ "http://support.apple.com/en-us/HT5934" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Ben Toews of Github", "description": "Mobile Safari sometimes treated files as HTML files even when the server sent a 'Content-Type: text/plain' header. This may lead to cross-site scripting on sites that allow users to upload files. This issue was addressed through improved handling of files when 'Content-Type: text/plain' is set.", "id": "CVE-2013-5151", "impact": "Viewing files on a website may lead to script execution even when the server sends a 'Content-Type: text/plain' header", "links": [ "http://support.apple.com/en-us/HT5934" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Keita Haga of keitahaga.com, \u0141ukasz Pilorz of RBS", "description": "A URL bar spoofing issue existed in Mobile Safari. This issue was addressed through improved URL tracking.", "id": "CVE-2013-5152", "impact": "Visiting a malicious website may allow an arbitrary URL to be displayed", "links": [ "http://support.apple.com/en-us/HT5934" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Daniel Stangroom", "description": "An issue existed in the handling of notifications when a device is in Lost Mode. This update addresses the issue with improved lock state management.", "id": "CVE-2013-5153", "impact": "A person with physical access to a device in Lost Mode may be able to view notifications", "links": [ "http://support.apple.com/en-us/HT5934" ], "module": "Springboard", "rsr": "", "update": "" }, { "available": [ "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "evad3rs", "description": "Third-party applications which used the #! syntax to run a script were sandboxed based on the identity of the script interpreter, not the script. The interpreter may not have a sandbox defined, leading to the application being run unsandboxed. This issue was addressed by creating the sandbox based on the identity of the script.", "id": "CVE-2013-5154", "impact": "Applications that are scripts were not sandboxed", "links": [ "http://support.apple.com/en-us/HT5934" ], "module": "Sandbox", "rsr": "", "update": "" }, { "available": [ "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "CESG", "description": "Malicious third-party applications that wrote specific values to the /dev/random device could force the CPU to enter an infinite loop. This issue was addressed by preventing third-party applications from writing to /dev/random.", "id": "CVE-2013-5155", "impact": "Applications can cause a system hang", "links": [ "http://support.apple.com/en-us/HT5934" ], "module": "Sandbox", "rsr": "", "update": "" }, { "available": [ "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Jin Han of the Institute for Infocomm Research working with Qiang Yan and Su Mon Kywe of Singapore Management University; Tielei Wang, Kangjie Lu, Long Lu, Simon Chung, and Wenke Lee from the Georgia Institute of Technology", "description": "An access control issue existed in the telephony subsystem. Bypassing supported APIs, sandboxed apps could make requests directly to a system daemon interfering with or controlling telephony functionality. This issue was addressed by enforcing access controls on interfaces exposed by the telephony daemon.", "id": "CVE-2013-5156", "impact": "Malicious apps could interfere with or control telephony functionality", "links": [ "http://support.apple.com/en-us/HT5934" ], "module": "Telephony", "rsr": "", "update": "" }, { "available": [ "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Jin Han of the Institute for Infocomm Research working with Qiang Yan and Su Mon Kywe of Singapore Management University; Tielei Wang, Kangjie Lu, Long Lu, Simon Chung, and Wenke Lee from the Georgia Institute of Technology", "description": "An access control issue existed in the Twitter subsystem. Bypassing supported APIs, sandboxed apps could make requests directly to a system daemon interfering with or controlling Twitter functionality. This issue was addressed by enforcing access controls on interfaces exposed by the Twitter daemon.", "id": "CVE-2013-5157", "impact": "Sandboxed apps could send tweets without user interaction or permission", "links": [ "http://support.apple.com/en-us/HT5934" ], "module": "Twitter", "rsr": "", "update": "" }, { "available": [ "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Jonathan Zdziarski", "description": "An issue existed where it was possible to determine what Twitter accounts a user had recently interacted with. This issue was resolved by restricting access to the Twitter icon cache.", "id": "CVE-2013-5158", "impact": "Users recent Twitter activity could be disclosed on devices with no passcode.", "links": [ "http://support.apple.com/en-us/HT5934" ], "module": "Social", "rsr": "", "update": "" }, { "available": [ "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "", "description": "An information disclosure issue existed in the handling of the window.webkitRequestAnimationFrame() API. A maliciously crafted website could use an iframe to determine if another site used window.webkitRequestAnimationFrame(). This issue was addressed through improved handling of window.webkitRequestAnimationFrame().", "id": "CVE-2013-5159", "impact": "Visiting a malicious website may lead to information disclosure", "links": [ "http://support.apple.com/en-us/HT5934" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 4 and later" ], "credit": "Karam Daoud of PART - Marketing & Business Development, Andrew Chung, Mariusz Rysz", "description": "A NULL dereference existed in the lock screen which would cause it to restart if the emergency call button was tapped repeatedly. While the lock screen was restarting, the call dialer could not get the lock screen state and assumed the device was unlocked, and so allowed non-emergency numbers to be dialed. This issue was addressed by avoiding the NULL dereference.", "id": "CVE-2013-5160", "impact": "A person with physical access to the device may be able to make calls to any number", "links": [ "http://support.apple.com/en-us/HT5957" ], "module": "Passcode Lock", "rsr": "", "update": "" }, { "available": [ "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "videosdebarraquito", "description": "The list of apps you opened could be accessed during some transitions while the device was locked, and the Camera app could be opened while the device was locked.", "id": "CVE-2013-5161", "impact": "A person with physical access to the device may be able to see recently used apps, see, edit, and share photos", "links": [ "http://support.apple.com/en-us/HT5957" ], "module": "Passcode Lock", "rsr": "", "update": "" }, { "available": [ "iPhone 4 and later" ], "credit": "Tomer and Mor", "description": "When returning to the passcode lock from the Phone app, the passcode entry view is sometimes visible when it should not be, and so may be accessed even if the iPhone has been disabled due to many incorrect passcode attempts. This issue was addressed by updating the visibility of the passcode entry view on state changes.", "id": "CVE-2013-5162", "impact": "The time delay for incorrect passcode attempts may be bypassed", "links": [ "http://support.apple.com/en-us/HT6010" ], "module": "Passcode Lock", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8 to v10.8.5" ], "credit": "The rookies of 42", "description": "A logic issue existed in Directory Services's verification of authentication credentials allowing a local attacker to bypass password validation. The issue was addressed through improved credential validation.", "id": "CVE-2013-5163", "impact": "A local user may modify Directory Services records with system privileges", "links": [ "http://support.apple.com/en-us/HT5964" ], "module": "Directory Services", "rsr": "", "update": "" }, { "available": [ "iPhone 4 and later" ], "credit": "Dany Lisiansky", "description": "Race conditions existed in the Phone app at the lock screen. Under various circumstances, the Phone app may allow access to the Contacts pane. This issue was addressed by preventing this display of the Contacts pane while the phone is locked.", "id": "CVE-2013-5164", "impact": "A person with physical access to the device may be able to call arbitrary contacts", "links": [ "http://support.apple.com/en-us/HT6010" ], "module": "Phone", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "Alexander Frangis of PopCap Games", "description": "The socketfilterfw command line tool's --blockApp option did not properly block applications from receiving network connections. This issue was addressed through improved handling of the --blockApp options.", "id": "CVE-2013-5165", "impact": "socketfilterfw --blockApp may not block applications from receiving network connections", "links": [ "http://support.apple.com/en-us/HT6011" ], "module": "Application Firewall", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "Stefano Bianchi Mazzone, Mattia Pagnozzi, and Aristide Fattori of Computer and Network Security Lab (LaSER), Universit\u00e0 degli Studi di Milano", "description": "The Bluetooth USB host controller deleted interfaces needed for later operations. This issue was addressed by retaining the interface until it is no longer needed.", "id": "CVE-2013-5166", "impact": "A malicious local application could cause an unexpected system termination", "links": [ "http://support.apple.com/en-us/HT6011" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "Graham Bennett, Rob Ansaldo of Amherst College", "description": "Resetting Safari did not always delete session cookies until Safari was closed. This issue was addressed through improved handling of session cookies.", "id": "CVE-2013-5167", "impact": "Session cookies may persist even after resetting Safari", "links": [ "http://support.apple.com/en-us/HT6011" ], "module": "CFNetwork", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "Aaron Sigel of vtty.com", "description": "This update modified the behavior of Console when clicking on a log entry with an attached URL. Rather than opening the URL, Console will now preview the URL with Quick Look.", "id": "CVE-2013-5168", "impact": "Clicking on a malicious log entry may lead to unexpected application execution", "links": [ "http://support.apple.com/en-us/HT6011" ], "module": "Console", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "", "description": "A logic issue existed in CoreGraphics's handling of display sleep mode, resulting in data corruption that could result in windows being visible over the lock screen. The issue is addressed through improved handling of display sleep.", "id": "CVE-2013-5169", "impact": "Windows may be visible over the lock screen after display sleep", "links": [ "http://support.apple.com/en-us/HT6011" ], "module": "CoreGraphics", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "Will Dormann of the CERT/CC", "description": "A buffer underflow existed in the handling of PDF files. This issue was addressed through improved bounds checking.", "id": "CVE-2013-5170", "impact": "Viewing a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6011" ], "module": "CoreGraphics", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "", "description": "By registering for a hotkey event, an unprivileged application could log keystrokes entered into other applications even when secure input mode was enabled. This issue was addressed by additional validation of hotkey events.", "id": "CVE-2013-5171", "impact": "An unprivileged application may be able to log keystrokes entered into other applications even when secure input mode is enabled", "links": [ "http://support.apple.com/en-us/HT6011" ], "module": "CoreGraphics", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "Christoph Nadig of Lobotomo Software", "description": "An incorrect output length was used for the SHA-2 family of digest functions, resulting in a kernel panic when these functions were used, primarily during IPSec connections. The issue was addressed through use of the expected output length.", "id": "CVE-2013-5172", "impact": "Use of SHA-2 digest functions in the kernel may result in an unexpected system termination", "links": [ "http://support.apple.com/en-us/HT6011" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "Jaakko Pero of Aalto University", "description": "The kernel random number generator would hold a lock while satisfying a request from userspace, allowing a local user to make a large request and hold the lock for long periods of time, denying service to other users of the random number generator. This issue was addressed by releasing and reacquiring the lock for large requests more frequently.", "id": "CVE-2013-5173", "impact": "A local user may cause a denial of service", "links": [ "http://support.apple.com/en-us/HT6011" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "CESG", "description": "An integer sign issue existed in the handling of tty reads. This issue was addressed through improved handling of tty reads.", "id": "CVE-2013-5174", "impact": "A local, unprivileged user may be able to cause an unexpected system termination", "links": [ "http://support.apple.com/en-us/HT6011" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "", "description": "An out of bounds read issue existed in the handling of Mach-O files. This issue was addressed through improved bounds checking.", "id": "CVE-2013-5175", "impact": "A local user may be able to cause kernel memory information disclosure or an unexpected system termination", "links": [ "http://support.apple.com/en-us/HT6011" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "CESG", "description": "An integer truncation issue existed in the handling of tty devices. This issue was addressed through improved bounds checking.", "id": "CVE-2013-5176", "impact": "A local user may be able to cause a system hang", "links": [ "http://support.apple.com/en-us/HT6011" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "CESG", "description": "The kernel would panic when an invalid user-supplied iovec structure was detected. This issue was addressed through improved validation of iovec structures.", "id": "CVE-2013-5177", "impact": "A local user may be able to cause an unexpected system termination", "links": [ "http://support.apple.com/en-us/HT6011" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "Jesse Ruderman of Mozilla Corporation, Stephane Sudre of Intego", "description": "An issue exited in the handling of certain unicode characters that could allow filenames to show incorrect extensions. The issue was addressed by filtering unsafe unicode characters from display in filenames.", "id": "CVE-2013-5178", "impact": "A file could show the wrong extension.", "links": [ "http://support.apple.com/en-us/HT6011" ], "module": "LaunchServices", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "Friedrich Graeter of The Soulmen GbR", "description": "The LaunchServices interface for launching an application allowed sandboxed apps to specify the list of arguments passed to the new process. A compromised sandboxed application could abuse this to bypass the sandbox. This issue was addressed by disallowing sandboxed applications from specifying arguments.", "id": "CVE-2013-5179", "impact": "The App Sandbox may be bypassed", "links": [ "http://support.apple.com/en-us/HT6011" ], "module": "App Sandbox", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "Xi Wang", "description": "If the kernel random number generator was not accessible to srandomdev(), the function fell back to an alternative method which had been removed by optimization, leading to a lack of randomness. This issue was addressed by modifying the code to be correct under optimization.", "id": "CVE-2013-5180", "impact": "Under unusual circumstances some random numbers may be predictable", "links": [ "http://support.apple.com/en-us/HT6011" ], "module": "Libc", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "", "description": "When auto-configuring a mail account on certain mailservers, the Mail app would choose plaintext authentication over CRAM-MD5 authentication. This issue was addressed through improved logic handling.", "id": "CVE-2013-5181", "impact": "Mail may not choose the most secure authentication method available", "links": [ "http://support.apple.com/en-us/HT6011" ], "module": "Mail Accounts", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "Michael Roitzsch of Technische Universit\u00e4t Dresden", "description": "A logic issue existed in Mail's handling of unsigned messages that nevertheless contained a", "id": "CVE-2013-5182", "impact": "An unsigned message may appear to be validly signed.", "links": [ "http://support.apple.com/en-us/HT6011" ], "module": "Mail Header Display", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "Richard E. Silverman of www.qoxp.net", "description": "When Kerberos authentication was enabled and Transport Layer Security was disabled, Mail would send some unencrypted data to the mail server, leading to an unexpected termination of the connection. The issue was addressed through improved handling of this configuration.", "id": "CVE-2013-5183", "impact": "Information may be briefly transferred in plain text when non-TLS encryption is configured.", "links": [ "http://support.apple.com/en-us/HT6011" ], "module": "Mail Networking", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "Octoshape", "description": "An error checking issue existed in the handling of a multicast packets. This issue was addressed through improved handling of multicast packets.", "id": "CVE-2013-5184", "impact": "Source specific multicast program may cause an unexpected system termination when using Wi-Fi network", "links": [ "http://support.apple.com/en-us/HT6011" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "", "description": "The ldapsearch command line tool did not honor the minssf configuration, which could lead to weak encryption being allowed unexpectedly. This issue was addressed through improved handling of the minssf configuration.", "id": "CVE-2013-5185", "impact": "The ldapsearch command line tool did not honor the minssf configuration", "links": [ "http://support.apple.com/en-us/HT6011" ], "module": "OpenLDAP", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "David Herman at Sensible DB Design", "description": "A locking issue existed in power assertion management. The issue was addressed through improved lock handling.", "id": "CVE-2013-5186", "impact": "The screen lock may not engage after the specified time period", "links": [ "http://support.apple.com/en-us/HT6011" ], "module": "Power Management", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "Michael Kisor of OrganicOrb.com, Christian Knappskog of NTNU (Norwegian University of Science and Technology), Stefan Gr\u00f6nke (CCC Trier), Patrick Reed", "description": "The \"Lock Screen\" command in the Keychain Status menu bar item did not take effect until after the \"Require password [amount of time] after sleep or screen saver begins\" setting had elapsed.", "id": "CVE-2013-5187", "impact": "The \"Lock Screen\" command may not take effect immediately", "links": [ "http://support.apple.com/en-us/HT6011" ], "module": "Screen Lock", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "Levi Musters", "description": "A Mac with hibernation and autologin enabled may allow waking from hibernation without prompting for a password. This issue was addressed through improved lock handling.", "id": "CVE-2013-5188", "impact": "A hibernated Mac with Autologin may not require a password to wake", "links": [ "http://support.apple.com/en-us/HT6011" ], "module": "Screen Lock", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "Greg Onufer", "description": "The \"Require an administrator password to access system preferences with lock icons\" setting allows administrators to add an additional layer of protection to sensitive system settings. In some cases where an administrator had enabled this setting, applying a software update or upgrade could have subsequently disabled the setting. This issue was addressed through improved handling of authorization rights.", "id": "CVE-2013-5189", "impact": "An administrator's security preferences may not be respected", "links": [ "http://support.apple.com/en-us/HT6011" ], "module": "Security - Authorization", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "Yongjun Jeon of Centrify Corporation", "description": "\"A logic issue existed in OS X's handling of Smart Card certificate revocation checks. The issue was addressed through improved certificate revocation support.", "id": "CVE-2013-5190", "impact": "Smart Card Services may be unavailable when certificate revocation checks are enabled", "links": [ "http://support.apple.com/en-us/HT6011" ], "module": "Security - Smart Card Services", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "Sven-S. Porst of earthlingsoft", "description": "The console log was visible to the Guest user and contained messages from previous Guest user sessions. This issue was addressed by making the console log for Guest users visible only to administrators.", "id": "CVE-2013-5191", "impact": "A Guest user may be able to see log messages from previous Guests", "links": [ "http://support.apple.com/en-us/HT6011" ], "module": "syslog", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "Stefano Bianchi Mazzone, Mattia Pagnozzi, and Aristide Fattori of Computer and Network Security Lab (LaSER), Universit\u00e0 degli Studi di Milano", "description": "The USB hub controller didn't check the port and port number of requests. The issue was addressed by adding checks of the port and port number.", "id": "CVE-2013-5192", "impact": "A malicious local application could cause an unexpected system termination", "links": [ "http://support.apple.com/en-us/HT6011" ], "module": "USB", "rsr": "", "update": "" }, { "available": [ "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "", "description": "A signed-in user may be able to complete a transaction without providing a password when prompted. This issue was addressed by additional enforcement of purchase authorization.", "id": "CVE-2013-5193", "impact": "App and In-App purchases may be completed with insufficient authorization", "links": [ "http://support.apple.com/en-us/HT6058" ], "module": "App Store", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-5195", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6082" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9" ], "credit": "Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-5196", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6082" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9" ], "credit": "Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-5197", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6082" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-5198", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6082" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-5199", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6082" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9" ], "credit": "Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-5225", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6082" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9" ], "credit": "Niklas Malmgren of Klarna AB", "description": "Safari may have autofilled user names and passwords into a subframe from a different domain than the main frame. This issue was addressed through improved origin tracking.", "id": "CVE-2013-5227", "impact": "User credentials may be disclosed to an unexpected site via autofill", "links": [ "http://support.apple.com/en-us/HT6082" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9" ], "credit": "Keen Team (@K33nTeam) working with HP's Zero Day Initiative", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-5228", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6082" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_51, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_65. Further information is available via the Java website at", "id": "CVE-2013-5772", "impact": "Multiple vulnerabilities in Java 1.6.0_51", "links": [ "http://support.apple.com/en-us/HT5982" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_51, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_65. Further information is available via the Java website at", "id": "CVE-2013-5774", "impact": "Multiple vulnerabilities in Java 1.6.0_51", "links": [ "http://support.apple.com/en-us/HT5982" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_51, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_65. Further information is available via the Java website at", "id": "CVE-2013-5776", "impact": "Multiple vulnerabilities in Java 1.6.0_51", "links": [ "http://support.apple.com/en-us/HT5982" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_51, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_65. Further information is available via the Java website at", "id": "CVE-2013-5778", "impact": "Multiple vulnerabilities in Java 1.6.0_51", "links": [ "http://support.apple.com/en-us/HT5982" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_51, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_65. Further information is available via the Java website at", "id": "CVE-2013-5780", "impact": "Multiple vulnerabilities in Java 1.6.0_51", "links": [ "http://support.apple.com/en-us/HT5982" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_51, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_65. Further information is available via the Java website at", "id": "CVE-2013-5782", "impact": "Multiple vulnerabilities in Java 1.6.0_51", "links": [ "http://support.apple.com/en-us/HT5982" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_51, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_65. Further information is available via the Java website at", "id": "CVE-2013-5783", "impact": "Multiple vulnerabilities in Java 1.6.0_51", "links": [ "http://support.apple.com/en-us/HT5982" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_51, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_65. Further information is available via the Java website at", "id": "CVE-2013-5784", "impact": "Multiple vulnerabilities in Java 1.6.0_51", "links": [ "http://support.apple.com/en-us/HT5982" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_51, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_65. Further information is available via the Java website at", "id": "CVE-2013-5787", "impact": "Multiple vulnerabilities in Java 1.6.0_51", "links": [ "http://support.apple.com/en-us/HT5982" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_51, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_65. Further information is available via the Java website at", "id": "CVE-2013-5789", "impact": "Multiple vulnerabilities in Java 1.6.0_51", "links": [ "http://support.apple.com/en-us/HT5982" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_51, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_65. Further information is available via the Java website at", "id": "CVE-2013-5790", "impact": "Multiple vulnerabilities in Java 1.6.0_51", "links": [ "http://support.apple.com/en-us/HT5982" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_51, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_65. Further information is available via the Java website at", "id": "CVE-2013-5797", "impact": "Multiple vulnerabilities in Java 1.6.0_51", "links": [ "http://support.apple.com/en-us/HT5982" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_51, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_65. Further information is available via the Java website at", "id": "CVE-2013-5801", "impact": "Multiple vulnerabilities in Java 1.6.0_51", "links": [ "http://support.apple.com/en-us/HT5982" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_51, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_65. Further information is available via the Java website at", "id": "CVE-2013-5802", "impact": "Multiple vulnerabilities in Java 1.6.0_51", "links": [ "http://support.apple.com/en-us/HT5982" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_51, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_65. Further information is available via the Java website at", "id": "CVE-2013-5803", "impact": "Multiple vulnerabilities in Java 1.6.0_51", "links": [ "http://support.apple.com/en-us/HT5982" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_51, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_65. Further information is available via the Java website at", "id": "CVE-2013-5804", "impact": "Multiple vulnerabilities in Java 1.6.0_51", "links": [ "http://support.apple.com/en-us/HT5982" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_51, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_65. Further information is available via the Java website at", "id": "CVE-2013-5809", "impact": "Multiple vulnerabilities in Java 1.6.0_51", "links": [ "http://support.apple.com/en-us/HT5982" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_51, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_65. Further information is available via the Java website at", "id": "CVE-2013-5812", "impact": "Multiple vulnerabilities in Java 1.6.0_51", "links": [ "http://support.apple.com/en-us/HT5982" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_51, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_65. Further information is available via the Java website at", "id": "CVE-2013-5814", "impact": "Multiple vulnerabilities in Java 1.6.0_51", "links": [ "http://support.apple.com/en-us/HT5982" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_51, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_65. Further information is available via the Java website at", "id": "CVE-2013-5817", "impact": "Multiple vulnerabilities in Java 1.6.0_51", "links": [ "http://support.apple.com/en-us/HT5982" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_51, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_65. Further information is available via the Java website at", "id": "CVE-2013-5818", "impact": "Multiple vulnerabilities in Java 1.6.0_51", "links": [ "http://support.apple.com/en-us/HT5982" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_51, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_65. Further information is available via the Java website at", "id": "CVE-2013-5819", "impact": "Multiple vulnerabilities in Java 1.6.0_51", "links": [ "http://support.apple.com/en-us/HT5982" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_51, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_65. Further information is available via the Java website at", "id": "CVE-2013-5820", "impact": "Multiple vulnerabilities in Java 1.6.0_51", "links": [ "http://support.apple.com/en-us/HT5982" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_51, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_65. Further information is available via the Java website at", "id": "CVE-2013-5823", "impact": "Multiple vulnerabilities in Java 1.6.0_51", "links": [ "http://support.apple.com/en-us/HT5982" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_51, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_65. Further information is available via the Java website at", "id": "CVE-2013-5824", "impact": "Multiple vulnerabilities in Java 1.6.0_51", "links": [ "http://support.apple.com/en-us/HT5982" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_51, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_65. Further information is available via the Java website at", "id": "CVE-2013-5825", "impact": "Multiple vulnerabilities in Java 1.6.0_51", "links": [ "http://support.apple.com/en-us/HT5982" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_51, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_65. Further information is available via the Java website at", "id": "CVE-2013-5829", "impact": "Multiple vulnerabilities in Java 1.6.0_51", "links": [ "http://support.apple.com/en-us/HT5982" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_51, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_65. Further information is available via the Java website at", "id": "CVE-2013-5830", "impact": "Multiple vulnerabilities in Java 1.6.0_51", "links": [ "http://support.apple.com/en-us/HT5982" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_51, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_65. Further information is available via the Java website at", "id": "CVE-2013-5831", "impact": "Multiple vulnerabilities in Java 1.6.0_51", "links": [ "http://support.apple.com/en-us/HT5982" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_51, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_65. Further information is available via the Java website at", "id": "CVE-2013-5832", "impact": "Multiple vulnerabilities in Java 1.6.0_51", "links": [ "http://support.apple.com/en-us/HT5982" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_51, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_65. Further information is available via the Java website at", "id": "CVE-2013-5840", "impact": "Multiple vulnerabilities in Java 1.6.0_51", "links": [ "http://support.apple.com/en-us/HT5982" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_51, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_65. Further information is available via the Java website at", "id": "CVE-2013-5842", "impact": "Multiple vulnerabilities in Java 1.6.0_51", "links": [ "http://support.apple.com/en-us/HT5982" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_51, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_65. Further information is available via the Java website at", "id": "CVE-2013-5843", "impact": "Multiple vulnerabilities in Java 1.6.0_51", "links": [ "http://support.apple.com/en-us/HT5982" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_51, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_65. Further information is available via the Java website at", "id": "CVE-2013-5848", "impact": "Multiple vulnerabilities in Java 1.6.0_51", "links": [ "http://support.apple.com/en-us/HT5982" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_51, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_65. Further information is available via the Java website at", "id": "CVE-2013-5849", "impact": "Multiple vulnerabilities in Java 1.6.0_51", "links": [ "http://support.apple.com/en-us/HT5982" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Java 1.6.0_51, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_65. Further information is available via the Java website at", "id": "CVE-2013-5850", "impact": "Multiple vulnerabilities in Java 1.6.0_51", "links": [ "http://support.apple.com/en-us/HT5982" ], "module": "Java", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9 or later" ], "credit": "Jean Pascal Pereira", "description": "An integer overflow existed in the handling of .motn files which led to an out of bounds memory access. This issue was addressed through improved bounds checking.", "id": "CVE-2013-6114", "impact": "A maliciously crafted .motn file could lead to arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6041" ], "module": "Motion", "rsr": "", "update": "" } ] ================================================ FILE: 2013/README.md ================================================ # Apple CVE 2013 * data source: https://support.apple.com/en-us/HT201222 * [2013.json](2013.json) ## Modules | Index | Module Name | CVE Count | |:-----:|:------------------ |:---------:| | 1 | Java | 125 | | 2 | WebKit | 64 | | 3 | iTunes | 19 | | 4 | Kernel | 17 | | 5 | OpenSSL | 16 | | 6 | QuickTime | 13 | | 7 | Passcode Lock | 6 | | 8 | Apache | 5 | | 9 | PostgreSQL | 5 | | 10 | Bind | 5 | | 11 | Profile Manager | 5 | | 12 | Safari | 5 | | 13 | libxml | 4 | | 14 | python | 4 | | 15 | Ruby | 4 | | 16 | CoreGraphics | 4 | | 17 | PHP | 4 | | 18 | libxslt | 3 | | 19 | Screen Lock | 3 | | 20 | ImageIO | 2 | | 21 | curl | 2 | | 22 | dyld | 2 | | 23 | USB | 2 | | 24 | CFNetwork | 2 | | 25 | Power Management | 2 | | 26 | ClamAV | 2 | | 27 | Apple Remote Desktop | 2 | | 28 | Sandbox | 2 | | 29 | International Components for Unicode | 1 | | 30 | CFNetwork SSL | 1 | | 31 | Security | 1 | | 32 | Wi-Fi | 1 | | 33 | Messages Server | 1 | | 34 | FreeRADIUS | 1 | | 35 | JavaScriptCore | 1 | | 36 | CUPS | 1 | | 37 | Podcast Producer Server | 1 | | 38 | Git | 1 | | 39 | Data Protection | 1 | | 40 | Identity Services | 1 | | 41 | CoreTypes | 1 | | 42 | Login Window | 1 | | 43 | Messages | 1 | | 44 | PDFKit | 1 | | 45 | Software Update | 1 | | 46 | StoreKit | 1 | | 47 | QuickDraw Manager | 1 | | 48 | IOAcceleratorFamily | 1 | | 49 | Lockdown | 1 | | 50 | CoreAnimation | 1 | | 51 | Directory Service | 1 | | 52 | Disk Management | 1 | | 53 | SMB | 1 | | 54 | CoreMedia | 1 | | 55 | CoreMedia Playback | 1 | | 56 | Installer | 1 | | 57 | IPSec | 1 | | 58 | Mobile Device Management | 1 | | 59 | Wiki Server | 1 | | 60 | perl | 1 | | 61 | sudo | 1 | | 62 | File Systems | 1 | | 63 | ruby | 1 | | 64 | Personal Hotspot | 1 | | 65 | AirPort Base Station Firmware Update 7.6.4 | 1 | | 66 | Data Security | 1 | | 67 | IOKit | 1 | | 68 | IOKitUser | 1 | | 69 | IOSerialFamily | 1 | | 70 | Server App | 1 | | 71 | Kext Management | 1 | | 72 | Keynote | 1 | | 73 | Push Notifications | 1 | | 74 | Springboard | 1 | | 75 | Telephony | 1 | | 76 | Twitter | 1 | | 77 | Social | 1 | | 78 | Directory Services | 1 | | 79 | Phone | 1 | | 80 | Application Firewall | 1 | | 81 | Bluetooth | 1 | | 82 | Console | 1 | | 83 | LaunchServices | 1 | | 84 | App Sandbox | 1 | | 85 | Libc | 1 | | 86 | Mail Accounts | 1 | | 87 | Mail Header Display | 1 | | 88 | Mail Networking | 1 | | 89 | OpenLDAP | 1 | | 90 | Security - Authorization | 1 | | 91 | Security - Smart Card Services | 1 | | 92 | syslog | 1 | | 93 | App Store | 1 | | 94 | Motion | 1 | ================================================ FILE: 2014/2014.json ================================================ [ { "available": [ "", "Apple TV 3rd generation and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Marc Heuse", "description": "A race condition issue existed in the handling of IPv6 packets. This issue was addressed through improved lock state checking.", "id": "CVE-2011-2391", "impact": "A person with a privileged network position may cause a denial of service", "links": [ "http://support.apple.com/en-us/HT6441", "http://support.apple.com/en-us/HT6442", "https://support.apple.com/en-us/HT6535" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Windows 8, Windows 7, Vista, and XP SP2 or later" ], "credit": "J\u00fcri Aedla", "description": "Multiple memory corruption issues existed in libxml. These issues were addressed by updating libxml to version 2.9.0.", "id": "CVE-2011-3102", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6001" ], "module": "libxml", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5" ], "credit": "Juliano Rizzo and Thai Duong", "description": "There were known attacks on the confidentiality of SSL 3.0 and TLS 1.0 when a cipher suite used a block cipher in CBC mode. To address these issues for applications using Secure Transport, the 1-byte fragment mitigation was enabled by default for this configuration.", "id": "CVE-2011-3389", "impact": "An attacker may be able to decrypt data protected by SSL", "links": [ "http://support.apple.com/en-us/HT6150" ], "module": "Secure Transport", "rsr": "", "update": "" }, { "available": [ "Windows 8, Windows 7, Vista, and XP SP2 or later" ], "credit": "", "description": "Multiple memory corruption issues existed in libxml. These issues were addressed by updating libxml to version 2.9.0.", "id": "CVE-2012-0841", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6001" ], "module": "libxml", "rsr": "", "update": "" }, { "available": [ "Apple TV (2nd generation and later)", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "", "description": "A buffer overflow existed in libtiff's handling of TIFF images. This issue was addressed through additional validation of TIFF images.", "id": "CVE-2012-2088", "impact": "Viewing a maliciously crafted TIFF file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6162", "http://support.apple.com/en-us/HT6163" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Windows 8, Windows 7, Vista, and XP SP2 or later" ], "credit": "J\u00fcri Aedla", "description": "Multiple memory corruption issues existed in libxml. These issues were addressed by updating libxml to version 2.9.0.", "id": "CVE-2012-2807", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6001" ], "module": "libxml", "rsr": "", "update": "" }, { "available": [ "Windows 8, Windows 7, Vista, and XP SP2 or later" ], "credit": "Nicolas Gregoire", "description": "Multiple memory corruption issues existed in libxslt. These issues were addressed by updating libxslt to version 1.1.28.", "id": "CVE-2012-2825", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6001" ], "module": "libxslt", "rsr": "", "update": "" }, { "available": [ "Windows 8, Windows 7, Vista, and XP SP2 or later" ], "credit": "Nicolas Gregoire", "description": "Multiple memory corruption issues existed in libxslt. These issues were addressed by updating libxslt to version 1.1.28.", "id": "CVE-2012-2870", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6001" ], "module": "libxslt", "rsr": "", "update": "" }, { "available": [ "Windows 8, Windows 7, Vista, and XP SP2 or later" ], "credit": "Kai Lu of Fortinet's FortiGuard Labs, Nicolas Gregoire", "description": "Multiple memory corruption issues existed in libxslt. These issues were addressed by updating libxslt to version 1.1.28.", "id": "CVE-2012-2871", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6001" ], "module": "libxslt", "rsr": "", "update": "" }, { "available": [ "Windows 8, Windows 7, Vista, and XP SP2 or later" ], "credit": "Google Chrome Security Team (J\u00fcri Aedla)", "description": "Multiple memory corruption issues existed in libxml. These issues were addressed by updating libxml to version 2.9.0.", "id": "CVE-2012-5134", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6001" ], "module": "libxml", "rsr": "", "update": "" }, { "available": [ "Windows 8, Windows 7, Vista, and XP SP2 or later" ], "credit": "Richard Kuo and Billy Suguitan of Triemt Corporation", "description": "An uninitialized memory access issue existed in the handling of text tracks. This issue was addressed by additional validation of text tracks.", "id": "CVE-2013-1024", "impact": "Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6001" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later" ], "credit": "Jason Kratzer working with iDefense VCP", "description": "An out of bounds byte swapping issue existed in the handling of QuickTime image descriptions. This issue was addressed through improved bounds checking.", "id": "CVE-2013-1032", "impact": "Playing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6151" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Windows 8, Windows 7, Vista, and XP SP2 or later" ], "credit": "Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-1037", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6001" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Windows 8, Windows 7, Vista, and XP SP2 or later" ], "credit": "Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-1038", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6001" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Windows 8, Windows 7, Vista, and XP SP2 or later" ], "credit": "own-hero Research working with iDefense VCP", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-1039", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6001" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Windows 8, Windows 7, Vista, and XP SP2 or later" ], "credit": "Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-1040", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6001" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Windows 8, Windows 7, Vista, and XP SP2 or later" ], "credit": "Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-1041", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6001" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Windows 8, Windows 7, Vista, and XP SP2 or later" ], "credit": "Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-1042", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6001" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Windows 8, Windows 7, Vista, and XP SP2 or later" ], "credit": "Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-1043", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6001" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Windows 8, Windows 7, Vista, and XP SP2 or later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-1044", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6001" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Windows 8, Windows 7, Vista, and XP SP2 or later" ], "credit": "Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-1045", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6001" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Windows 8, Windows 7, Vista, and XP SP2 or later" ], "credit": "Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-1046", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6001" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Windows 8, Windows 7, Vista, and XP SP2 or later" ], "credit": "miaubiz", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-1047", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6001" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 and 10.9.1" ], "credit": "", "description": "Multiple vulnerabilities existed in Apache, the most serious of which may lead to cross-site scripting. These issues were addressed by updating Apache to version 2.2.26.", "id": "CVE-2013-1862", "impact": "Multiple vulnerabilities in Apache", "links": [ "http://support.apple.com/en-us/HT6150" ], "module": "Apache", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 and 10.9.1" ], "credit": "", "description": "Multiple vulnerabilities existed in Apache, the most serious of which may lead to cross-site scripting. These issues were addressed by updating Apache to version 2.2.26.", "id": "CVE-2013-1896", "impact": "Multiple vulnerabilities in Apache", "links": [ "http://support.apple.com/en-us/HT6150" ], "module": "Apache", "rsr": "", "update": "" }, { "available": [ "Windows 8, Windows 7, Vista, and XP SP2 or later" ], "credit": "Cyril Cattiaux", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-2842", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6001" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.2", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "miaubiz", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-2871", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6181", "http://support.apple.com/en-us/HT6208", "http://support.apple.com/en-us/HT6209", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.3", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "miaubiz", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-2875", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6254", "http://support.apple.com/en-us/HT6297", "http://support.apple.com/en-us/HT6298", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV (2nd generation and later)", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Atte Kettunen of OUSPG", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-2909", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6162", "http://support.apple.com/en-us/HT6163", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV (2nd generation and later)", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.2", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "cloudfuzzer", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-2926", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6162", "http://support.apple.com/en-us/HT6163", "http://support.apple.com/en-us/HT6181", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.3", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "cloudfuzzer", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-2927", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6254", "http://support.apple.com/en-us/HT6297", "http://support.apple.com/en-us/HT6298", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV (2nd generation and later)", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.2", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-2928", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6162", "http://support.apple.com/en-us/HT6163", "http://support.apple.com/en-us/HT6181", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in BIND. These issues were addressed by updating BIND to version 9.9.2-P2", "id": "CVE-2013-3919", "impact": "Multiple vulnerabilities in BIND, the most serious of which may lead to a denial of service", "links": [ "https://support.apple.com/en-us/HT6536" ], "module": "BIND", "rsr": "", "update": "" }, { "available": [ "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Stefan Esser", "description": "An attacker with a privileged network position could spoof network communications to entice a user into downloading a malicious app. This issue was mitigated by using SSL and prompting the user during URL redirects.", "id": "CVE-2013-3948", "impact": "A man-in-the-middle attacker may entice a user into downloading a malicious app via Enterprise App Download", "links": [ "http://support.apple.com/en-us/HT6162" ], "module": "iTunes Store", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 and 10.9.1" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP, the most serious of which may have led to arbitrary code execution. These issues were addressed by updating PHP to version 5.4.24 on OS X Mavericks v10.9, and 5.3.28 on OS X Lion and Mountain Lion.", "id": "CVE-2013-4073", "impact": "Multiple vulnerabilities in PHP", "links": [ "http://support.apple.com/en-us/HT6150" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 and 10.9.1" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP, the most serious of which may have led to arbitrary code execution. These issues were addressed by updating PHP to version 5.4.24 on OS X Mavericks v10.9, and 5.3.28 on OS X Lion and Mountain Lion.", "id": "CVE-2013-4113", "impact": "Multiple vulnerabilities in PHP", "links": [ "http://support.apple.com/en-us/HT6150" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, and OS X Mavericks 10.9.2", "OS X Mavericks v10.9.3 or later", "OS X Yosemite v10.10 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in LibYAML. These issues were addressed by switching from YAML to JSON as Profile Manager's internal serialization format.", "id": "CVE-2013-4164", "impact": "Multiple vulnerabilities in LibYAML, the most serious of which may lead to arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6207", "http://support.apple.com/en-us/HT6248", "https://support.apple.com/en-us/HT6536" ], "module": "Profile Manager", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 and 10.9.1" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP, the most serious of which may have led to arbitrary code execution. These issues were addressed by updating PHP to version 5.4.24 on OS X Mavericks v10.9, and 5.3.28 on OS X Lion and Mountain Lion.", "id": "CVE-2013-4248", "impact": "Multiple vulnerabilities in PHP", "links": [ "http://support.apple.com/en-us/HT6150" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in BIND. These issues were addressed by updating BIND to version 9.9.2-P2", "id": "CVE-2013-4854", "impact": "Multiple vulnerabilities in BIND, the most serious of which may lead to a denial of service", "links": [ "https://support.apple.com/en-us/HT6536" ], "module": "BIND", "rsr": "", "update": "" }, { "available": [ "Windows 8, Windows 7, Vista, and XP SP2 or later" ], "credit": "Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-5125", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6001" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Windows 8, Windows 7, Vista, and XP SP2 or later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-5126", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6001" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Windows 8, Windows 7, Vista, and XP SP2 or later" ], "credit": "Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-5127", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6001" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Windows 8, Windows 7, Vista, and XP SP2 or later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-5128", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6001" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "evad3rs", "description": "A symbolic link in a backup would be restored, allowing subsequent operations during the restore to write to the rest of the filesystem. This issue was addressed by checking for symbolic links during the restore process.", "id": "CVE-2013-5133", "impact": "A maliciously crafted backup can alter the filesystem", "links": [ "http://support.apple.com/en-us/HT6162" ], "module": "Backup", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5" ], "credit": "@dent1zt", "description": "An out of bounds array access existed in the IOSerialFamily driver. This issue was addressed through additional bounds checking. This issue does not affect systems running OS X Mavericks v10.9 or later.", "id": "CVE-2013-5139", "impact": "Executing a malicious application may result in arbitrary code execution within the kernel", "links": [ "http://support.apple.com/en-us/HT6150" ], "module": "IOSerialFamily", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "", "description": "Clearing Safari's history did not clear the back/forward history for open tabs. This issue was addressed by clearing the back/forward history.", "id": "CVE-2013-5150", "impact": "History of pages recently visited in an open tab may remain after clearing of history", "links": [ "https://support.apple.com/en-us/HT6535" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5" ], "credit": "Will Dormann of CERT/CC", "description": "A buffer underflow existed in the handling of fonts in PDF files. This issue was addressed through additional bounds checking. This issue does not affect OS X Mavericks systems.", "id": "CVE-2013-5170", "impact": "Opening a maliciously crafted PDF file may result in an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6207" ], "module": "FontParser", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5" ], "credit": "Jesse Ruderman of Mozilla Corporation, Stephane Sudre of Intego", "description": "An issue existed in the handling of certain unicode characters that could allow filenames to show incorrect extensions. The issue was addressed by filtering unsafe unicode characters from display in filenames. This issue does not affect systems running OS X Mavericks v10.9 or later.", "id": "CVE-2013-5178", "impact": "A file could show the wrong extension", "links": [ "http://support.apple.com/en-us/HT6150" ], "module": "LaunchServices", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5" ], "credit": "Friedrich Graeter of The Soulmen GbR", "description": "The LaunchServices interface for launching an application allowed sandboxed apps to specify the list of arguments passed to the new process. A compromised sandboxed application could abuse this to bypass the sandbox. This issue was addressed by preventing sandboxed applications from specifying arguments. This issue does not affect systems running OS X Mavericks 10.9 or later.", "id": "CVE-2013-5179", "impact": "The App Sandbox may be bypassed", "links": [ "http://support.apple.com/en-us/HT6150" ], "module": "App Sandbox", "rsr": "", "update": "" }, { "available": [ "Windows 8, Windows 7, Vista, XP SP2 or later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-5195", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV (2nd generation and later)", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-5196", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6162", "http://support.apple.com/en-us/HT6163", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV (2nd generation and later)", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-5197", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6162", "http://support.apple.com/en-us/HT6163", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV (2nd generation and later)", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-5198", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6162", "http://support.apple.com/en-us/HT6163", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV (2nd generation and later)", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-5199", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6162", "http://support.apple.com/en-us/HT6163", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV (2nd generation and later)", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-5225", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6162", "http://support.apple.com/en-us/HT6163", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Niklas Malmgren of Klarna AB", "description": "Safari may have autofilled user names and passwords into a subframe from a different domain than the main frame. This issue was addressed through improved origin tracking.", "id": "CVE-2013-5227", "impact": "User credentials may be disclosed to an unintended site via autofill", "links": [ "http://support.apple.com/en-us/HT6162", "http://support.apple.com/en-us/HT6441" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "Apple TV (2nd generation and later)", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Keen Team (@K33nTeam) working with HP's Zero Day Initiative", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-5228", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6162", "http://support.apple.com/en-us/HT6163", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 and 10.9.1" ], "credit": "Marcin Ko\u015bcielnicki from the X.Org Foundation Nouveau project", "description": "An issue existed that allowed writes to some trusted memory on the graphics card. This issue was addressed by removing the ability of the host to write to that memory.", "id": "CVE-2013-5986", "impact": "Executing a malicious application could result in arbitrary code execution within the graphics card", "links": [ "http://support.apple.com/en-us/HT6150" ], "module": "NVIDIA Drivers", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 and 10.9.1" ], "credit": "Marcin Ko\u015bcielnicki from the X.Org Foundation Nouveau project", "description": "An issue existed that allowed writes to some trusted memory on the graphics card. This issue was addressed by removing the ability of the host to write to that memory.", "id": "CVE-2013-5987", "impact": "Executing a malicious application could result in arbitrary code execution within the graphics card", "links": [ "http://support.apple.com/en-us/HT6150" ], "module": "NVIDIA Drivers", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks 10.9.2", "OS X Yosemite v10.10 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in LibYAML. These issues were addressed by switching from YAML to JSON as Profile Manager's internal serialization format.", "id": "CVE-2013-6393", "impact": "Multiple vulnerabilities in LibYAML, the most serious of which may lead to arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6207", "https://support.apple.com/en-us/HT6536" ], "module": "Profile Manager", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 and 10.9.1" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP, the most serious of which may have led to arbitrary code execution. These issues were addressed by updating PHP to version 5.4.24 on OS X Mavericks v10.9, and 5.3.28 on OS X Lion and Mountain Lion.", "id": "CVE-2013-6420", "impact": "Multiple vulnerabilities in PHP", "links": [ "http://support.apple.com/en-us/HT6150" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "", "description": "Multiple vulnerabilities existed in Apache, the most serious of which may lead to a denial of service. These issues were addressed by updating Apache to version 2.4.9.", "id": "CVE-2013-6438", "impact": "Multiple vulnerabilities in Apache", "links": [ "https://support.apple.com/en-us/HT6535" ], "module": "apache", "rsr": "", "update": "" }, { "available": [ "Apple TV (2nd generation and later)", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.2", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "cloudfuzzer", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-6625", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6162", "http://support.apple.com/en-us/HT6163", "http://support.apple.com/en-us/HT6181", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV (2nd generation and later)", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 and 10.9.1", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Michal Zalewski", "description": "An uninitialized memory access issue existed in libjpeg's handling of JPEG markers, resulting in the disclosure of memory contents. This issue was addressed through additional validation of JPEG files.", "id": "CVE-2013-6629", "impact": "Viewing a maliciously crafted JPEG file may lead to the disclosure of memory contents", "links": [ "http://support.apple.com/en-us/HT6150", "http://support.apple.com/en-us/HT6162", "http://support.apple.com/en-us/HT6163" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple TV (2nd generation and later)", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.1", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "cloudfuzzer", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-6635", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6145", "http://support.apple.com/en-us/HT6162", "http://support.apple.com/en-us/HT6163", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Atte Kettunen of OUSPG", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2013-6663", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6440", "http://support.apple.com/en-us/HT6441", "http://support.apple.com/en-us/HT6442", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Guillaume Ross", "description": "Mail did not consult the user before launching facetime-audio:// URLs. This issue was addressed with the addition of a confirmation prompt.", "id": "CVE-2013-6835", "impact": "Tapping on a FaceTime link in Mail would trigger a FaceTime audio call without prompting", "links": [ "http://support.apple.com/en-us/HT6162", "http://support.apple.com/en-us/HT6441" ], "module": "Data Detectors", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9 to v10.9.4" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP 5.4.24, the most serious of which may have led to arbitrary code execution. This update addresses the issues by updating PHP to version 5.4.30", "id": "CVE-2013-7345", "impact": "Multiple vulnerabilities in PHP 5.4.24", "links": [ "http://support.apple.com/en-us/HT6443" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks 10.9 to 10.9.3" ], "credit": "", "description": "cURL re-used NTLM connections when more than one authentication method was enabled, which allowed an attacker to gain access to another user's session.", "id": "CVE-2014-0015", "impact": "A remote attacker may be able to gain access to another user's session", "links": [ "http://support.apple.com/en-us/HT6296" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.4 or later" ], "credit": "", "description": "A denial of service issue existed in Subversion when SVNListParentPath was enabled. This issue was addressed by updating Subversion to version 1.7.17.", "id": "CVE-2014-0032", "impact": "A malicious attacker may be able to cause Subversion to terminate unexpectedly", "links": [ "http://support.apple.com/en-us/HT6444" ], "module": "subversion", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5 or later", "OS X Yosemite v10.10 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in PostgreSQL. These issues were addressed by updating PostgreSQL to version 9.2.7.", "id": "CVE-2014-0060", "impact": "Multiple vulnerabilities in PostgreSQL, the most serious of which may lead to arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6448", "https://support.apple.com/en-us/HT6536" ], "module": "CoreCollaboration", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5 or later", "OS X Yosemite v10.10 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in PostgreSQL. These issues were addressed by updating PostgreSQL to version 9.2.7.", "id": "CVE-2014-0061", "impact": "Multiple vulnerabilities in PostgreSQL, the most serious of which may lead to arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6448", "https://support.apple.com/en-us/HT6536" ], "module": "CoreCollaboration", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5 or later", "OS X Yosemite v10.10 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in PostgreSQL. These issues were addressed by updating PostgreSQL to version 9.2.7.", "id": "CVE-2014-0062", "impact": "Multiple vulnerabilities in PostgreSQL, the most serious of which may lead to arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6448", "https://support.apple.com/en-us/HT6536" ], "module": "CoreCollaboration", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5 or later", "OS X Yosemite v10.10 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in PostgreSQL. These issues were addressed by updating PostgreSQL to version 9.2.7.", "id": "CVE-2014-0063", "impact": "Multiple vulnerabilities in PostgreSQL, the most serious of which may lead to arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6448", "https://support.apple.com/en-us/HT6536" ], "module": "CoreCollaboration", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5 or later", "OS X Yosemite v10.10 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in PostgreSQL. These issues were addressed by updating PostgreSQL to version 9.2.7.", "id": "CVE-2014-0064", "impact": "Multiple vulnerabilities in PostgreSQL, the most serious of which may lead to arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6448", "https://support.apple.com/en-us/HT6536" ], "module": "CoreCollaboration", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5 or later", "OS X Yosemite v10.10 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in PostgreSQL. These issues were addressed by updating PostgreSQL to version 9.2.7.", "id": "CVE-2014-0065", "impact": "Multiple vulnerabilities in PostgreSQL, the most serious of which may lead to arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6448", "https://support.apple.com/en-us/HT6536" ], "module": "CoreCollaboration", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5 or later", "OS X Yosemite v10.10 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in PostgreSQL. These issues were addressed by updating PostgreSQL to version 9.2.7.", "id": "CVE-2014-0066", "impact": "Multiple vulnerabilities in PostgreSQL, the most serious of which may lead to arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6448", "https://support.apple.com/en-us/HT6536" ], "module": "CoreCollaboration", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9 to v10.9.4" ], "credit": "", "description": "Multiple vulnerabilities existed in OpenSSL 0.9.8y. This update was addressed by updating OpenSSL to version 0.9.8za.", "id": "CVE-2014-0076", "impact": "Multiple vulnerabilities in OpenSSL 0.9.8y, including one that may lead to arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6443" ], "module": "OpenSSL", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "", "description": "Multiple vulnerabilities existed in Apache, the most serious of which may lead to a denial of service. These issues were addressed by updating Apache to version 2.4.9.", "id": "CVE-2014-0098", "impact": "Multiple vulnerabilities in Apache", "links": [ "https://support.apple.com/en-us/HT6535" ], "module": "apache", "rsr": "", "update": "" }, { "available": [ "AirPort Extreme and AirPort Time Capsule base stations with 802.11ac" ], "credit": "Riku, Antti, and Matti of Codenomicon and Neel Mehta of Google Security", "description": "An out-of-bounds read issue existed in the OpenSSL library when handling TLS heartbeat extension packets. An attacker in a privileged network position could obtain information from process memory. This issue was addressed through additional bounds checking. Only AirPort Extreme and AirPort Time Capsule base stations with 802.11ac are affected, and only if they have Back to My Mac or Send Diagnostics enabled. Other AirPort base stations are not impacted by this issue.", "id": "CVE-2014-0160", "impact": "An attacker in a privileged network position may obtain memory contents", "links": [ "http://support.apple.com/en-us/HT6203" ], "module": "AirPort Base Station Firmware Update 7.7.3", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9 to v10.9.4" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP 5.4.24, the most serious of which may have led to arbitrary code execution. This update addresses the issues by updating PHP to version 5.4.30", "id": "CVE-2014-0185", "impact": "Multiple vulnerabilities in PHP 5.4.24", "links": [ "http://support.apple.com/en-us/HT6443" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9 to v10.9.4" ], "credit": "", "description": "Multiple vulnerabilities existed in OpenSSL 0.9.8y. This update was addressed by updating OpenSSL to version 0.9.8za.", "id": "CVE-2014-0195", "impact": "Multiple vulnerabilities in OpenSSL 0.9.8y, including one that may lead to arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6443" ], "module": "OpenSSL", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9 to v10.9.4" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP 5.4.24, the most serious of which may have led to arbitrary code execution. This update addresses the issues by updating PHP to version 5.4.30", "id": "CVE-2014-0207", "impact": "Multiple vulnerabilities in PHP 5.4.24", "links": [ "http://support.apple.com/en-us/HT6443" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9 to v10.9.4" ], "credit": "", "description": "Multiple vulnerabilities existed in OpenSSL 0.9.8y. This update was addressed by updating OpenSSL to version 0.9.8za.", "id": "CVE-2014-0221", "impact": "Multiple vulnerabilities in OpenSSL 0.9.8y, including one that may lead to arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6443" ], "module": "OpenSSL", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9 to v10.9.4" ], "credit": "", "description": "Multiple vulnerabilities existed in OpenSSL 0.9.8y. This update was addressed by updating OpenSSL to version 0.9.8za.", "id": "CVE-2014-0224", "impact": "Multiple vulnerabilities in OpenSSL 0.9.8y, including one that may lead to arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6443" ], "module": "OpenSSL", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9 to v10.9.4" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP 5.4.24, the most serious of which may have led to arbitrary code execution. This update addresses the issues by updating PHP to version 5.4.30", "id": "CVE-2014-0237", "impact": "Multiple vulnerabilities in PHP 5.4.24", "links": [ "http://support.apple.com/en-us/HT6443" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9 to v10.9.4" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP 5.4.24, the most serious of which may have led to arbitrary code execution. This update addresses the issues by updating PHP to version 5.4.30", "id": "CVE-2014-0238", "impact": "Multiple vulnerabilities in PHP 5.4.24", "links": [ "http://support.apple.com/en-us/HT6443" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in BIND. These issues were addressed by updating BIND to version 9.9.2-P2", "id": "CVE-2014-0591", "impact": "Multiple vulnerabilities in BIND, the most serious of which may lead to a denial of service", "links": [ "https://support.apple.com/en-us/HT6536" ], "module": "BIND", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 or later, Windows 8, Windows 7, Vista, and XP SP2 or later" ], "credit": "Apple", "description": "The contents of the iTunes Tutorials window are retrieved from the network using an unprotected HTTP connection. An attacker with a privileged network position may inject arbitrary contents. This issue was addressed by using an encrypted HTTPS connection to retrieve tutorials.", "id": "CVE-2014-1242", "impact": "An attacker with a privileged network position may control the contents of the iTunes Tutorials window", "links": [ "http://support.apple.com/en-us/HT6001" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later" ], "credit": "Tom Gallagher (Microsoft) & Paul Bates (Microsoft) working with HP's Zero Day Initiative", "description": "An uninitialized pointer issue existed in the handling of track lists. This issue was addressed through improved error checking.", "id": "CVE-2014-1243", "impact": "Playing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6151" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later" ], "credit": "Tom Gallagher & Paul Bates working with HP's Zero Day Initiative", "description": "A buffer overflow existed in the handling of H.264 encoded movie files. This issue was addressed through improved bounds checking.", "id": "CVE-2014-1244", "impact": "Playing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6151" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 and 10.9.1", "Windows 7, Vista, XP SP2 or later" ], "credit": "Tom Gallagher & Paul Bates working with HP's Zero Day Initiative", "description": "A signedness issue existed in the handling of 'stsz' atoms. This issue was addressed through improved bounds checking.", "id": "CVE-2014-1245", "impact": "Playing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6150", "http://support.apple.com/en-us/HT6151" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 and 10.9.1", "Windows 7, Vista, XP SP2 or later" ], "credit": "An anonymous researcher working with HP's Zero Day Initiative", "description": "A buffer overflow existed in the handling of 'ftab' atoms. This issue was addressed through improved bounds checking.", "id": "CVE-2014-1246", "impact": "Playing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6150", "http://support.apple.com/en-us/HT6151" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 and 10.9.1", "Windows 7, Vista, XP SP2 or later" ], "credit": "Tom Gallagher & Paul Bates working with HP's Zero Day Initiative", "description": "A memory corruption issue existed in the handling of 'dref' atoms. This issue was addressed through improved bounds checking.", "id": "CVE-2014-1247", "impact": "Playing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6150", "http://support.apple.com/en-us/HT6151" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 and 10.9.1", "Windows 7, Vista, XP SP2 or later" ], "credit": "Jason Kratzer working with iDefense VCP", "description": "A buffer overflow existed in the handling of 'ldat' atoms. This issue was addressed through improved bounds checking.", "id": "CVE-2014-1248", "impact": "Playing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6150", "http://support.apple.com/en-us/HT6151" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 and 10.9.1", "Windows 7, Vista, XP SP2 or later" ], "credit": "dragonltx of Tencent Security Team", "description": "A buffer overflow existed in the handling of PSD images. This issue was addressed through improved bounds checking.", "id": "CVE-2014-1249", "impact": "Viewing a maliciously crafted PSD image may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6150", "http://support.apple.com/en-us/HT6151" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 and 10.9.1", "Windows 7, Vista, XP SP2 or later" ], "credit": "Jason Kratzer working with iDefense VCP", "description": "An out of bounds byte swapping issue existed in the handling of 'ttfo' elements. This issue was addressed through improved bounds checking.", "id": "CVE-2014-1250", "impact": "Playing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6150", "http://support.apple.com/en-us/HT6151" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Windows 7, Vista, XP SP2 or later" ], "credit": "Aliz Hammond working with HP's Zero Day Initiative", "description": "A buffer overflow existed in the handling of 'clef' atoms. This issue was addressed through improved bounds checking.", "id": "CVE-2014-1251", "impact": "Playing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6151" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9 or later, iOS 7 or later", "OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 and 10.9.1", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Felix Groebert of the Google Security Team", "description": "A double free issue existed in the handling of Microsoft Word documents. This issue was addressed through improved memory management.", "id": "CVE-2014-1252", "impact": "Opening a maliciously crafted Microsoft Word document may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6117", "http://support.apple.com/en-us/HT6150", "http://support.apple.com/en-us/HT6162" ], "module": "Office Viewer", "rsr": "", "update": "" }, { "available": [ "Macs running Boot Camp 5" ], "credit": "MJ0011 of 360 Security Center", "description": "A bounds checking issue existed in the AppleMNT.sys driver's parsing of Portable Executable files. If a Portable Executable file with a malformed header is loaded, this could cause a Boot Camp driver to corrupt kernel memory. The issue was addressed through improved bounds checking.", "id": "CVE-2014-1253", "impact": "Loading a malformed executable file may cause memory corruption in the kernel", "links": [ "http://support.apple.com/en-us/HT6126" ], "module": "Boot Camp", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 and 10.9.1" ], "credit": "Felix Groebert of the Google Security Team", "description": "A memory corruption issue existed in the handling of handling of Type 1 fonts. This issue was addressed through improved bounds checking.", "id": "CVE-2014-1254", "impact": "Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6150" ], "module": "ATS", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks 10.9 and 10.9.1" ], "credit": "Meder Kydyraliev of the Google Security Team", "description": "An arbitrary free issue existed in the handling of Mach messages passed to ATS. This issue was addressed through additional validation of Mach messages.", "id": "CVE-2014-1255", "impact": "The App Sandbox may be bypassed", "links": [ "http://support.apple.com/en-us/HT6150" ], "module": "ATS", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 and 10.9.1" ], "credit": "Meder Kydyraliev of the Google Security Team", "description": "A buffer overflow issue existed in the handling of Mach messages passed to ATS. This issue was addressed by additional bounds checking.", "id": "CVE-2014-1256", "impact": "The App Sandbox may be bypassed", "links": [ "http://support.apple.com/en-us/HT6150" ], "module": "ATS", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5" ], "credit": "Rob Ansaldo of Amherst College, Graham Bennett", "description": "Resetting Safari did not always delete session cookies until Safari was closed. This issue was addressed through improved handling of session cookies. This issue does not affect systems running OS X Mavericks 10.9 or later.", "id": "CVE-2014-1257", "impact": "Session cookies may persist even after resetting Safari", "links": [ "http://support.apple.com/en-us/HT6150" ], "module": "CFNetwork Cookies", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 and 10.9.1" ], "credit": "Karl Smith of NCC Group", "description": "A heap buffer overflow existed in CoreAnimation's handling of images. This issue was addressed through improved bounds checking.", "id": "CVE-2014-1258", "impact": "Visiting a maliciously crafted site may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6150" ], "module": "CoreAnimation", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 and 10.9.1" ], "credit": "", "description": "A buffer overflow existed in the handling of file names. This issue was addressed through improved bounds checking.", "id": "CVE-2014-1259", "impact": "Viewing a file with a maliciously crafted name may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6150" ], "module": "File Bookmark", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5" ], "credit": "Felix Groebert of the Google Security Team", "description": "A memory corruption issue existed in QuickLook's handling of Microsoft Office files. Downloading a maliciously crafted Microsoft Office file may have led to an unexpected application termination or arbitrary code execution. This issue does not affect systems running OS X Mavericks 10.9 or later.", "id": "CVE-2014-1260", "impact": "Downloading a maliciously crafted Microsoft Office file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6150" ], "module": "QuickLook", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks 10.9 and 10.9.1" ], "credit": "Lucas Apa and Carlos Mario Penagos of IOActive Labs", "description": "A signedness issue existed in CoreText in the handling of Unicode fonts. This issue is addressed through improved bounds checking.", "id": "CVE-2014-1261", "impact": "Applications that use CoreText may be vulnerable to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6150" ], "module": "CoreText", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks 10.9 and 10.9.1" ], "credit": "Meder Kydyraliev of the Google Security Team", "description": "A memory corruption issue existed in the handling of Mach messages passed to ATS. This issue was addressed through improved bounds checking.", "id": "CVE-2014-1262", "impact": "The App Sandbox may be bypassed", "links": [ "http://support.apple.com/en-us/HT6150" ], "module": "ATS", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks 10.9 and 10.9.1" ], "credit": "Roland Moriz of Moriz GmbH", "description": "When using curl to connect to an HTTPS URL containing an IP address, the IP address was not validated against the certificate. This issue does not affect systems prior to OS X Mavericks v10.9.", "id": "CVE-2014-1263", "impact": "An attacker with a privileged network position may intercept user credentials or other sensitive information", "links": [ "http://support.apple.com/en-us/HT6150" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks 10.9 and 10.9.1" ], "credit": "", "description": "Accessing a file's ACL via Finder may corrupt the ACLs on the file. This issue was addressed through improved handling of ACLs.", "id": "CVE-2014-1264", "impact": "Accessing a file's ACL via Finder may lead to other users gaining unauthorized access to files", "links": [ "http://support.apple.com/en-us/HT6150" ], "module": "Finder", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 and 10.9.1" ], "credit": "", "description": "This update changes the behavior of the", "id": "CVE-2014-1265", "impact": "An unprivileged user may change the system clock", "links": [ "http://support.apple.com/en-us/HT6150" ], "module": "Date and Time", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Mavericks 10.9 and 10.9.1", "iPhone 3GS, iPod touch (4th generation)", "iPhone 4 and later, iPod touch (5th generation), iPad 2 and later" ], "credit": "", "description": "Secure Transport failed to validate the authenticity of the connection. This issue was addressed by restoring missing validation steps.", "id": "CVE-2014-1266", "impact": "An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS", "links": [ "http://support.apple.com/en-us/HT6146", "http://support.apple.com/en-us/HT6147", "http://support.apple.com/en-us/HT6148", "http://support.apple.com/en-us/HT6150" ], "module": "Data Security", "rsr": "", "update": "" }, { "available": [ "Apple TV (2nd generation and later)", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "", "description": "Expiration dates of mobile configuration profiles were not evaluated correctly. The issue was resolved through improved handling of configuration profiles.", "id": "CVE-2014-1267", "impact": "Profile expiration dates were not honored", "links": [ "http://support.apple.com/en-us/HT6162", "http://support.apple.com/en-us/HT6163" ], "module": "Configuration Profiles", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.1", "Windows 8, Windows 7, Vista, XP SP2 or later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1268", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6145", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV (2nd generation and later)", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.1", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1269", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6145", "http://support.apple.com/en-us/HT6162", "http://support.apple.com/en-us/HT6163", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV (2nd generation and later)", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.1", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1270", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6145", "http://support.apple.com/en-us/HT6162", "http://support.apple.com/en-us/HT6163", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV (2nd generation and later)", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Filippo Bigarella", "description": "A reachable assertion issue existed in CoreCapture's handling of IOKit API calls. The issue was addressed through additional validation of input from IOKit.", "id": "CVE-2014-1271", "impact": "A malicious application can cause an unexpected system termination", "links": [ "http://support.apple.com/en-us/HT6162", "http://support.apple.com/en-us/HT6163" ], "module": "CoreCapture", "rsr": "", "update": "" }, { "available": [ "Apple TV (2nd generation and later)", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "evad3rs", "description": "CrashHouseKeeping followed symbolic links while changing permissions on files. This issue was addressed by not following symbolic links when changing permissions on files.", "id": "CVE-2014-1272", "impact": "A local user may be able to change permissions on arbitrary files", "links": [ "http://support.apple.com/en-us/HT6162", "http://support.apple.com/en-us/HT6163" ], "module": "Crash Reporting", "rsr": "", "update": "" }, { "available": [ "Apple TV (2nd generation and later)", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "evad3rs", "description": "Text relocation instructions in dynamic libraries may be loaded by dyld without code signature validation. This issue was addressed by ignoring text relocation instructions.", "id": "CVE-2014-1273", "impact": "Code signing requirements may be bypassed", "links": [ "http://support.apple.com/en-us/HT6162", "http://support.apple.com/en-us/HT6163" ], "module": "dyld", "rsr": "", "update": "" }, { "available": [ "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "", "description": "FaceTime contacts on a locked device could be exposed by making a failed FaceTime call from the lock screen. This issue was addressed through improved handling of FaceTime calls.", "id": "CVE-2014-1274", "impact": "A person with physical access to the device may be able to access FaceTime contacts from the lock screen", "links": [ "http://support.apple.com/en-us/HT6162" ], "module": "FaceTime", "rsr": "", "update": "" }, { "available": [ "Apple TV (2nd generation and later)", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Felix Groebert of the Google Security Team", "description": "A buffer overflow existed in the handling of JPEG2000 images in PDF files. This issue was addressed through improved bounds checking.", "id": "CVE-2014-1275", "impact": "Viewing a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6162", "http://support.apple.com/en-us/HT6163" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Min Zheng, Hui Xue, and Dr. Tao (Lenx) Wei of FireEye", "description": "An interface in IOKit framework allowed malicious apps to monitor on user actions in other apps. This issue was addressed through improved access control policies in the framework.", "id": "CVE-2014-1276", "impact": "A malicious application may monitor on user actions in other apps", "links": [ "http://support.apple.com/en-us/HT6162" ], "module": "IOKit HID Event", "rsr": "", "update": "" }, { "available": [ "Apple TV (2nd generation and later)", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "evad3rs", "description": "An out of bounds memory access issue existed in the ARM ptmx_get_ioctl function. This issue was addressed through improved bounds checking.", "id": "CVE-2014-1278", "impact": "A local user may be able to cause an unexpected system termination or arbitrary code execution in the kernel", "links": [ "http://support.apple.com/en-us/HT6162", "http://support.apple.com/en-us/HT6163" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV (2nd generation and later)" ], "credit": "David Schuetz working at Intrepidus Group", "description": "Sensitive user information was logged. This issue was addressed by logging less information.", "id": "CVE-2014-1279", "impact": "An attacker with access to an Apple TV may access sensitive user information from logs", "links": [ "http://support.apple.com/en-us/HT6163" ], "module": "Apple TV", "rsr": "", "update": "" }, { "available": [ "Apple TV (2nd generation and later)", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "rg0rd", "description": "A null dereference issue existed in the handling of MPEG-4 encoded files. This issue was addressed through improved memory handling.", "id": "CVE-2014-1280", "impact": "Playing a maliciously crafted video could lead to the device becoming unresponsive", "links": [ "http://support.apple.com/en-us/HT6162", "http://support.apple.com/en-us/HT6163" ], "module": "Video Driver", "rsr": "", "update": "" }, { "available": [ "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Walter Hoelblinger of Hoelblinger.com, Morgan Adams, Tom Pennington", "description": "Deleting an image from the asset library did not delete cached versions of the image. This issue was addressed through improved cache management.", "id": "CVE-2014-1281", "impact": "Deleted images may still appear in the Photos app underneath transparent images", "links": [ "http://support.apple.com/en-us/HT6162" ], "module": "Photos Backend", "rsr": "", "update": "" }, { "available": [ "Apple TV (2nd generation and later)", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Assaf Hefetz, Yair Amit and Adi Sharabani of Skycure", "description": "A configuration profile with a long name could be loaded onto the device but was not displayed in the profile UI. The issue was addressed through improved handling of profile names.", "id": "CVE-2014-1282", "impact": "A configuration profile may be hidden from the user", "links": [ "http://support.apple.com/en-us/HT6162", "http://support.apple.com/en-us/HT6163" ], "module": "Profiles", "rsr": "", "update": "" }, { "available": [ "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Roboboi99", "description": "An unexpected application termination during activation could cause the phone to show the home screen. The issue was addressed through improved error handling during activation.", "id": "CVE-2014-1285", "impact": "A person with physical access to the device may be able to see the home screen of the device even if the device has not been activated", "links": [ "http://support.apple.com/en-us/HT6162" ], "module": "Springboard", "rsr": "", "update": "" }, { "available": [ "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Bogdan Alecu of M-sec.net", "description": "A state management issue existed in the lock screen. This issue was addressed through improved state management.", "id": "CVE-2014-1286", "impact": "A remote attacker may be able to cause the lock screen to become unresponsive", "links": [ "http://support.apple.com/en-us/HT6162" ], "module": "SpringBoard Lock Screen", "rsr": "", "update": "" }, { "available": [ "Apple TV (2nd generation and later)", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Andy Davis of NCC Group", "description": "A memory corruption issue existed in the handling of USB messages. This issue was addressed through additional validation of USB messages.", "id": "CVE-2014-1287", "impact": "A person with physical access to the device may be able to cause arbitrary code execution in kernel mode", "links": [ "http://support.apple.com/en-us/HT6162", "http://support.apple.com/en-us/HT6163" ], "module": "USB Host", "rsr": "", "update": "" }, { "available": [ "Apple TV (2nd generation and later)", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.2", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1289", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6162", "http://support.apple.com/en-us/HT6163", "http://support.apple.com/en-us/HT6181", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV (2nd generation and later)", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.2", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "ant4g0nist (SegFault) working with HP's Zero Day Initiative, Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1290", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6162", "http://support.apple.com/en-us/HT6163", "http://support.apple.com/en-us/HT6181", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV (2nd generation and later)", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.2", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1291", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6162", "http://support.apple.com/en-us/HT6163", "http://support.apple.com/en-us/HT6181", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV (2nd generation and later)", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.2", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1292", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6162", "http://support.apple.com/en-us/HT6163", "http://support.apple.com/en-us/HT6181", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV (2nd generation and later)", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.2", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1293", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6162", "http://support.apple.com/en-us/HT6163", "http://support.apple.com/en-us/HT6181", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV (2nd generation and later)", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.2", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1294", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6162", "http://support.apple.com/en-us/HT6163", "http://support.apple.com/en-us/HT6181", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Mountain Lion v10.8.5 and OS X Mavericks 10.9.2", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Antoine Delignat-Lavaud, Karthikeyan Bhargavan and Alfredo Pironti of Prosecco at Inria Paris", "description": "In a 'triple handshake' attack, it was possible for an attacker to establish two connections which had the same encryption keys and handshake, insert the attacker's data in one connection, and renegotiate so that the connections may be forwarded to each other. To prevent attacks based on this scenario, Secure Transport was changed so that, by default, a renegotiation must present the same server certificate as was presented in the original connection.", "id": "CVE-2014-1295", "impact": "An attacker with a privileged network position may capture data or change the operations performed in sessions protected by SSL", "links": [ "http://support.apple.com/en-us/HT6207", "http://support.apple.com/en-us/HT6208", "http://support.apple.com/en-us/HT6209" ], "module": "Security - Secure Transport", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, and OS X Mavericks 10.9.2", "Windows 8, Windows 7, Vista, and XP SP3 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "", "description": "Set-Cookie HTTP headers would be processed even if the connection closed before the header line was complete. An attacker could strip security settings from the cookie by forcing the connection to close before the security settings were sent, and then obtain the value of the unprotected cookie. This issue was addressed by ignoring incomplete HTTP header lines.", "id": "CVE-2014-1296", "impact": "An attacker in a privileged network position can obtain iTunes credentials", "links": [ "http://support.apple.com/en-us/HT6207", "http://support.apple.com/en-us/HT6208", "http://support.apple.com/en-us/HT6209", "http://support.apple.com/en-us/HT6245" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.2" ], "credit": "Ian Beer of Google Project Zero", "description": "A logic issue existed in the handling of IPC messages from the WebProcess. This issue was addressed through additional validation of IPC messages.", "id": "CVE-2014-1297", "impact": "An attacker running arbitrary code in the WebProcess may be able to read arbitrary files despite sandbox restrictions", "links": [ "http://support.apple.com/en-us/HT6181" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.2", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1298", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6181", "http://support.apple.com/en-us/HT6208", "http://support.apple.com/en-us/HT6209", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.2", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Google Chrome Security Team, Apple, Renata Hodovan of University of Szeged / Samsung Electronics", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1299", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6181", "http://support.apple.com/en-us/HT6208", "http://support.apple.com/en-us/HT6209", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.2", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Ian Beer of Google Project Zero working with HP's Zero Day Initiative", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1300", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6181", "http://support.apple.com/en-us/HT6208", "http://support.apple.com/en-us/HT6209", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.2", "Windows 8, Windows 7, Vista, XP SP2 or later" ], "credit": "Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1301", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6181", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.2", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Google Chrome Security Team, Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1302", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6181", "http://support.apple.com/en-us/HT6208", "http://support.apple.com/en-us/HT6209", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.2", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "KeenTeam working with HP's Zero Day Initiative", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1303", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6181", "http://support.apple.com/en-us/HT6208", "http://support.apple.com/en-us/HT6209", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.2", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1304", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6181", "http://support.apple.com/en-us/HT6208", "http://support.apple.com/en-us/HT6209", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.2", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1305", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6181", "http://support.apple.com/en-us/HT6208", "http://support.apple.com/en-us/HT6209", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.2", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1307", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6181", "http://support.apple.com/en-us/HT6208", "http://support.apple.com/en-us/HT6209", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.2", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1308", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6181", "http://support.apple.com/en-us/HT6208", "http://support.apple.com/en-us/HT6209", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.2", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "cloudfuzzer", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1309", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6181", "http://support.apple.com/en-us/HT6208", "http://support.apple.com/en-us/HT6209", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.2", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1310", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6181", "http://support.apple.com/en-us/HT6208", "http://support.apple.com/en-us/HT6209", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.2", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1311", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6181", "http://support.apple.com/en-us/HT6208", "http://support.apple.com/en-us/HT6209", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.2", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1312", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6181", "http://support.apple.com/en-us/HT6208", "http://support.apple.com/en-us/HT6209", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.2", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1313", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6181", "http://support.apple.com/en-us/HT6208", "http://support.apple.com/en-us/HT6209", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5 and OS X Mavericks 10.9.2" ], "credit": "KeenTeam working with HP's Zero Day Initiative", "description": "WindowServer sessions could be created by sandboxed applications. This issue was addressed by disallowing sandboxed applications from creating WindowServer sessions.", "id": "CVE-2014-1314", "impact": "Maliciously crafted applications can execute arbitrary code outside the sandbox", "links": [ "http://support.apple.com/en-us/HT6207" ], "module": "WindowServer", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks 10.9.2" ], "credit": "Lukasz Pilorz of runic.pl, Erik Kooistra", "description": "A format string issue existed in the handling of URLs. This issue was addressed through additional validation of URLs. This issue does not affect systems prior to OS X Mavericks.", "id": "CVE-2014-1315", "impact": "Visiting a maliciously crafted website or URL may result in an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6207" ], "module": "CoreServicesUIAgent", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks 10.9.2" ], "credit": "Joonas Kuorilehto of Codenomicon", "description": "A reachable abort existed in the handling of ASN.1 data. This issue was addressed through additional validation of ASN.1 data.", "id": "CVE-2014-1316", "impact": "A remote attacker may be able to cause a denial of service", "links": [ "http://support.apple.com/en-us/HT6207" ], "module": "Heimdal Kerberos", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks 10.9 to 10.9.3" ], "credit": "Steve Dunham", "description": "An issue existed in the handling of iBooks logs. The iBooks process could log Apple ID credentials in the iBooks log where other users of the system could read it. This issue was addressed by disallowing logging of credentials.", "id": "CVE-2014-1317", "impact": "An attacker with access to a system may be able to recover Apple ID credentials", "links": [ "http://support.apple.com/en-us/HT6296" ], "module": "iBooks Commerce", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5 and OS X Mavericks 10.9.2" ], "credit": "Ian Beer of Google Project Zero working with HP's Zero Day Initiative", "description": "A validation issue existed in the handling of a pointer from userspace. This issue was addressed through additional validation of pointers.", "id": "CVE-2014-1318", "impact": "A malicious application can take control of the system", "links": [ "http://support.apple.com/en-us/HT6207" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks 10.9.2" ], "credit": "Cristian Draghici of Modulo Consulting, Karl Smith of NCC Group", "description": "A buffer overflow issue existed in ImageIO's handling of JPEG images. This issue was addressed through improved bounds checking. This issue does not affect systems prior to OS X Mavericks.", "id": "CVE-2014-1319", "impact": "Viewing a maliciously crafted JPEG image may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6207" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Mavericks 10.9.2", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Ian Beer of Google Project Zero working with HP's Zero Day Initiative", "description": "A set of kernel pointers stored in an IOKit object could be retrieved from userland. This issue was addressed through removing the pointers from the object.", "id": "CVE-2014-1320", "impact": "A local user can read kernel pointers, which can be used to bypass kernel address space layout randomization", "links": [ "http://support.apple.com/en-us/HT6207", "http://support.apple.com/en-us/HT6208", "http://support.apple.com/en-us/HT6209" ], "module": "IOKit Kernel", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks 10.9.2" ], "credit": "Paul Kleeberg of Stratis Health Bloomington MN, Julian Sincu at the Baden-Wuerttemberg Cooperative State University (DHBW Stuttgart), Gerben Wierda of R&A, Daniel Luz", "description": "If a key was pressed or the trackpad touched just after the lid was closed, the system might have tried to wake up while going to sleep, which would have caused the screen to be unlocked. This issue was addressed by ignoring keypresses while going to sleep. This issue does not affect systems prior to OS X Mavericks.", "id": "CVE-2014-1321", "impact": "The screen might not lock", "links": [ "http://support.apple.com/en-us/HT6207" ], "module": "Power Management", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks 10.9.2" ], "credit": "Ian Beer of Google Project Zero", "description": "A kernel pointer stored in a XNU object could be retrieved from userland. This issue was addressed through removing the pointer from the object.", "id": "CVE-2014-1322", "impact": "A local user can read a kernel pointer, which can be used to bypass kernel address space layout randomization", "links": [ "http://support.apple.com/en-us/HT6207" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.3", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "banty", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1323", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6254", "http://support.apple.com/en-us/HT6297", "http://support.apple.com/en-us/HT6298", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.3", "Windows 8, Windows 7, Vista, XP SP2 or later" ], "credit": "Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1324", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6254", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.3", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1325", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6293", "http://support.apple.com/en-us/HT6297", "http://support.apple.com/en-us/HT6298", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.3", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1326", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6254", "http://support.apple.com/en-us/HT6297", "http://support.apple.com/en-us/HT6298", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.3", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Google Chrome Security Team, Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1327", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6254", "http://support.apple.com/en-us/HT6297", "http://support.apple.com/en-us/HT6298", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.3", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1329", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6254", "http://support.apple.com/en-us/HT6297", "http://support.apple.com/en-us/HT6298", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.3", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1330", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6254", "http://support.apple.com/en-us/HT6297", "http://support.apple.com/en-us/HT6298", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.3", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "cloudfuzzer", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1331", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6254", "http://support.apple.com/en-us/HT6297", "http://support.apple.com/en-us/HT6298", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.3", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1333", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6254", "http://support.apple.com/en-us/HT6297", "http://support.apple.com/en-us/HT6298", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.3", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1334", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6254", "http://support.apple.com/en-us/HT6297", "http://support.apple.com/en-us/HT6298", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.3", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1335", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6254", "http://support.apple.com/en-us/HT6297", "http://support.apple.com/en-us/HT6298", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.3", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1336", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6254", "http://support.apple.com/en-us/HT6297", "http://support.apple.com/en-us/HT6298", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.3", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1337", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6254", "http://support.apple.com/en-us/HT6297", "http://support.apple.com/en-us/HT6298", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.3", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1338", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6254", "http://support.apple.com/en-us/HT6297", "http://support.apple.com/en-us/HT6298", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.3", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Atte Kettunen of OUSPG", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1339", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6254", "http://support.apple.com/en-us/HT6297", "http://support.apple.com/en-us/HT6298", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.3", "Windows 8, Windows 7, Vista, XP SP2 or later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1340", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6293", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.3", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1341", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6254", "http://support.apple.com/en-us/HT6297", "http://support.apple.com/en-us/HT6298", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.3", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1342", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6254", "http://support.apple.com/en-us/HT6297", "http://support.apple.com/en-us/HT6298", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.3", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1343", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6254", "http://support.apple.com/en-us/HT6297", "http://support.apple.com/en-us/HT6298", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.3", "Windows 8, Windows 7, Vista, XP SP2 or later" ], "credit": "Ian Beer of Google Project Zero", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1344", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6254", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.3", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Erling Ellingsen of Facebook", "description": "A spoofing issue existed in the handling of URLs. This issue was addressed through improved encoding of URLs.", "id": "CVE-2014-1345", "impact": "A maliciously crafted website may be able to spoof its domain name in the address bar", "links": [ "http://support.apple.com/en-us/HT6293", "http://support.apple.com/en-us/HT6297" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.3", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Erling Ellingsen of Facebook", "description": "An encoding issue existed in the handling of unicode characters in URLs. A maliciously crafted URL could have led to sending an incorrect postMessage origin. This issue was addressed through improved encoding/decoding.", "id": "CVE-2014-1346", "impact": "A malicious site can send messages to a connected frame or window in a way that might circumvent the receiver's origin check", "links": [ "http://support.apple.com/en-us/HT6254", "http://support.apple.com/en-us/HT6297" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 or later" ], "credit": "", "description": "Upon each reboot, the permissions for the /Users and /Users/Shared directories would be set to world-writable, allowing modification of these directories. This issue was addressed with improved permission handling. For information on the general content of iTunes 11.2.1, see", "id": "CVE-2014-1347", "impact": "A local user can compromise other local user accounts", "links": [ "http://support.apple.com/en-us/HT6251" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Andreas Kurtz of NESO Security Labs", "description": "A logic issue existed in Mail's use of Data Protection on email attachments. This issue was addressed by properly setting the Data Protection class for email attachments.", "id": "CVE-2014-1348", "impact": "A person with physical access to an iOS device may potentially read email attachments", "links": [ "http://support.apple.com/en-us/HT6297", "http://support.apple.com/en-us/HT6441" ], "module": "Mail", "rsr": "", "update": "" }, { "available": [ "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Reno Robert and Dhanesh Kizhakkinan", "description": "A use after free issue existed in Safari's handling of invalid URLs. This issue was addressed through improved memory handling.", "id": "CVE-2014-1349", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6297" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "", "description": "A state management issue existed in the handling of the Find My iPhone state. This issue was addressed through improved handling of Find My iPhone state.", "id": "CVE-2014-1350", "impact": "A person with physical access to the device may be able to disable Find My iPhone without entering an iCloud password", "links": [ "http://support.apple.com/en-us/HT6297" ], "module": "Settings", "rsr": "", "update": "" }, { "available": [ "iPhone 4S and later, iPod touch (5th generation) and later, iPad (3rd generation) and later" ], "credit": "Sherif Hashim", "description": "If a Siri request might refer to one of several contacts, Siri displays a list of possible choices and the option 'More...' for a complete contact list. When used at the lock screen, Siri did not require the passcode before viewing the complete contact list. This issue was addressed by requiring the passcode.", "id": "CVE-2014-1351", "impact": "A person with physical access to the phone may be able to view all contacts", "links": [ "http://support.apple.com/en-us/HT6297" ], "module": "Siri", "rsr": "", "update": "" }, { "available": [ "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "mblsec", "description": "In some circumstances, the failed passcode attempt limit was not enforced. This issue was addressed through additional enforcement of this limit.", "id": "CVE-2014-1352", "impact": "An attacker in possession of a device may exceed the maximum number of failed passcode attempts", "links": [ "http://support.apple.com/en-us/HT6297" ], "module": "Lock Screen", "rsr": "", "update": "" }, { "available": [ "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "", "description": "A state management issue existed in the handling of the telephony state while in Airplane Mode. This issue was addressed through improved state management while in Airplane Mode.", "id": "CVE-2014-1353", "impact": "A person with physical access to a locked device may be able to access the application that was in the foreground prior to locking", "links": [ "http://support.apple.com/en-us/HT6297" ], "module": "Lock Screen", "rsr": "", "update": "" }, { "available": [ "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Dima Kovalenko of codedigging.com", "description": "An unbounded stack allocation issue existed in the handling of XBM files. This issue was addressed through improved bounds checking.", "id": "CVE-2014-1354", "impact": "Viewing a maliciously crafted XBM file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6297" ], "module": "CoreGraphics", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Mavericks 10.9 to 10.9.3", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "cunzhang from Adlab of Venustech", "description": "A null pointer dereference existed in the handling of IOKit API arguments. This issue was addressed through additional validation of IOKit API arguments.", "id": "CVE-2014-1355", "impact": "An application could cause the device to unexpectedly restart", "links": [ "http://support.apple.com/en-us/HT6296", "http://support.apple.com/en-us/HT6297", "http://support.apple.com/en-us/HT6298" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Mavericks 10.9 to 10.9.3", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Ian Beer of Google Project Zero", "description": "A heap buffer overflow existed in launchd's handling of IPC messages. This issue was addressed through improved bounds checking.", "id": "CVE-2014-1356", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "http://support.apple.com/en-us/HT6296", "http://support.apple.com/en-us/HT6297", "http://support.apple.com/en-us/HT6298" ], "module": "launchd", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Mavericks 10.9 to 10.9.3", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Ian Beer of Google Project Zero", "description": "A heap buffer overflow existed in launchd's handling of log messages. This issue was addressed through improved bounds checking.", "id": "CVE-2014-1357", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "http://support.apple.com/en-us/HT6296", "http://support.apple.com/en-us/HT6297", "http://support.apple.com/en-us/HT6298" ], "module": "launchd", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Mavericks 10.9 to 10.9.3", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Ian Beer of Google Project Zero", "description": "An integer overflow existed in launchd. This issue was addressed through improved bounds checking.", "id": "CVE-2014-1358", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "http://support.apple.com/en-us/HT6296", "http://support.apple.com/en-us/HT6297", "http://support.apple.com/en-us/HT6298" ], "module": "launchd", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Mavericks 10.9 to 10.9.3", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Ian Beer of Google Project Zero", "description": "An integer underflow existed in launchd. This issue was addressed through improved bounds checking.", "id": "CVE-2014-1359", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "http://support.apple.com/en-us/HT6296", "http://support.apple.com/en-us/HT6297", "http://support.apple.com/en-us/HT6298" ], "module": "launchd", "rsr": "", "update": "" }, { "available": [ "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "", "description": "An issue existed with unlocking behavior that caused a device to proceed to the home screen even if it should still be in an activation locked state. This was addressed by changing the information a device verifies during an unlock request.", "id": "CVE-2014-1360", "impact": "A device can be manipulated into incorrectly presenting the home screen when the device is activation locked", "links": [ "http://support.apple.com/en-us/HT6297", "http://support.apple.com/en-us/HT6441" ], "module": "Lockdown", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 to 10.9.3", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Thijs Alkemade of The Adium Project", "description": "An uninitialized memory access issue existed in the handling of DTLS messages in a TLS connection. This issue was addressed by only accepting DTLS messages in a DTLS connection.", "id": "CVE-2014-1361", "impact": "Two bytes of uninitialized memory could be disclosed to a remote attacker", "links": [ "http://support.apple.com/en-us/HT6296", "http://support.apple.com/en-us/HT6297", "http://support.apple.com/en-us/HT6298" ], "module": "Secure Transport", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.3", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple, miaubiz", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1362", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6293", "http://support.apple.com/en-us/HT6297", "http://support.apple.com/en-us/HT6298", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.3", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1363", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6293", "http://support.apple.com/en-us/HT6297", "http://support.apple.com/en-us/HT6298", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.3", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1364", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6293", "http://support.apple.com/en-us/HT6297", "http://support.apple.com/en-us/HT6298", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.3", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple, Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1365", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6293", "http://support.apple.com/en-us/HT6297", "http://support.apple.com/en-us/HT6298", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.3", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1366", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6293", "http://support.apple.com/en-us/HT6297", "http://support.apple.com/en-us/HT6298", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.3", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1367", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6293", "http://support.apple.com/en-us/HT6297", "http://support.apple.com/en-us/HT6298", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.3", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Wushi of Keen Team (Research Team of Keen Cloud Tech)", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1368", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6293", "http://support.apple.com/en-us/HT6297", "http://support.apple.com/en-us/HT6298", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.3" ], "credit": "Aaron Sigel of vtty.com", "description": "Dragging a URL from a maliciously crafted website to another window could have allowed the malicious site to access a file:// URL. This issue was addressed through improved validation of dragged resources.", "id": "CVE-2014-1369", "impact": "Dragging a URL from a maliciously crafted website to another window could lead to the disclosure of local file content", "links": [ "http://support.apple.com/en-us/HT6293" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 to 10.9.3" ], "credit": "Chaitanya (SegFault) working with iDefense VCP", "description": "An out of bounds byte swapping issue existed in the handling of AppleDouble files in zip archives. This issue was addressed through improved bounds checking.", "id": "CVE-2014-1370", "impact": "Opening a maliciously crafted zip file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6296" ], "module": "copyfile", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 to 10.9.3" ], "credit": "an anonymous researcher working with HP's Zero Day Initiative", "description": "An unvalidated array index issue existed in the Dock\u2019s handling of messages from applications. A maliciously crafted message could cause an invalid function pointer to be dereferenced, which could lead to an unexpected application termination or arbitrary code execution.", "id": "CVE-2014-1371", "impact": "A sandboxed application may be able to circumvent sandbox restrictions", "links": [ "http://support.apple.com/en-us/HT6296" ], "module": "Dock", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 to 10.9.3" ], "credit": "Ian Beer of Google Project Zero", "description": "An out-of-bounds read issue existed in the handling of a system call. This issue was addressed through improved bounds checking.", "id": "CVE-2014-1372", "impact": "A local user can read kernel memory, which can be used to bypass kernel address space layout randomization", "links": [ "http://support.apple.com/en-us/HT6296" ], "module": "Graphics Driver", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 to 10.9.3" ], "credit": "Ian Beer of Google Project Zero", "description": "A validation issue existed in the handling of an OpenGL API call. This issue was addressed through improved bounds checking.", "id": "CVE-2014-1373", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "http://support.apple.com/en-us/HT6296" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks 10.9 to 10.9.3" ], "credit": "", "description": "A kernel pointer stored in an IOKit object could be retrieved from userland. This issue was addressed by removing the pointer from the object.", "id": "CVE-2014-1375", "impact": "A local user can read a kernel pointer, which can be used to bypass kernel address space layout randomization", "links": [ "http://support.apple.com/en-us/HT6296" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 to 10.9.3" ], "credit": "Ian Beer of Google Project Zero", "description": "A validation issue existed in the handling of an OpenCL API call. This issue was addressed through improved bounds checking.", "id": "CVE-2014-1376", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "http://support.apple.com/en-us/HT6296" ], "module": "Intel Compute", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 to 10.9.3" ], "credit": "Ian Beer of Google Project Zero", "description": "An array indexing issue existed in IOAcceleratorFamily. This issue was addressed through improved bounds checking.", "id": "CVE-2014-1377", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "http://support.apple.com/en-us/HT6296" ], "module": "IOAcceleratorFamily", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks 10.9 to 10.9.3" ], "credit": "", "description": "A kernel pointer stored in an IOKit object could be retrieved from userland. This issue was addressed by using a unique ID instead of a pointer.", "id": "CVE-2014-1378", "impact": "A local user can read a kernel pointer, which can be used to bypass kernel address space layout randomization", "links": [ "http://support.apple.com/en-us/HT6296" ], "module": "IOGraphicsFamily", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 to 10.9.3" ], "credit": "Ian Beer of Google Project Zero", "description": "Multiple null dereference issues existed in kernel graphics drivers. A maliciously crafted 32-bit executable may have been able to obtain elevated privileges.", "id": "CVE-2014-1379", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "http://support.apple.com/en-us/HT6296" ], "module": "Graphics Drivers", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks 10.9 to 10.9.3" ], "credit": "Ben Langfeld of Mojo Lingo LLC", "description": "Under rare circumstances, the screen lock did not intercept keystrokes. This could have allowed an attacker to type into windows under the screen lock. This issue was addressed through improved keystroke observer management.", "id": "CVE-2014-1380", "impact": "An attacker may be able to type into windows under the screen lock", "links": [ "http://support.apple.com/en-us/HT6296" ], "module": "Security - Keychain", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks 10.9 to 10.9.3" ], "credit": "Sarah aka winocm", "description": "An out of bounds memory access issue existed in the handling of IOThunderBoltController API calls. This issue was addressed through improved bounds checking.", "id": "CVE-2014-1381", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "http://support.apple.com/en-us/HT6296" ], "module": "Thunderbolt", "rsr": "", "update": "February 3, 2020" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.3", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Renata Hodovan of University of Szeged / Samsung Electronics", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1382", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6293", "http://support.apple.com/en-us/HT6297", "http://support.apple.com/en-us/HT6298", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later" ], "credit": "", "description": "A signed-in user was able to complete an iTunes Store transaction without providing a valid password when prompted. This issue was addressed by additional enforcement of purchase authorization.", "id": "CVE-2014-1383", "impact": "An iTunes Store transaction may be completed with insufficient authorization", "links": [ "http://support.apple.com/en-us/HT6298" ], "module": "Apple TV", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.4", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1384", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6367", "http://support.apple.com/en-us/HT6441", "http://support.apple.com/en-us/HT6442", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.4", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1385", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6367", "http://support.apple.com/en-us/HT6441", "http://support.apple.com/en-us/HT6442", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.4", "Windows 8, Windows 7, Vista, XP SP2 or later" ], "credit": "an anonymous researcher", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1386", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6367", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.4", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1387", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6367", "http://support.apple.com/en-us/HT6441", "http://support.apple.com/en-us/HT6442", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.4", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1388", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6367", "http://support.apple.com/en-us/HT6441", "http://support.apple.com/en-us/HT6442", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.4", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1389", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6367", "http://support.apple.com/en-us/HT6441", "http://support.apple.com/en-us/HT6442", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.4", "Windows 8, Windows 7, Vista, XP SP2 or later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1390", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6367", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9 to v10.9.4", "Windows 7, Vista, XP SP2 or later" ], "credit": "Fernando Munoz working with iDefense VCP, Tom Gallagher & Paul Bates working with HP's Zero Day Initiative", "description": "A memory corruption issue existed in the handling of RLE encoded movie files. This issue was addressed through improved bounds checking.", "id": "CVE-2014-1391", "impact": "Playing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6443", "https://support.apple.com/en-us/HT6493" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.2", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "VUPEN working with HP's Zero Day Initiative", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1713", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6181", "http://support.apple.com/en-us/HT6208", "http://support.apple.com/en-us/HT6209", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 2nd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.3", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "an anonymous member of the Blink development community", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-1731", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6254", "http://support.apple.com/en-us/HT6297", "http://support.apple.com/en-us/HT6298", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10.1" ], "credit": "Jordan Milne", "description": "A UI spoofing issue existed in the handling of scrollbar boundaries. This issue was addressed through improved bounds checking.", "id": "CVE-2014-1748", "impact": "Visiting a website that frames malicious content may lead to UI spoofing", "links": [ "http://support.apple.com/en-us/HT204421" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9 to v10.9.4" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP 5.4.24, the most serious of which may have led to arbitrary code execution. This update addresses the issues by updating PHP to version 5.4.30", "id": "CVE-2014-1943", "impact": "Multiple vulnerabilities in PHP 5.4.24", "links": [ "http://support.apple.com/en-us/HT6443" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "", "description": "A state management issue existed in the handling of the Find My iPhone state. This issue was addressed through improved handling of Find My iPhone state.", "id": "CVE-2014-2019", "impact": "A person with physical access to the device may be able to disable Find My iPhone without entering an iCloud password", "links": [ "http://support.apple.com/en-us/HT6162" ], "module": "Settings - Accounts", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9 to v10.9.4" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP 5.4.24, the most serious of which may have led to arbitrary code execution. This update addresses the issues by updating PHP to version 5.4.30", "id": "CVE-2014-2270", "impact": "Multiple vulnerabilities in PHP 5.4.24", "links": [ "http://support.apple.com/en-us/HT6443" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9 to v10.9.4" ], "credit": "", "description": "A heap buffer overflow existed in LibYAML's handling of percent-encoded characters in a URI. This issue was addressed through improved bounds checking. This update addresses the issues by updating LibYAML to version 0.1.6", "id": "CVE-2014-2525", "impact": "A remote attacker may be able to cause arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6443" ], "module": "ruby", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9 to v10.9.4" ], "credit": "", "description": "Multiple vulnerabilities existed in OpenSSL 0.9.8y. This update was addressed by updating OpenSSL to version 0.9.8za.", "id": "CVE-2014-3470", "impact": "Multiple vulnerabilities in OpenSSL 0.9.8y, including one that may lead to arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6443" ], "module": "OpenSSL", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9 to v10.9.4" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP 5.4.24, the most serious of which may have led to arbitrary code execution. This update addresses the issues by updating PHP to version 5.4.30", "id": "CVE-2014-3478", "impact": "Multiple vulnerabilities in PHP 5.4.24", "links": [ "http://support.apple.com/en-us/HT6443" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9 to v10.9.4" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP 5.4.24, the most serious of which may have led to arbitrary code execution. This update addresses the issues by updating PHP to version 5.4.30", "id": "CVE-2014-3479", "impact": "Multiple vulnerabilities in PHP 5.4.24", "links": [ "http://support.apple.com/en-us/HT6443" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9 to v10.9.4" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP 5.4.24, the most serious of which may have led to arbitrary code execution. This update addresses the issues by updating PHP to version 5.4.30", "id": "CVE-2014-3480", "impact": "Multiple vulnerabilities in PHP 5.4.24", "links": [ "http://support.apple.com/en-us/HT6443" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9 to v10.9.4" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP 5.4.24, the most serious of which may have led to arbitrary code execution. This update addresses the issues by updating PHP to version 5.4.30", "id": "CVE-2014-3487", "impact": "Multiple vulnerabilities in PHP 5.4.24", "links": [ "http://support.apple.com/en-us/HT6443" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9 to v10.9.4" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP 5.4.24, the most serious of which may have led to arbitrary code execution. This update addresses the issues by updating PHP to version 5.4.30", "id": "CVE-2014-3515", "impact": "Multiple vulnerabilities in PHP 5.4.24", "links": [ "http://support.apple.com/en-us/HT6443" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "", "description": "When the CUPS web interface served files, it would follow symlinks. A local user could create symlinks to arbitrary files and retrieve them through the web interface. This issue was addressed by disallowing symlinks to be served via the CUPS web interface.", "id": "CVE-2014-3537", "impact": "A local user can execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT6535" ], "module": "CUPS", "rsr": "", "update": "" }, { "available": [ "", "Apple TV 3rd generation and later", "OS X Mavericks v10.9.5 or later", "OS X Mountain Lion v10.8.5", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5", "OS X Yosemite v10.10 or later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Bodo Moeller, Thai Duong, and Krzysztof Kotowicz of Google Security Team", "description": "There are known attacks on the confidentiality of SSL 3.0 when a cipher suite uses a block cipher in CBC mode. An attacker could force the use of SSL 3.0, even when the server would support a better TLS version, by blocking TLS 1.0 and higher connection attempts. This issue was addressed by disabling CBC cipher suites when TLS connection attempts fail.", "id": "CVE-2014-3566", "impact": "An attacker may be able to decrypt data protected by SSL", "links": [ "https://support.apple.com/en-us/HT6527", "https://support.apple.com/en-us/HT6529", "https://support.apple.com/en-us/HT6531", "https://support.apple.com/en-us/HT6535", "https://support.apple.com/en-us/HT6536", "https://support.apple.com/en-us/HT6541", "https://support.apple.com/en-us/HT6542" ], "module": "Secure Transport", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9 to v10.9.4" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP 5.4.24, the most serious of which may have led to arbitrary code execution. This update addresses the issues by updating PHP to version 5.4.30", "id": "CVE-2014-3981", "impact": "Multiple vulnerabilities in PHP 5.4.24", "links": [ "http://support.apple.com/en-us/HT6443" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9 to v10.9.4" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP 5.4.24, the most serious of which may have led to arbitrary code execution. This update addresses the issues by updating PHP to version 5.4.30", "id": "CVE-2014-4049", "impact": "Multiple vulnerabilities in PHP 5.4.24", "links": [ "http://support.apple.com/en-us/HT6443" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9 to v10.9.4", "Windows 7, Vista, XP SP2 or later" ], "credit": "s3tm3m working with HP's Zero Day Initiative", "description": "A buffer overflow existed in the handling of MIDI files. This issue was addressed through improved bounds checking.", "id": "CVE-2014-4350", "impact": "Playing a maliciously crafted MIDI file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6443", "https://support.apple.com/en-us/HT6493" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "", "Windows 7, Vista, XP SP2 or later" ], "credit": "Karl Smith of NCC Group", "description": "A buffer overflow existed in the handling of audio samples. This issue was addressed through improved bounds checking.", "id": "CVE-2014-4351", "impact": "Playing a maliciously crafted m4a file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT6493", "https://support.apple.com/en-us/HT6535" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Jonathan Zdziarski", "description": "The address book was encrypted with a key protected only by the hardware UID. This issue was addressed by encrypting the address book with a key protected by the hardware UID and the user's passcode.", "id": "CVE-2014-4352", "impact": "A person with physical access to an iOS device may read the address book", "links": [ "http://support.apple.com/en-us/HT6441" ], "module": "Address Book", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Silviu Schiau", "description": "A race condition existed in how attachments were deleted. This issue was addressed by conducting additional checks on whether an attachment has been deleted.", "id": "CVE-2014-4353", "impact": "Attachments may persist after the parent iMessage or MMS is deleted", "links": [ "http://support.apple.com/en-us/HT6441" ], "module": "iMessage", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Maneet Singh, Sean Bluestein", "description": "Bluetooth was enabled automatically after upgrading iOS. This was addressed by only turning on Bluetooth for major or minor version updates.", "id": "CVE-2014-4354", "impact": "Bluetooth is unexpectedly enabled by default after upgrading iOS", "links": [ "http://support.apple.com/en-us/HT6441" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Mattia Schirinzi from San Pietro Vernotico (BR), Italy", "description": "An issue existed in the previewing of text message notifications at the lock screen. As a result, the contents of received messages would be shown at the lock screen even when previews were disabled in Settings. The issue was addressed through improved observance of this setting.", "id": "CVE-2014-4356", "impact": "Text message previews may appear at the lock screen even when this feature is disabled", "links": [ "http://support.apple.com/en-us/HT6441" ], "module": "Settings", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Heli Myllykoski of OP-Pohjola Group", "description": "Sensitive user information was logged. This issue was addressed by logging less information.", "id": "CVE-2014-4357", "impact": "An attacker with access to an iOS device may access sensitive user information from logs", "links": [ "http://support.apple.com/en-us/HT6441", "http://support.apple.com/en-us/HT6442" ], "module": "Accounts Framework", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Andreas Kurtz of NESO Security Labs and Markus Tro\u00dfbach of Heilbronn University", "description": "The private API for determining the frontmost app did not have sufficient access control. This issue was addressed through additional access control.", "id": "CVE-2014-4361", "impact": "A background app can determine which app is frontmost", "links": [ "http://support.apple.com/en-us/HT6441" ], "module": "Home & Lock Screen", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Andreas Kurtz of NESO Security Labs and Markus Tro\u00dfbach of Heilbronn University", "description": "An information disclosure issue existed in the third-party app sandbox. This issue was addressed by improving the third-party sandbox profile.", "id": "CVE-2014-4362", "impact": "Apple ID information is accessible by third-party apps", "links": [ "http://support.apple.com/en-us/HT6441" ], "module": "Sandbox Profiles", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "David Silver, Suman Jana, and Dan Boneh of Stanford University working with Eric Chen and Collin Jackson of Carnegie Mellon University", "description": "Saved passwords were autofilled on http sites, on https sites with broken trust, and in iframes. This issue was addressed by restricting password autofill to the main frame of https sites with valid certificate chains.", "id": "CVE-2014-4363", "impact": "An attacker with a privileged network position may intercept user credentials", "links": [ "http://support.apple.com/en-us/HT6440", "http://support.apple.com/en-us/HT6441" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "", "Apple TV 3rd generation and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Pieter Robyns, Bram Bonne, Peter Quax, and Wim Lamotte of Universiteit Hasselt", "description": "An attacker could have impersonated a WiFi access point, offered to authenticate with LEAP, broken the MS-CHAPv1 hash, and used the derived credentials to authenticate to the intended access point even if that access point supported stronger authentication methods. This issue was addressed by disabling LEAP by default.", "id": "CVE-2014-4364", "impact": "An attacker can obtain WiFi credentials", "links": [ "http://support.apple.com/en-us/HT6441", "http://support.apple.com/en-us/HT6442", "https://support.apple.com/en-us/HT6535" ], "module": "802.1X", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Mark Crispin", "description": "Mail sent the LOGIN command to servers even if they had advertised the LOGINDISABLED IMAP capability. This issue is mostly a concern when connecting to servers that are configured to accept non-encrypted connections and that advertise LOGINDISABLED. This issue was addressed by respecting the LOGINDISABLED IMAP capability.", "id": "CVE-2014-4366", "impact": "Login credentials can be sent in plaintext even if the server has advertised the LOGINDISABLED IMAP capability", "links": [ "http://support.apple.com/en-us/HT6441" ], "module": "Mail", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Sven Heinemann", "description": "Voice Dial was enabled automatically after upgrading iOS. This issue was addressed through improved state management.", "id": "CVE-2014-4367", "impact": "Voice Dial is unexpectedly enabled after upgrading iOS", "links": [ "http://support.apple.com/en-us/HT6441" ], "module": "Profiles", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Hendrik Bettermann", "description": "A logic issue existed in AssistiveTouch's handling of events, which resulted in the screen not locking. This issue was addressed through improved handling of the lock timer.", "id": "CVE-2014-4368", "impact": "The device may not lock the screen when using AssistiveTouch", "links": [ "http://support.apple.com/en-us/HT6441" ], "module": "Accessibility", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Sarah aka winocm and Cererdlong of Alibaba Mobile Security Team", "description": "A null pointer dereference existed in the handling of IOAcceleratorFamily API arguments. This issue was addressed through improved validation of IOAcceleratorFamily API arguments.", "id": "CVE-2014-4369", "impact": "An application may cause an unexpected system termination", "links": [ "http://support.apple.com/en-us/HT6441", "http://support.apple.com/en-us/HT6442" ], "module": "IOAcceleratorFamily", "rsr": "", "update": "February 3, 2020" }, { "available": [ "", "Apple TV 3rd generation and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Fermin J. Serna of the Google Security Team", "description": "Multiple uninitialized memory issues existed in the network statistics interface, which led to the disclosure of kernel memory content. This issue was addressed through additional memory initialization.", "id": "CVE-2014-4371", "impact": "A local user may be able to determine kernel memory layout", "links": [ "http://support.apple.com/en-us/HT6441", "http://support.apple.com/en-us/HT6442", "https://support.apple.com/en-us/HT6535" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Tielei Wang and YeongJin Jang of Georgia Tech Information Security Center (GTISC)", "description": "syslogd followed symbolic links while changing permissions on files. This issue was addressed through improved handling of symbolic links.", "id": "CVE-2014-4372", "impact": "A local user may be able to change permissions on arbitrary files", "links": [ "http://support.apple.com/en-us/HT6441", "http://support.apple.com/en-us/HT6442" ], "module": "syslog", "rsr": "", "update": "" }, { "available": [ "", "Apple TV 3rd generation and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "cunzhang from Adlab of Venustech", "description": "A NULL pointer dereference was present in the IntelAccelerator driver. The issue was addressed through improved error handling.", "id": "CVE-2014-4373", "impact": "An application may cause a denial of service", "links": [ "http://support.apple.com/en-us/HT6441", "http://support.apple.com/en-us/HT6442", "https://support.apple.com/en-us/HT6535" ], "module": "IOAcceleratorFamily", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9 to v10.9.4", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "George Gal of VSR (http://www.vsecurity.com/)", "description": "An XML External Entity issue existed in NSXMLParser's handling of XML. This issue was addressed by not loading external entities across origins.", "id": "CVE-2014-4374", "impact": "An application using NSXMLParser may be misused to disclose information", "links": [ "http://support.apple.com/en-us/HT6441", "http://support.apple.com/en-us/HT6443" ], "module": "Foundation", "rsr": "", "update": "" }, { "available": [ "", "Apple TV 3rd generation and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "an anonymous researcher", "description": "A double free issue existed in the handling of Mach ports. This issue was addressed through improved validation of Mach ports.", "id": "CVE-2014-4375", "impact": "A local user may be able to cause an unexpected system termination or arbitrary code execution in the kernel", "links": [ "http://support.apple.com/en-us/HT6441", "http://support.apple.com/en-us/HT6442", "https://support.apple.com/en-us/HT6535" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9 to v10.9.4" ], "credit": "Ian Beer of Google Project Zero", "description": "A null pointer dereference existed in the handling of IOKit API arguments. This issue was addressed through improved validation of IOKit API arguments.", "id": "CVE-2014-4376", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "http://support.apple.com/en-us/HT6443" ], "module": "IOAcceleratorFamily", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9 to v10.9.4", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Felipe Andres Manzano of Binamuse VRT working with the iSIGHT Partners GVP Program", "description": "An integer overflow existed in the handling of PDF files. This issue was addressed through improved bounds checking.", "id": "CVE-2014-4377", "impact": "Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6441", "http://support.apple.com/en-us/HT6442", "http://support.apple.com/en-us/HT6443" ], "module": "CoreGraphics", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Mavericks v10.9 to v10.9.4", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Felipe Andres Manzano of Binamuse VRT working with the iSIGHT Partners GVP Program", "description": "An out of bounds memory read existed in the handling of PDF files. This issue was addressed through improved bounds checking.", "id": "CVE-2014-4378", "impact": "Opening a maliciously crafted PDF file may lead to an unexpected application termination or an information disclosure", "links": [ "http://support.apple.com/en-us/HT6441", "http://support.apple.com/en-us/HT6442", "http://support.apple.com/en-us/HT6443" ], "module": "CoreGraphics", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9 to v10.9.4", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Ian Beer of Google Project Zero", "description": "An out-of-bounds read issue existed in the handling of an IOHIDFamily function. This issue was addressed through improved bounds checking.", "id": "CVE-2014-4379", "impact": "A local user can read kernel pointers, which can be used to bypass kernel address space layout randomization", "links": [ "http://support.apple.com/en-us/HT6441", "http://support.apple.com/en-us/HT6442", "http://support.apple.com/en-us/HT6443" ], "module": "IOHIDFamily", "rsr": "", "update": "" }, { "available": [ "", "Apple TV 3rd generation and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "cunzhang from Adlab of Venustech", "description": "An out-of-bounds write issue exited in the IOHIDFamily driver. The issue was addressed through improved input validation.", "id": "CVE-2014-4380", "impact": "A user may be able to execute arbitrary code with system privileges", "links": [ "http://support.apple.com/en-us/HT6441", "http://support.apple.com/en-us/HT6442", "https://support.apple.com/en-us/HT6535" ], "module": "IOHIDFamily", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9 to v10.9.4", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Ian Beer of Google Project Zero", "description": "An out-of-bounds write issue existed in Libnotify. This issue was addressed through improved bounds checking", "id": "CVE-2014-4381", "impact": "A malicious application may be able to execute arbitrary code with root privileges", "links": [ "http://support.apple.com/en-us/HT6441", "http://support.apple.com/en-us/HT6442", "http://support.apple.com/en-us/HT6443" ], "module": "Libnotify", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Raul Siles of DinoSec", "description": "A validation issue existed in the handling of update check responses. Spoofed dates from Last-Modified response headers set to future dates were used for If-Modified-Since checks in subsequent update requests. This issue was addressed by validation of the Last-Modified header.", "id": "CVE-2014-4383", "impact": "An attacker with a privileged network position may be able to cause an iOS device to think that it is up to date even when it is not", "links": [ "http://support.apple.com/en-us/HT6441", "http://support.apple.com/en-us/HT6442" ], "module": "Assets", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "evad3rs", "description": "A path traversal issue existed in App Installation. A local attacker could have retargeted code signature validation to a bundle different from the one being installed and cause installation of an unverified app. This issue was addressed by detecting and preventing path traversal when determining which code signature to verify.", "id": "CVE-2014-4384", "impact": "A local attacker may be able to escalate privileges and install unverified applications", "links": [ "http://support.apple.com/en-us/HT6441" ], "module": "App Installation", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "evad3rs", "description": "A race condition existed in App Installation. An attacker with the capability of writing to /tmp may have been able to install an unverified app. This issue was addressed by staging files for installation in another directory.", "id": "CVE-2014-4386", "impact": "A local attacker may be able to escalate privileges and install unverified applications", "links": [ "http://support.apple.com/en-us/HT6441" ], "module": "App Installation", "rsr": "", "update": "" }, { "available": [ "", "Apple TV 3rd generation and later", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9 to v10.9.4", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "@PanguTeam", "description": "A validation issue existed in the handling of certain metadata fields of IODataQueue objects. This issue was addressed through improved validation of metadata.", "id": "CVE-2014-4388", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "http://support.apple.com/en-us/HT6441", "http://support.apple.com/en-us/HT6442", "http://support.apple.com/en-us/HT6443", "https://support.apple.com/en-us/HT6535" ], "module": "IOKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9 to v10.9.4", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Ian Beer of Google Project Zero", "description": "An integer overflow existed in the handling of IOKit functions. This issue was addressed through improved bounds checking.", "id": "CVE-2014-4389", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "http://support.apple.com/en-us/HT6441", "http://support.apple.com/en-us/HT6442", "http://support.apple.com/en-us/HT6443" ], "module": "IOKit", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9 to v10.9.4" ], "credit": "Ian Beer of Google Project Zero", "description": "A validation issue existed in the handling of a Bluetooth API call. This issue was addressed through improved bounds checking.", "id": "CVE-2014-4390", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "http://support.apple.com/en-us/HT6443" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "Christopher Hickstein working with HP's Zero Day Initiative", "description": "Apps signed on OS X prior to OS X Mavericks 10.9 or apps using custom resource rules, may have been susceptible to tampering that would not have invalidated the signature. On systems set to allow only apps from the Mac App Store and identified developers, a downloaded modified app could have been allowed to run as though it were legitimate. This issue was addressed by ignoring signatures of bundles with resource envelopes that omit resources that may influence execution. OS X Mavericks v10.9.5 and Security Update 2014-004 for OS X Mountain Lion v10.8.5 already contain these changes.", "id": "CVE-2014-4391", "impact": "Tampered applications may not be prevented from launching", "links": [ "https://support.apple.com/en-us/HT6535" ], "module": "Security - Code Signing", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9 to v10.9.4" ], "credit": "Apple", "description": "A user-space buffer overflow existed in the shader compiler. This issue was addressed through improved bounds checking.", "id": "CVE-2014-4393", "impact": "Compiling untrusted GLSL shaders may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6443" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9 to v10.9.4" ], "credit": "Ian Beer of Google Project Zero", "description": "Multiple validation issues existed in some integrated graphics driver routines. These issues were addressed through improved bounds checking.", "id": "CVE-2014-4394", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "http://support.apple.com/en-us/HT6443" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9 to v10.9.4" ], "credit": "Ian Beer of Google Project Zero", "description": "Multiple validation issues existed in some integrated graphics driver routines. These issues were addressed through improved bounds checking.", "id": "CVE-2014-4395", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "http://support.apple.com/en-us/HT6443" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9 to v10.9.4" ], "credit": "Ian Beer of Google Project Zero", "description": "Multiple validation issues existed in some integrated graphics driver routines. These issues were addressed through improved bounds checking.", "id": "CVE-2014-4396", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "http://support.apple.com/en-us/HT6443" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9 to v10.9.4" ], "credit": "Ian Beer of Google Project Zero", "description": "Multiple validation issues existed in some integrated graphics driver routines. These issues were addressed through improved bounds checking.", "id": "CVE-2014-4397", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "http://support.apple.com/en-us/HT6443" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9 to v10.9.4" ], "credit": "Ian Beer of Google Project Zero", "description": "Multiple validation issues existed in some integrated graphics driver routines. These issues were addressed through improved bounds checking.", "id": "CVE-2014-4398", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "http://support.apple.com/en-us/HT6443" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9 to v10.9.4" ], "credit": "Ian Beer of Google Project Zero", "description": "Multiple validation issues existed in some integrated graphics driver routines. These issues were addressed through improved bounds checking.", "id": "CVE-2014-4399", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "http://support.apple.com/en-us/HT6443" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9 to v10.9.4" ], "credit": "Ian Beer of Google Project Zero", "description": "Multiple validation issues existed in some integrated graphics driver routines. These issues were addressed through improved bounds checking.", "id": "CVE-2014-4400", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "http://support.apple.com/en-us/HT6443" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9 to v10.9.4" ], "credit": "Ian Beer of Google Project Zero", "description": "Multiple validation issues existed in some integrated graphics driver routines. These issues were addressed through improved bounds checking.", "id": "CVE-2014-4401", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "http://support.apple.com/en-us/HT6443" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9 to v10.9.4" ], "credit": "Ian Beer of Google Project Zero", "description": "An out-of-bounds read issue existed in the handling of an IOAcceleratorFamily function. This issue was addressed through improved bounds checking.", "id": "CVE-2014-4402", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "http://support.apple.com/en-us/HT6443" ], "module": "IOAcceleratorFamily", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9 to v10.9.4" ], "credit": "Ian Beer of Google Project Zero", "description": "In some cases, the CPU Global Descriptor Table was allocated at a predictable address. This issue was addressed through always allocating the Global Descriptor Table at random addresses.", "id": "CVE-2014-4403", "impact": "A local user can infer kernel addresses and bypass kernel address space layout randomization", "links": [ "http://support.apple.com/en-us/HT6443" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "", "Apple TV 3rd generation and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Ian Beer of Google Project Zero", "description": "A heap buffer overflow existed in IOHIDFamily's handling of key-mapping properties. This issue was addressed through improved bounds checking.", "id": "CVE-2014-4404", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "http://support.apple.com/en-us/HT6441", "http://support.apple.com/en-us/HT6442", "https://support.apple.com/en-us/HT6535" ], "module": "IOHIDFamily", "rsr": "", "update": "" }, { "available": [ "", "Apple TV 3rd generation and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Ian Beer of Google Project Zero", "description": "A null pointer dereference existed in IOHIDFamily's handling of key-mapping properties. This issue was addressed through improved validation of IOHIDFamily key-mapping properties.", "id": "CVE-2014-4405", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "http://support.apple.com/en-us/HT6441", "http://support.apple.com/en-us/HT6442", "https://support.apple.com/en-us/HT6535" ], "module": "IOHIDFamily", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5 or later", "OS X Yosemite v10.10 or later" ], "credit": "David Hoyt of Hoyt LLC", "description": "A cross-site scripting issue existed in Xcode Server. This issue was addressed through improved encoding of HTML output.", "id": "CVE-2014-4406", "impact": "Visiting a maliciously crafted website may lead to a cross-site scripting attack", "links": [ "http://support.apple.com/en-us/HT6448", "https://support.apple.com/en-us/HT6536" ], "module": "CoreCollaboration", "rsr": "", "update": "" }, { "available": [ "", "Apple TV 3rd generation and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "@PanguTeam", "description": "An uninitialized memory access issue existed in the handling of IOKit functions. This issue was addressed through improved memory initialization.", "id": "CVE-2014-4407", "impact": "A malicious application may be able to read uninitialized data from kernel memory", "links": [ "http://support.apple.com/en-us/HT6441", "http://support.apple.com/en-us/HT6442", "https://support.apple.com/en-us/HT6535" ], "module": "IOKit", "rsr": "", "update": "" }, { "available": [ "", "Apple TV 3rd generation and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "", "description": "An out-of-bounds read issue existed in rt_setgate. This may lead to memory disclosure or memory corruption. This issue was addressed through improved bounds checking.", "id": "CVE-2014-4408", "impact": "A local user may be able to cause an unexpected system termination or arbitrary code execution in the kernel", "links": [ "http://support.apple.com/en-us/HT6441", "http://support.apple.com/en-us/HT6442", "https://support.apple.com/en-us/HT6535" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Yosuke Hasegawa (NetAgent Co., Led.)", "description": "A web application could store HTML 5 application cache data during normal browsing and then read the data during private browsing. This was addressed by disabling access to the application cache when in private browsing mode.", "id": "CVE-2014-4409", "impact": "A malicious website may be able to track users even when private browsing is enabled", "links": [ "http://support.apple.com/en-us/HT6440", "http://support.apple.com/en-us/HT6441" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Eric Seidel of Google", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-4410", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6440", "http://support.apple.com/en-us/HT6441", "http://support.apple.com/en-us/HT6442", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Google Chrome Security Team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-4411", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6440", "http://support.apple.com/en-us/HT6441", "http://support.apple.com/en-us/HT6442", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-4412", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6440", "http://support.apple.com/en-us/HT6441", "http://support.apple.com/en-us/HT6442", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-4413", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6440", "http://support.apple.com/en-us/HT6441", "http://support.apple.com/en-us/HT6442", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-4414", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6440", "http://support.apple.com/en-us/HT6441", "http://support.apple.com/en-us/HT6442", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5", "Windows 8, Windows 7, Vista, XP SP2 or later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-4415", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6440", "http://support.apple.com/en-us/HT6441", "http://support.apple.com/en-us/HT6442", "https://support.apple.com/en-us/HT6537" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9 to v10.9.4" ], "credit": "Ian Beer of Google Project Zero", "description": "Multiple validation issues existed in some integrated graphics driver routines. These issues were addressed through improved bounds checking.", "id": "CVE-2014-4416", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "http://support.apple.com/en-us/HT6443" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "Marek Isalski of Faelix Limited", "description": "An uncaught exception issue existed in SafariNotificationAgent's handling of Safari Push Notifications. This issue was addressed through improved handling of Safari Push Notifications.", "id": "CVE-2014-4417", "impact": "Opting in to push notifications from a maliciously crafted website may cause future Safari Push Notifications to be missed", "links": [ "https://support.apple.com/en-us/HT6535" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "", "Apple TV 3rd generation and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Ian Beer of Google Project Zero", "description": "A validation issue existed in the handling of certain metadata fields of IODataQueue objects. This issue was addressed through improved validation of metadata.", "id": "CVE-2014-4418", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "http://support.apple.com/en-us/HT6441", "http://support.apple.com/en-us/HT6442", "https://support.apple.com/en-us/HT6535" ], "module": "IOKit", "rsr": "", "update": "" }, { "available": [ "", "Apple TV 3rd generation and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Fermin J. Serna of the Google Security Team", "description": "Multiple uninitialized memory issues existed in the network statistics interface, which led to the disclosure of kernel memory content. This issue was addressed through additional memory initialization.", "id": "CVE-2014-4419", "impact": "A local user may be able to determine kernel memory layout", "links": [ "http://support.apple.com/en-us/HT6441", "http://support.apple.com/en-us/HT6442", "https://support.apple.com/en-us/HT6535" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "", "Apple TV 3rd generation and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Fermin J. Serna of the Google Security Team", "description": "Multiple uninitialized memory issues existed in the network statistics interface, which led to the disclosure of kernel memory content. This issue was addressed through additional memory initialization.", "id": "CVE-2014-4420", "impact": "A local user may be able to determine kernel memory layout", "links": [ "http://support.apple.com/en-us/HT6441", "http://support.apple.com/en-us/HT6442", "https://support.apple.com/en-us/HT6535" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "", "Apple TV 3rd generation and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Fermin J. Serna of the Google Security Team", "description": "Multiple uninitialized memory issues existed in the network statistics interface, which led to the disclosure of kernel memory content. This issue was addressed through additional memory initialization.", "id": "CVE-2014-4421", "impact": "A local user may be able to determine kernel memory layout", "links": [ "http://support.apple.com/en-us/HT6441", "http://support.apple.com/en-us/HT6442", "https://support.apple.com/en-us/HT6535" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "", "Apple TV 3rd generation and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Tarjei Mandt of Azimuth Security", "description": "The random number generator used for kernel hardening measures early in the boot process was not cryptographically secure. Some of its output was inferable from user space, allowing bypass of the hardening measures. This issue was addressed by using a cryptographically secure algorithm.", "id": "CVE-2014-4422", "impact": "Some kernel hardening measures may be bypassed", "links": [ "http://support.apple.com/en-us/HT6441", "http://support.apple.com/en-us/HT6442", "https://support.apple.com/en-us/HT6535" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Adam Weaver", "description": "An issue existed in the access control logic for accounts. A sandboxed application could get information about the currently-active iCloud account, including the name of the account. This issue was addressed by restricting access to certain account types from unauthorized applications.", "id": "CVE-2014-4423", "impact": "A malicious application may be able to identify the Apple ID of the user", "links": [ "http://support.apple.com/en-us/HT6441" ], "module": "Accounts", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5 or later", "OS X Mountain Lion v10.8.5", "OS X Yosemite v10.10 or later" ], "credit": "Sajjad Pourali (sajjad@securation.com) of CERT of Ferdowsi University of Mashhad", "description": "A SQL injection issue existed in Wiki Server. This issue was addressed through additional validation of SQL queries.", "id": "CVE-2014-4424", "impact": "A remote attacker may be able to execute arbitrary SQL queries", "links": [ "http://support.apple.com/en-us/HT6448", "http://support.apple.com/en-us/HT6449", "https://support.apple.com/en-us/HT6536" ], "module": "CoreCollaboration", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "", "description": "A session management issue existed in the handling of system preference settings. This issue was addressed through improved session tracking.", "id": "CVE-2014-4425", "impact": "The 'require password after sleep or screen saver begins' preference may not be respected until after a reboot", "links": [ "https://support.apple.com/en-us/HT6535" ], "module": "CFPreferences", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "Craig Young of Tripwire VERT", "description": "The AFP file server supported a command which returned all the network addresses of the system. This issue was addressed by removing the addresses from the result.", "id": "CVE-2014-4426", "impact": "A remote attacker could determine all the network addresses of the system", "links": [ "https://support.apple.com/en-us/HT6535" ], "module": "AFP File Server", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "Paul S. Ziegler of Reflare UG", "description": "A sandboxed application could misuse the accessibility API without the user's knowledge. This has been addressed by requiring administrator approval to use the accessibility API on an per-application basis.", "id": "CVE-2014-4427", "impact": "An application confined by sandbox restrictions may misuse the accessibility API", "links": [ "https://support.apple.com/en-us/HT6535" ], "module": "App Sandbox", "rsr": "", "update": "" }, { "available": [ "", "Apple TV 3rd generation and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Mike Ryan of iSEC Partners", "description": "Unencrypted connections were permitted from Human Interface Device-class Bluetooth Low Energy accessories. If an iOS device had paired with such an accessory, an attacker could spoof the legitimate accessory to establish a connection. The issue was addressed by denying unencrypted HID connections.", "id": "CVE-2014-4428", "impact": "A malicious Bluetooth input device may bypass pairing", "links": [ "https://support.apple.com/en-us/HT6535", "https://support.apple.com/en-us/HT6541", "https://support.apple.com/en-us/HT6542" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "Benjamin King at See Ben Click Computer Services LLC, Karsten Iwen, Dustin Li (http://dustin.li/), Ken J. Takekoshi, and other anonymous researchers", "description": "When an encrypted volume was logically ejected while mounted, the volume was unmounted but the keys were retained, so it could have been mounted again without the password. This issue was addressed by erasing the keys on eject.", "id": "CVE-2014-4430", "impact": "An encrypted volume may stay unlocked when ejected", "links": [ "https://support.apple.com/en-us/HT6535" ], "module": "CoreStorage", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "Emil Sj\u00f6lander of Ume\u00e5 University", "description": "A state management issue existed in the handling of the screen lock. This issue was addressed through improved state tracking.", "id": "CVE-2014-4431", "impact": "In some circumstances, windows may be visible even when the screen is locked", "links": [ "https://support.apple.com/en-us/HT6535" ], "module": "Dock", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "", "description": "After updating settings, but before rebooting, the fdesetup command provided misleading status. This issue was addressed through improved status reporting.", "id": "CVE-2014-4432", "impact": "The fdesetup command may provide misleading status for the state of encryption on disk", "links": [ "https://support.apple.com/en-us/HT6535" ], "module": "fdesetup", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "Maksymilian Arciemowicz", "description": "A heap-based buffer overflow issue existed in the handling of HFS resource forks. A maliciously crafted filesystem may cause an unexpected system shutdown or arbitrary code execution with kernel privileges. The issue was addressed through improved bounds checking.", "id": "CVE-2014-4433", "impact": "A maliciously crafted file system may cause unexpected system shutdown or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT6535" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "Maksymilian Arciemowicz", "description": "A NULL dereference issue existed in the handling of HFS filenames. A maliciously crafted filesystem may cause an unexpected system shutdown. This issue was addressed by avoiding the NULL dereference.", "id": "CVE-2014-4434", "impact": "A malicious file system may cause unexpected system shutdown", "links": [ "https://support.apple.com/en-us/HT6535" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "knoy", "description": "A state persistence issue in rate limiting allowed brute force attacks on iCloud Lost mode PIN. This issue was addressed through improved state persistence across reboots.", "id": "CVE-2014-4435", "impact": "iCloud Lost mode PIN may be bruteforced", "links": [ "https://support.apple.com/en-us/HT6535" ], "module": "iCloud Find My Mac", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "cunzhang from Adlab of Venustech", "description": "A out-of-bounds memory read was present in the IOHIDFamily driver. The issue was addressed through improved input validation.", "id": "CVE-2014-4436", "impact": "An application may cause a denial of service", "links": [ "https://support.apple.com/en-us/HT6535" ], "module": "IOHIDFamily", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "Meder Kydyraliev of the Google Security Team", "description": "The LaunchServices interface for setting content type handlers allowed sandboxed applications to specify handlers for existing content types. A compromised application could use this to bypass sandbox restrictions. The issue was addressed by restricting sandboxed applications from specifying content type handlers.", "id": "CVE-2014-4437", "impact": "A local application may bypass sandbox restrictions", "links": [ "https://support.apple.com/en-us/HT6535" ], "module": "LaunchServices", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "Harry Sintonen of nSense, Alessandro Lobina of Helvetia Insurances, Patryk Szlagowski of Funky Monkey Labs", "description": "A race condition existed in LoginWindow, which would sometimes prevent the screen from locking. The issue was addressed by changing the order of operations.", "id": "CVE-2014-4438", "impact": "Sometimes the screen might not lock", "links": [ "https://support.apple.com/en-us/HT6535" ], "module": "LoginWindow", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "Patrick J Power of Melbourne, Australia", "description": "A user interface inconsistency in Mail application resulted in email being sent to addresses that were removed from the list of recipients. The issue was addressed through improved user interface consistency checks.", "id": "CVE-2014-4439", "impact": "Mail may send email to unintended recipients", "links": [ "https://support.apple.com/en-us/HT6535" ], "module": "Mail", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "Kevin Koster of Cloudpath Networks", "description": "Web proxy settings installed by a mobile configuration profile were not removed when the profile was uninstalled. This issue was addressed through improved handling of profile uninstallation.", "id": "CVE-2014-4440", "impact": "When mobile configuration profiles were uninstalled, their settings were not removed", "links": [ "https://support.apple.com/en-us/HT6535" ], "module": "MCX Desktop Config Profiles", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "Eduardo Bonsi of BEARTCOMMUNICATIONS", "description": "A state management issue existed in the File Sharing framework. This issue was addressed through improved state management.", "id": "CVE-2014-4441", "impact": "File Sharing may enter a state in which it cannot be disabled", "links": [ "https://support.apple.com/en-us/HT6535" ], "module": "NetFS Client Framework", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "Darius Davis of VMware", "description": "A reachable panic existed in the handling of messages sent to system control sockets. This issue was addressed through additional validation of messages.", "id": "CVE-2014-4442", "impact": "A local user can cause an unexpected system termination", "links": [ "https://support.apple.com/en-us/HT6535" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "Coverity", "description": "A null dereference existed in the handling of ASN.1 data. This issue was addressed through additional validation of ASN.1 data.", "id": "CVE-2014-4443", "impact": "A remote attacker may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT6535" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "Gary Simon of Sandia National Laboratories, Ragnar Sundblad of KTH Royal Institute of Technology, Eugene Homyakov of Kaspersky Lab", "description": "A state management issue existed in SecurityAgent. While Fast User Switching, sometimes a Kerberos ticket for the switched-to user would be placed in the cache for the previous user. This issue was addressed through improved state management.", "id": "CVE-2014-4444", "impact": "A local user might have access to another user's Kerberos tickets", "links": [ "https://support.apple.com/en-us/HT6535" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 or later" ], "credit": "Craig Courtney", "description": "SACL settings for Mail were cached and changes to the SACLs were not respected until after a restart of the Mail service. This issue was addressed by resetting the cache upon changes to the SACLs.", "id": "CVE-2014-4446", "impact": "Group SACL changes for Mail may not be respected until after a restart of the Mail service", "links": [ "https://support.apple.com/en-us/HT6536" ], "module": "Mail Service", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 or later" ], "credit": "Mayo Jordanov", "description": "In certain circumstances, setting up or editing profiles in Profile Manager may have logged passwords to a file. This issue was addressed through improved handling of credentials.", "id": "CVE-2014-4447", "impact": "A local user may obtain passwords after setting up or editing profiles in Profile Manager", "links": [ "https://support.apple.com/en-us/HT6536" ], "module": "Profile Manager", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Jonathan Zdziarski and Kevin DeLong", "description": "Files could be transferred to an app's Documents directory and encrypted with a key protected only by the hardware UID. This issue was addressed by encrypting the transferred files with a key protected by the hardware UID and the user's passcode.", "id": "CVE-2014-4448", "impact": "Files transferred to the device may be written with insufficient cryptographic protection", "links": [ "https://support.apple.com/en-us/HT6541" ], "module": "House Arrest", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Carl Mehner of USAA", "description": "A TLS certificate validation vulnerability existed in iCloud data access clients. This issue was addressed by improved certificate validation.", "id": "CVE-2014-4449", "impact": "An attacker in a privileged network position may force iCloud data access clients to leak sensitive information", "links": [ "https://support.apple.com/en-us/HT6541" ], "module": "iCloud Data Access", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "", "description": "QuickType could learn users' credentials when switching between elements. This issue was addressed by QuickType not learning from fields where autocomplete is disabled and reapplying the criteria when switching between DOM input elements in legacy WebKit.", "id": "CVE-2014-4450", "impact": "QuickType could learn users' credentials", "links": [ "https://support.apple.com/en-us/HT6541" ], "module": "Keyboards", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Stuart Ryan of University of Technology, Sydney", "description": "In some circumstances, the failed passcode attempt limit was not enforced. This issue was addressed through additional enforcement of this limit.", "id": "CVE-2014-4451", "impact": "An attacker in possession of a device may exceed the maximum number of failed passcode attempts", "links": [ "https://support.apple.com/en-us/HT204418" ], "module": "Lock Screen", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10.1", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-4452", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT204421", "https://support.apple.com/en-us/HT204418", "https://support.apple.com/en-us/HT204420" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Ashkan Soltani", "description": "The initial connection made by Spotlight or Safari to the Spotlight Suggestions servers included a user's approximate location before a user entered a query. This issue was addressed by removing this information from the initial connection and only sending the user's approximate location as part of queries.", "id": "CVE-2014-4453", "impact": "Unnecessary information is included as part of the initial connection between Spotlight or Safari and the Spotlight Suggestions servers", "links": [ "https://support.apple.com/en-us/HT204418", "https://support.apple.com/en-us/HT204419" ], "module": "Spotlight", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "@PanguTeam", "description": "A state management issue existed in the handling of Mach-O executable files with overlapping segments. This issue was addressed through improved validation of segment sizes.", "id": "CVE-2014-4455", "impact": "A local user may be able to execute unsigned code", "links": [ "https://support.apple.com/en-us/HT204418", "https://support.apple.com/en-us/HT204420" ], "module": "dyld", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "@PanguTeam", "description": "A permissions issue existed with the debugging functionality for iOS that allowed the spawning of applications on trusted devices that were not being debugged. This was addressed by changes to debugserver's sandbox.", "id": "CVE-2014-4457", "impact": "A malicious application may be able to launch arbitrary binaries on a trusted device", "links": [ "https://support.apple.com/en-us/HT204418" ], "module": "Sandbox Profiles", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10" ], "credit": "Landon Fuller of Plausible Labs", "description": "The request made by About This Mac to determine the model of the system and direct users to the correct help resources included unnecessary cookies. This issue was addressed by removing cookies from the connection.", "id": "CVE-2014-4458", "impact": "Unnecessary information is included as part of a connection to Apple to determine the system model", "links": [ "https://support.apple.com/en-us/HT204419" ], "module": "System Profiler About This Mac", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10.1", "OS X Yosemite v10.10" ], "credit": "", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-4459", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT204421", "https://support.apple.com/en-us/HT204419" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "", "description": "A privacy issue existed where browsing data could remain in the cache after leaving private browsing. This issue was addressed through a change in caching behavior.", "id": "CVE-2014-4460", "impact": "Website cache may not be fully cleared after leaving private browsing", "links": [ "https://support.apple.com/en-us/HT204418", "https://support.apple.com/en-us/HT204419" ], "module": "CFNetwork", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "@PanguTeam", "description": "A validation issue existed in the handling of certain metadata fields of IOSharedDataQueue objects. This issue was addressed through relocation of the metadata.", "id": "CVE-2014-4461", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT204418", "https://support.apple.com/en-us/HT204420" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-4462", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204418", "https://support.apple.com/en-us/HT204420" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "", "description": "The Leave a Message option in FaceTime may have allowed viewing and sending photos from the device. This issue was addressed through improved state management.", "id": "CVE-2014-4463", "impact": "A person with physical access to the phone may be able to access photos in the Photo Library", "links": [ "https://support.apple.com/en-us/HT204418" ], "module": "Lock Screen", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10.1" ], "credit": "Rennie deGraaf of iSEC Partners", "description": "An SVG loaded in an img element could load a CSS file cross-origin. This issue was addressed through enhanced blocking of external CSS references in SVGs.", "id": "CVE-2014-4465", "impact": "Style sheets are loaded cross-origin which may allow for data exfiltration", "links": [ "http://support.apple.com/en-us/HT204421" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10.1" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-4466", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT204421" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10.1" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-4468", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT204421" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10.1" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-4469", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT204421" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10.1" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-4470", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT204421" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10.1" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-4471", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT204421" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10.1" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-4472", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT204421" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10.1" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-4473", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT204421" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10.1" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-4474", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT204421" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10.1" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-4475", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT204421" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9 to v10.9.4", "Windows 7, Vista, XP SP2 or later" ], "credit": "Andrea Micalizzi aka rgod working with HP's Zero Day Initiative", "description": "A memory corruption issue existed in the handling of the 'mvhd' atoms. This issue was addressed through improved bounds checking.", "id": "CVE-2014-4979", "impact": "Playing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6443", "https://support.apple.com/en-us/HT6493" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5" ], "credit": "Stephane Chazelas", "description": "An issue existed in Bash's parsing of environment variables. This issue was addressed through improved environment variable parsing by better detecting the end of the function statement.", "id": "CVE-2014-6271", "impact": "In certain configurations, a remote attacker may be able to execute arbitrary shell commands", "links": [ "http://support.apple.com/en-us/HT6495", "https://support.apple.com/en-us/HT6535" ], "module": "Bash", "rsr": "", "update": "" }, { "available": [ "", "OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5" ], "credit": "Tavis Ormandy", "description": "An issue existed in Bash's parsing of environment variables. This issue was addressed through improved environment variable parsing by better detecting the end of the function statement.", "id": "CVE-2014-7169", "impact": "In certain configurations, a remote attacker may be able to execute arbitrary shell commands", "links": [ "http://support.apple.com/en-us/HT6495", "https://support.apple.com/en-us/HT6535" ], "module": "Bash", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Angelo Prado of Salesforce Product Security", "description": "A user interface inconsistency existed in Safari on MDM-enabled devices. The issue was addressed through improved user interface consistency checks.", "id": "CVE-2014-8841", "impact": "An attacker in a privileged network position may spoof URLs on Safari", "links": [ "http://support.apple.com/en-us/HT6441" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "Windows 8, Windows 7, Vista, and XP SP3 or later" ], "credit": "Karl Smith of NCC Group", "description": "A memory corruption issue existed in iTunes MP4 parsing. This issue was addressed through additional bounds checking.", "id": "CVE-2014-8842", "impact": "Viewing a maliciously crafted audio or movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "http://support.apple.com/en-us/HT6245" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10.1" ], "credit": "Stephen Roettger of the Google Security Team", "description": "Several issues existed in ntpd that would have allowed an attacker to trigger buffer overflows. These issues were addressed through improved error checking.", "id": "CVE-2014-9295", "impact": "A remote attacker may be able to execute arbitrary code", "links": [ "https://support.apple.com/en-us/HT204425" ], "module": "ntpd", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.4 or later" ], "credit": "Matt Mackall of Mercurial and Augie Fackler of Mercurial", "description": "The checks involved in disallowed paths did not account for case insensitivity or unicode characters. This issue was addressed by adding additional checks.", "id": "CVE-2014-9390", "impact": "Synching with a malicious git repository may allow unexpected files to be added to the .git folder", "links": [ "http://support.apple.com/en-us/HT204147" ], "module": "Git", "rsr": "", "update": "" } ] ================================================ FILE: 2014/README.md ================================================ # Apple CVE 2014 * data source: https://support.apple.com/en-us/HT201222 * [2014.json](2014.json) ## Modules | Index | Module Name | CVE Count | |:-----:|:------------------ |:---------:| | 1 | iTunes | 104 | | 2 | WebKit | 19 | | 3 | Kernel | 16 | | 4 | QuickTime | 14 | | 5 | apache_mod_php | 14 | | 6 | Intel Graphics Driver | 13 | | 7 | CoreCollaboration | 9 | | 8 | Safari | 6 | | 9 | OpenSSL | 5 | | 10 | IOAcceleratorFamily | 5 | | 11 | IOHIDFamily | 5 | | 12 | libxml | 4 | | 13 | ImageIO | 4 | | 14 | PHP | 4 | | 15 | ATS | 4 | | 16 | Lock Screen | 4 | | 17 | launchd | 4 | | 18 | IOKit | 4 | | 19 | Secure Transport | 3 | | 20 | libxslt | 3 | | 21 | BIND | 3 | | 22 | Profile Manager | 3 | | 23 | Mail | 3 | | 24 | CoreGraphics | 3 | | 25 | Bluetooth | 3 | | 26 | Apache | 2 | | 27 | LaunchServices | 2 | | 28 | App Sandbox | 2 | | 29 | NVIDIA Drivers | 2 | | 30 | apache | 2 | | 31 | curl | 2 | | 32 | dyld | 2 | | 33 | Apple TV | 2 | | 34 | Profiles | 2 | | 35 | Settings | 2 | | 36 | Dock | 2 | | 37 | Sandbox Profiles | 2 | | 38 | App Installation | 2 | | 39 | Security | 2 | | 40 | Bash | 2 | | 41 | iTunes Store | 1 | | 42 | Backup | 1 | | 43 | IOSerialFamily | 1 | | 44 | FontParser | 1 | | 45 | Data Detectors | 1 | | 46 | subversion | 1 | | 47 | AirPort Base Station Firmware Update 7.7.3 | 1 | | 48 | Office Viewer | 1 | | 49 | Boot Camp | 1 | | 50 | CFNetwork Cookies | 1 | | 51 | CoreAnimation | 1 | | 52 | File Bookmark | 1 | | 53 | QuickLook | 1 | | 54 | CoreText | 1 | | 55 | Finder | 1 | | 56 | Date and Time | 1 | | 57 | Data Security | 1 | | 58 | Configuration Profiles | 1 | | 59 | CoreCapture | 1 | | 60 | Crash Reporting | 1 | | 61 | FaceTime | 1 | | 62 | IOKit HID Event | 1 | | 63 | Video Driver | 1 | | 64 | Photos Backend | 1 | | 65 | Springboard | 1 | | 66 | SpringBoard Lock Screen | 1 | | 67 | USB Host | 1 | | 68 | Security - Secure Transport | 1 | | 69 | WindowServer | 1 | | 70 | CoreServicesUIAgent | 1 | | 71 | Heimdal Kerberos | 1 | | 72 | iBooks Commerce | 1 | | 73 | IOKit Kernel | 1 | | 74 | Power Management | 1 | | 75 | Siri | 1 | | 76 | Lockdown | 1 | | 77 | copyfile | 1 | | 78 | Graphics Driver | 1 | | 79 | Intel Compute | 1 | | 80 | IOGraphicsFamily | 1 | | 81 | Graphics Drivers | 1 | | 82 | Security - Keychain | 1 | | 83 | Thunderbolt | 1 | | 84 | Settings - Accounts | 1 | | 85 | ruby | 1 | | 86 | CUPS | 1 | | 87 | Address Book | 1 | | 88 | iMessage | 1 | | 89 | Accounts Framework | 1 | | 90 | Home & Lock Screen | 1 | | 91 | 802.1X | 1 | | 92 | Accessibility | 1 | | 93 | syslog | 1 | | 94 | Foundation | 1 | | 95 | Libnotify | 1 | | 96 | Assets | 1 | | 97 | Security - Code Signing | 1 | | 98 | Accounts | 1 | | 99 | CFPreferences | 1 | | 100 | AFP File Server | 1 | | 101 | CoreStorage | 1 | | 102 | fdesetup | 1 | | 103 | iCloud Find My Mac | 1 | | 104 | LoginWindow | 1 | | 105 | MCX Desktop Config Profiles | 1 | | 106 | NetFS Client Framework | 1 | | 107 | Mail Service | 1 | | 108 | House Arrest | 1 | | 109 | iCloud Data Access | 1 | | 110 | Keyboards | 1 | | 111 | Spotlight | 1 | | 112 | System Profiler About This Mac | 1 | | 113 | CFNetwork | 1 | | 114 | ntpd | 1 | | 115 | Git | 1 | ================================================ FILE: 2015/2015.json ================================================ [ { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "", "description": "Multiple issues existed in pdfroff, the most serious of which may allow arbitrary filesystem modification. These issues were addressed by removing pdfroff.", "id": "CVE-2009-5044", "impact": "Multiple issues in pdfroff", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "groff", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "", "description": "Multiple issues existed in pdfroff, the most serious of which may allow arbitrary filesystem modification. These issues were addressed by removing pdfroff.", "id": "CVE-2009-5078", "impact": "Multiple issues in pdfroff", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "groff", "rsr": "", "update": "" }, { "available": [ "Windows 7 and later" ], "credit": "Stefan Kanthak", "description": "A security issue existed in Microsoft Foundation Class's handling of library loading. This issue was addressed by updating to the latest version of the Microsoft Visual C++ Redistributable Package.", "id": "CVE-2010-3190", "impact": "Opening a media file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205221" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5" ], "credit": "", "description": "A race condition issue existed in the handling of IPv6 packets. This issue was addressed through improved lock state checking.", "id": "CVE-2011-2391", "impact": "A person with a privileged network position may cause a denial of service", "links": [ "https://support.apple.com/en-us/HT204244" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "@practicalswift", "description": "A memory corruption issue existed in the processing of archives. This issue was addressed through improved memory handling.", "id": "CVE-2011-2895", "impact": "Visiting a maliciously crafted website may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205635", "https://support.apple.com/en-us/HT205637", "https://support.apple.com/en-us/HT205640", "https://support.apple.com/en-us/HT205641" ], "module": "libarchive", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and v10.11.1" ], "credit": "Vincent Danen", "description": "Multiple vulnerabilities existed in expat version prior to 2.1.0. These were addressed by updating expat to versions 2.1.0.", "id": "CVE-2012-0876", "impact": "Multiple vulnerabilities in expat", "links": [ "https://support.apple.com/en-us/HT205637" ], "module": "libexpat", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and v10.11.1" ], "credit": "Kurt Seifried", "description": "Multiple vulnerabilities existed in expat version prior to 2.1.0. These were addressed by updating expat to versions 2.1.0.", "id": "CVE-2012-1147", "impact": "Multiple vulnerabilities in expat", "links": [ "https://support.apple.com/en-us/HT205637" ], "module": "libexpat", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and v10.11.1" ], "credit": "Kurt Seifried", "description": "Multiple vulnerabilities existed in expat version prior to 2.1.0. These were addressed by updating expat to versions 2.1.0.", "id": "CVE-2012-1148", "impact": "Multiple vulnerabilities in expat", "links": [ "https://support.apple.com/en-us/HT205637" ], "module": "libexpat", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan 10.11" ], "credit": "", "description": "Multiple issues existed in netsnmp version 5.6. These issues were addressed by using patches affecting OS X from upstream.", "id": "CVE-2012-6151", "impact": "An attacker in a privileged network position may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT205375" ], "module": "Net-SNMP", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "", "description": "An integer overflow existed in the Security framework code for parsing S/MIME e-mail and some other signed or encrypted objects. This issue was addressed through improved validity checking.", "id": "CVE-2013-1741", "impact": "A remote attacker may cause an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204941", "https://support.apple.com/en-us/HT204942" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "", "description": "Multiple vulnerabilities existed in sudo versions prior to 1.7.10p9. These were addressed by updating sudo to version 1.7.10p9.", "id": "CVE-2013-1775", "impact": "Multiple vulnerabilities existed in sudo versions prior to 1.7.10p9, the most serious of which may allow an attacker access to arbitrary files", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "sudo", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "", "description": "Multiple vulnerabilities existed in sudo versions prior to 1.7.10p9. These were addressed by updating sudo to version 1.7.10p9.", "id": "CVE-2013-1776", "impact": "Multiple vulnerabilities existed in sudo versions prior to 1.7.10p9, the most serious of which may allow an attacker access to arbitrary files", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "sudo", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "", "description": "Multiple vulnerabilities existed in sudo versions prior to 1.7.10p9. These were addressed by updating sudo to version 1.7.10p9.", "id": "CVE-2013-2776", "impact": "Multiple vulnerabilities existed in sudo versions prior to 1.7.10p9, the most serious of which may allow an attacker access to arbitrary files", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "sudo", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "", "description": "Multiple vulnerabilities existed in sudo versions prior to 1.7.10p9. These were addressed by updating sudo to version 1.7.10p9.", "id": "CVE-2013-2777", "impact": "Multiple vulnerabilities existed in sudo versions prior to 1.7.10p9, the most serious of which may allow an attacker access to arbitrary files", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "sudo", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, and Apple Watch Edition", "Mac OS X v10.6.8 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Stefan Esser", "description": "Multiple weaknesses existed in the generation of user space stack cookies. These issues were addressed through improved generation of stack cookies.", "id": "CVE-2013-3951", "impact": "A local attacker may control the value of stack cookies", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205213", "https://support.apple.com/en-us/HT205267" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2", "OS X Yosemite v10.10.5 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Apache versions prior to 2.4.16. These issues were addressed by updating Apache to version 2.4.16.", "id": "CVE-2013-5704", "impact": "Multiple vulnerabilities in Apache, the most serious of which may allow a remote attacker to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT204659", "https://support.apple.com/en-us/HT205219" ], "module": "apache", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2" ], "credit": "", "description": "Multiple vulnerabilities existed in Apache versions prior to 2.4.10 and 2.2.29, including one that may allow a remote attacker to execute arbitrary code. These issues were addressed by updating Apache to versions 2.4.10 and 2.2.29", "id": "CVE-2013-6438", "impact": "Multiple vulnerabilities in Apache", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "apache", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.3.29, 5.4.38, and 5.5.20, including one which may have led to arbitrary code execution. This update addresses the issues by updating PHP to versions 5.3.29, 5.4.38, and 5.5.20.", "id": "CVE-2013-6712", "impact": "Multiple vulnerabilities in PHP", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "", "description": "Multiple vulnerabilities existed in Python versions prior to 2.7.6. These were addressed by updating Python to version 2.7.10.", "id": "CVE-2013-7040", "impact": "Multiple vulnerabilities existed in Python 2.7.6, the most serious of which may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "python", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "", "description": "Multiple vulnerabilities existed in Python versions prior to 2.7.6. These were addressed by updating Python to version 2.7.10.", "id": "CVE-2013-7338", "impact": "Multiple vulnerabilities existed in Python 2.7.6, the most serious of which may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "python", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "", "description": "An integer underflow issue existed in the way Perl parsed regular expressions. This issue was addressed through improved memory handling.", "id": "CVE-2013-7422", "impact": "Parsing a maliciously crafted regular expression may lead to disclosure of unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "perl", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4", "OS X Yosemite v10.10.5 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in PostgreSQL versions prior to 9.3.9. These issues were addressed by updating PostgreSQL to version 9.3.9.", "id": "CVE-2014-0067", "impact": "Multiple vulnerabilities in PostgreSQL, the most serious of which may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205031", "https://support.apple.com/en-us/HT205219" ], "module": "PostgreSQL", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2" ], "credit": "", "description": "Multiple vulnerabilities existed in Apache versions prior to 2.4.10 and 2.2.29, including one that may allow a remote attacker to execute arbitrary code. These issues were addressed by updating Apache to versions 2.4.10 and 2.2.29", "id": "CVE-2014-0098", "impact": "Multiple vulnerabilities in Apache", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "apache", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "", "description": "Multiple vulnerabilities existed in sudo versions prior to 1.7.10p9. These were addressed by updating sudo to version 1.7.10p9.", "id": "CVE-2014-0106", "impact": "Multiple vulnerabilities existed in sudo versions prior to 1.7.10p9, the most serious of which may allow an attacker access to arbitrary files", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "sudo", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2" ], "credit": "", "description": "Multiple vulnerabilities existed in Apache versions prior to 2.4.10 and 2.2.29, including one that may allow a remote attacker to execute arbitrary code. These issues were addressed by updating Apache to versions 2.4.10 and 2.2.29", "id": "CVE-2014-0117", "impact": "Multiple vulnerabilities in Apache", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "apache", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2" ], "credit": "", "description": "Multiple vulnerabilities existed in Apache versions prior to 2.4.10 and 2.2.29, including one that may allow a remote attacker to execute arbitrary code. These issues were addressed by updating Apache to versions 2.4.10 and 2.2.29", "id": "CVE-2014-0118", "impact": "Multiple vulnerabilities in Apache", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "apache", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Felix Groebert of Google", "description": "Multiple vulnerabilities existed in libxml2 versions prior to 2.9.2. These were addressed by updating libxml2 to version 2.9.2.", "id": "CVE-2014-0191", "impact": "Multiple vulnerabilities existed in libxml2 versions prior to 2.9.2, the most serious of which may allow a remote attacker to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205031" ], "module": "libxml2", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.3.29, 5.4.38, and 5.5.20, including one which may have led to arbitrary code execution. This update addresses the issues by updating PHP to versions 5.3.29, 5.4.38, and 5.5.20.", "id": "CVE-2014-0207", "impact": "Multiple vulnerabilities in PHP", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2" ], "credit": "", "description": "Multiple vulnerabilities existed in Apache versions prior to 2.4.10 and 2.2.29, including one that may allow a remote attacker to execute arbitrary code. These issues were addressed by updating Apache to versions 2.4.10 and 2.2.29", "id": "CVE-2014-0226", "impact": "Multiple vulnerabilities in Apache", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "apache", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2" ], "credit": "", "description": "Multiple vulnerabilities existed in Apache versions prior to 2.4.10 and 2.2.29, including one that may allow a remote attacker to execute arbitrary code. These issues were addressed by updating Apache to versions 2.4.10 and 2.2.29", "id": "CVE-2014-0231", "impact": "Multiple vulnerabilities in Apache", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "apache", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.3.29, 5.4.38, and 5.5.20, including one which may have led to arbitrary code execution. This update addresses the issues by updating PHP to versions 5.3.29, 5.4.38, and 5.5.20.", "id": "CVE-2014-0237", "impact": "Multiple vulnerabilities in PHP", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.3.29, 5.4.38, and 5.5.20, including one which may have led to arbitrary code execution. This update addresses the issues by updating PHP to versions 5.3.29, 5.4.38, and 5.5.20.", "id": "CVE-2014-0238", "impact": "Multiple vulnerabilities in PHP", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 and v10.10.1" ], "credit": "Steven Michaud of Mozilla working with Kent Howard", "description": "Due to the combination of an uninitialized variable and an application's custom allocator, non-secure text entry and mouse events may have been logged. This issue was addressed by ensuring that logging is off by default. This issue did not affect systems prior to OS X Yosemite.", "id": "CVE-2014-1595", "impact": "Some third-party applications with non-secure text entry and mouse events may log those events", "links": [ "https://support.apple.com/en-us/HT204244" ], "module": "CoreGraphics", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "", "description": "Multiple vulnerabilities existed in Python versions prior to 2.7.6. These were addressed by updating Python to version 2.7.10.", "id": "CVE-2014-1912", "impact": "Multiple vulnerabilities existed in Python 2.7.6, the most serious of which may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "python", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.3.29, 5.4.38, and 5.5.20, including one which may have led to arbitrary code execution. This update addresses the issues by updating PHP to versions 5.3.29, 5.4.38, and 5.5.20.", "id": "CVE-2014-2497", "impact": "Multiple vulnerabilities in PHP", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later" ], "credit": "", "description": "Multiple vulnerabilities existed in OpenSSH versions prior to 6.9. These issues were addressed by updating OpenSSH to version 6.9.", "id": "CVE-2014-2532", "impact": "Multiple vulnerabilities in OpenSSH", "links": [ "https://support.apple.com/en-us/HT205267" ], "module": "OpenSSH", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10.1", "Windows 8 and Windows 7", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "cloudfuzzer", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-3192", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204243", "https://support.apple.com/en-us/HT204245", "https://support.apple.com/en-us/HT204246", "https://support.apple.com/en-us/HT204949" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.3.29, 5.4.38, and 5.5.20, including one which may have led to arbitrary code execution. This update addresses the issues by updating PHP to versions 5.3.29, 5.4.38, and 5.5.20.", "id": "CVE-2014-3478", "impact": "Multiple vulnerabilities in PHP", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.3.29, 5.4.38, and 5.5.20, including one which may have led to arbitrary code execution. This update addresses the issues by updating PHP to versions 5.3.29, 5.4.38, and 5.5.20.", "id": "CVE-2014-3479", "impact": "Multiple vulnerabilities in PHP", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.3.29, 5.4.38, and 5.5.20, including one which may have led to arbitrary code execution. This update addresses the issues by updating PHP to versions 5.3.29, 5.4.38, and 5.5.20.", "id": "CVE-2014-3480", "impact": "Multiple vulnerabilities in PHP", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.3.29, 5.4.38, and 5.5.20, including one which may have led to arbitrary code execution. This update addresses the issues by updating PHP to versions 5.3.29, 5.4.38, and 5.5.20.", "id": "CVE-2014-3487", "impact": "Multiple vulnerabilities in PHP", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.4 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in the node.js OpenSSL module prior to version 1.0.1j. These issues were addressed by updating openssl to version 1.0.1j.", "id": "CVE-2014-3513", "impact": "Multiple vulnerabilities in OpenSSL", "links": [ "https://support.apple.com/en-us/HT205217" ], "module": "IDE Xcode Server", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.4 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Apache Subversion, the most serious of which may have allowed an attacker with a privileged position to spoof SSL servers via a crafted certificate. These issues were addressed by updating Apache Subversion to version 1.7.19.", "id": "CVE-2014-3522", "impact": "Multiple vulnerabilities in Apache Subversion", "links": [ "https://support.apple.com/en-us/HT204427" ], "module": "subversion", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.4 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Apache Subversion, the most serious of which may have allowed an attacker with a privileged position to spoof SSL servers via a crafted certificate. These issues were addressed by updating Apache Subversion to version 1.7.19.", "id": "CVE-2014-3528", "impact": "Multiple vulnerabilities in Apache Subversion", "links": [ "https://support.apple.com/en-us/HT204427" ], "module": "subversion", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.3.29, 5.4.38, and 5.5.20, including one which may have led to arbitrary code execution. This update addresses the issues by updating PHP to versions 5.3.29, 5.4.38, and 5.5.20.", "id": "CVE-2014-3538", "impact": "Multiple vulnerabilities in PHP", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan 10.11" ], "credit": "", "description": "Multiple issues existed in netsnmp version 5.6. These issues were addressed by using patches affecting OS X from upstream.", "id": "CVE-2014-3565", "impact": "An attacker in a privileged network position may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT205375" ], "module": "Net-SNMP", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1", "OS X Yosemite v10.10 or later", "OS X Yosemite v10.10.4 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in the node.js OpenSSL module prior to version 1.0.1j. These issues were addressed by updating openssl to version 1.0.1j.", "id": "CVE-2014-3566", "impact": "Multiple vulnerabilities in OpenSSL", "links": [ "https://support.apple.com/en-us/HT204201", "https://support.apple.com/en-us/HT204244", "https://support.apple.com/en-us/HT205217" ], "module": "IDE Xcode Server", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1", "OS X Yosemite v10.10.4 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in the node.js OpenSSL module prior to version 1.0.1j. These issues were addressed by updating openssl to version 1.0.1j.", "id": "CVE-2014-3567", "impact": "Multiple vulnerabilities in OpenSSL", "links": [ "https://support.apple.com/en-us/HT204244", "https://support.apple.com/en-us/HT205217" ], "module": "IDE Xcode Server", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1", "OS X Yosemite v10.10.4 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in the node.js OpenSSL module prior to version 1.0.1j. These issues were addressed by updating openssl to version 1.0.1j.", "id": "CVE-2014-3568", "impact": "Multiple vulnerabilities in OpenSSL", "links": [ "https://support.apple.com/en-us/HT204244", "https://support.apple.com/en-us/HT205217" ], "module": "IDE Xcode Server", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2" ], "credit": "", "description": "Multiple vulnerabilities existed in OpenSSL 0.9.8zc, including one that may allow an attacker to intercept connections to a server that supports export-grade ciphers. These issues were addressed by updating OpenSSL to version 0.9.8zd.", "id": "CVE-2014-3569", "impact": "Multiple vulnerabilities in OpenSSL", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "OpenSSL", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2" ], "credit": "", "description": "Multiple vulnerabilities existed in OpenSSL 0.9.8zc, including one that may allow an attacker to intercept connections to a server that supports export-grade ciphers. These issues were addressed by updating OpenSSL to version 0.9.8zd.", "id": "CVE-2014-3570", "impact": "Multiple vulnerabilities in OpenSSL", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "OpenSSL", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2" ], "credit": "", "description": "Multiple vulnerabilities existed in OpenSSL 0.9.8zc, including one that may allow an attacker to intercept connections to a server that supports export-grade ciphers. These issues were addressed by updating OpenSSL to version 0.9.8zd.", "id": "CVE-2014-3571", "impact": "Multiple vulnerabilities in OpenSSL", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "OpenSSL", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2" ], "credit": "", "description": "Multiple vulnerabilities existed in OpenSSL 0.9.8zc, including one that may allow an attacker to intercept connections to a server that supports export-grade ciphers. These issues were addressed by updating OpenSSL to version 0.9.8zd.", "id": "CVE-2014-3572", "impact": "Multiple vulnerabilities in OpenSSL", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "OpenSSL", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.4 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Apache Subversion, the most serious of which may have allowed an attacker with a privileged position to spoof SSL servers via a crafted certificate. These issues were addressed by updating Apache Subversion to version 1.7.19.", "id": "CVE-2014-3580", "impact": "Multiple vulnerabilities in Apache Subversion", "links": [ "https://support.apple.com/en-us/HT204427" ], "module": "subversion", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4", "OS X Yosemite v10.10.5 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Apache versions prior to 2.4.16. These issues were addressed by updating Apache to version 2.4.16.", "id": "CVE-2014-3581", "impact": "Multiple vulnerabilities in Apache, the most serious of which may allow a remote attacker to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT205031", "https://support.apple.com/en-us/HT205219" ], "module": "apache", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4", "OS X Yosemite v10.10.5 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Apache versions prior to 2.4.16. These issues were addressed by updating Apache to version 2.4.16.", "id": "CVE-2014-3583", "impact": "Multiple vulnerabilities in Apache, the most serious of which may allow a remote attacker to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT205031", "https://support.apple.com/en-us/HT205219" ], "module": "apache", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.3.29, 5.4.38, and 5.5.20, including one which may have led to arbitrary code execution. This update addresses the issues by updating PHP to versions 5.3.29, 5.4.38, and 5.5.20.", "id": "CVE-2014-3587", "impact": "Multiple vulnerabilities in PHP", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.3.29, 5.4.38, and 5.5.20, including one which may have led to arbitrary code execution. This update addresses the issues by updating PHP to versions 5.3.29, 5.4.38, and 5.5.20.", "id": "CVE-2014-3597", "impact": "Multiple vulnerabilities in PHP", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "", "description": "Multiple vulnerabilities existed in cURL and libcurl prior to 7.38.0. These issues were addressed by updating cURL to version 7.43.0.", "id": "CVE-2014-3613", "impact": "Multiple vulnerabilities in cURL and libcurl prior to 7.38.0, one of which may allow remote attackers to bypass the Same Origin Policy.", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later" ], "credit": "", "description": "Multiple vulnerabilities existed in procmail versions prior to 3.22. These issues were addressed by removing procmail.", "id": "CVE-2014-3618", "impact": "Multiple vulnerabilities in procmail", "links": [ "https://support.apple.com/en-us/HT205267" ], "module": "procmail", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "", "description": "Multiple vulnerabilities existed in cURL and libcurl prior to 7.38.0. These issues were addressed by updating cURL to version 7.43.0.", "id": "CVE-2014-3620", "impact": "Multiple vulnerabilities in cURL and libcurl prior to 7.38.0, one of which may allow remote attackers to bypass the Same Origin Policy.", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Felix Groebert of Google", "description": "Multiple vulnerabilities existed in libxml2 versions prior to 2.9.2. These were addressed by updating libxml2 to version 2.9.2.", "id": "CVE-2014-3660", "impact": "Multiple vulnerabilities existed in libxml2 versions prior to 2.9.2, the most serious of which may allow a remote attacker to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205031" ], "module": "libxml2", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.3.29, 5.4.38, and 5.5.20, including one which may have led to arbitrary code execution. This update addresses the issues by updating PHP to versions 5.3.29, 5.4.38, and 5.5.20.", "id": "CVE-2014-3668", "impact": "Multiple vulnerabilities in PHP", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.3.29, 5.4.38, and 5.5.20, including one which may have led to arbitrary code execution. This update addresses the issues by updating PHP to versions 5.3.29, 5.4.38, and 5.5.20.", "id": "CVE-2014-3669", "impact": "Multiple vulnerabilities in PHP", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.3.29, 5.4.38, and 5.5.20, including one which may have led to arbitrary code execution. This update addresses the issues by updating PHP to versions 5.3.29, 5.4.38, and 5.5.20.", "id": "CVE-2014-3670", "impact": "Multiple vulnerabilities in PHP", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "", "description": "Multiple vulnerabilities existed in cURL and libcurl prior to 7.38.0. These issues were addressed by updating cURL to version 7.43.0.", "id": "CVE-2014-3707", "impact": "Multiple vulnerabilities in cURL and libcurl prior to 7.38.0, one of which may allow remote attackers to bypass the Same Origin Policy.", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.3.29, 5.4.38, and 5.5.20, including one which may have led to arbitrary code execution. This update addresses the issues by updating PHP to versions 5.3.29, 5.4.38, and 5.5.20.", "id": "CVE-2014-3710", "impact": "Multiple vulnerabilities in PHP", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.3.29, 5.4.38, and 5.5.20, including one which may have led to arbitrary code execution. This update addresses the issues by updating PHP to versions 5.3.29, 5.4.38, and 5.5.20.", "id": "CVE-2014-3981", "impact": "Multiple vulnerabilities in PHP", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.3.29, 5.4.38, and 5.5.20, including one which may have led to arbitrary code execution. This update addresses the issues by updating PHP to versions 5.3.29, 5.4.38, and 5.5.20.", "id": "CVE-2014-4049", "impact": "Multiple vulnerabilities in PHP", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 and v10.10.1" ], "credit": "Fermin J. Serna of the Google Security Team", "description": "Multiple uninitialized memory issues existed in the network statistics interface, which led to the disclosure of kernel memory content. This issue was addressed through additional memory initialization.", "id": "CVE-2014-4371", "impact": "A local user may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT204244" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5" ], "credit": "cunzhang from Adlab of Venustech", "description": "An out-of-bounds write issue exited in the IOHIDFamily driver. The issue was addressed through improved input validation.", "id": "CVE-2014-4380", "impact": "A user may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "IOHIDFamily", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 and v10.10.1" ], "credit": "Ian Beer of Google Project Zero", "description": "An integer overflow existed in the handling of IOKit functions. This issue was addressed through improved validation of IOKit API arguments.", "id": "CVE-2014-4389", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT204244" ], "module": "IOKit", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5" ], "credit": "Ian Beer of Google Project Zero", "description": "A heap buffer overflow existed in IOHIDFamily's handling of key-mapping properties. This issue was addressed through improved bounds checking.", "id": "CVE-2014-4404", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "IOHIDFamily", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5" ], "credit": "Ian Beer of Google Project Zero", "description": "A null pointer dereference existed in IOHIDFamily's handling of key-mapping properties. This issue was addressed through improved validation of IOHIDFamily key-mapping properties.", "id": "CVE-2014-4405", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "IOHIDFamily", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 and v10.10.1" ], "credit": "Fermin J. Serna of the Google Security Team", "description": "Multiple uninitialized memory issues existed in the network statistics interface, which led to the disclosure of kernel memory content. This issue was addressed through additional memory initialization.", "id": "CVE-2014-4419", "impact": "A local user may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT204244" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 and v10.10.1" ], "credit": "Fermin J. Serna of the Google Security Team", "description": "Multiple uninitialized memory issues existed in the network statistics interface, which led to the disclosure of kernel memory content. This issue was addressed through additional memory initialization.", "id": "CVE-2014-4420", "impact": "A local user may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT204244" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 and v10.10.1" ], "credit": "Fermin J. Serna of the Google Security Team", "description": "Multiple uninitialized memory issues existed in the network statistics interface, which led to the disclosure of kernel memory content. This issue was addressed through additional memory initialization.", "id": "CVE-2014-4421", "impact": "A local user may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT204244" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5" ], "credit": "Craig Young of Tripwire VERT", "description": "The AFP file server supported a command which returned all the network addresses of the system. This issue was addressed by removing the addresses from the result.", "id": "CVE-2014-4426", "impact": "A remote attacker may be able to determine all the network addresses of the system", "links": [ "https://support.apple.com/en-us/HT204244" ], "module": "AFP Server", "rsr": "", "update": "" }, { "available": [ "Windows 8 and Windows 7" ], "credit": "", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-4452", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204949" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "TaiG Jailbreak Team", "description": "A state management issue existed in the handling of Mach-O executable files with overlapping segments. This issue was addressed through improved validation of segment sizes.", "id": "CVE-2014-4455", "impact": "A local user may be able to execute unsigned code", "links": [ "https://support.apple.com/en-us/HT204245", "https://support.apple.com/en-us/HT204246" ], "module": "dyld", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "Windows 8 and Windows 7", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-4459", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204245", "https://support.apple.com/en-us/HT204246", "https://support.apple.com/en-us/HT204949" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 and v10.10.1" ], "credit": "", "description": "A privacy issue existed where browsing data could remain in the cache after leaving private browsing. This issue was addressed through a change in caching behavior.", "id": "CVE-2014-4460", "impact": "Website cache may not be fully cleared after leaving private browsing", "links": [ "https://support.apple.com/en-us/HT204244" ], "module": "CFNetwork Cache", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1" ], "credit": "@PanguTeam", "description": "A validation issue existed in the handling of certain metadata fields of IOSharedDataQueue objects. This issue was addressed through relocation of the metadata.", "id": "CVE-2014-4461", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT204244" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Rennie deGraaf of iSEC Partners", "description": "An SVG loaded in an img element could load a CSS file cross-origin. This issue was addressed through enhanced blocking of external CSS references in SVGs.", "id": "CVE-2014-4465", "impact": "Style sheets are loaded cross-origin which may allow for data exfiltration", "links": [ "https://support.apple.com/en-us/HT204245", "https://support.apple.com/en-us/HT204246" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "Windows 8 and Windows 7", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-4466", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204245", "https://support.apple.com/en-us/HT204246", "https://support.apple.com/en-us/HT204949" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Jordan Milne", "description": "A UI spoofing issue existed in the handling of scrollbar boundaries. This issue was addressed through improved bounds checking.", "id": "CVE-2014-4467", "impact": "Visiting a website that frames malicious content may lead to UI spoofing", "links": [ "https://support.apple.com/en-us/HT204245" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "Windows 8 and Windows 7", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-4468", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204245", "https://support.apple.com/en-us/HT204246", "https://support.apple.com/en-us/HT204949" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "Windows 8 and Windows 7", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-4469", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204245", "https://support.apple.com/en-us/HT204246", "https://support.apple.com/en-us/HT204949" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "Windows 8 and Windows 7", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-4470", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204245", "https://support.apple.com/en-us/HT204246", "https://support.apple.com/en-us/HT204949" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "Windows 8 and Windows 7", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-4471", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204245", "https://support.apple.com/en-us/HT204246", "https://support.apple.com/en-us/HT204949" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "Windows 8 and Windows 7", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-4472", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204245", "https://support.apple.com/en-us/HT204246", "https://support.apple.com/en-us/HT204949" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "Windows 8 and Windows 7", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-4473", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204245", "https://support.apple.com/en-us/HT204246", "https://support.apple.com/en-us/HT204949" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "Windows 8 and Windows 7", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-4474", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204245", "https://support.apple.com/en-us/HT204246", "https://support.apple.com/en-us/HT204949" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "Windows 8 and Windows 7", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-4475", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204245", "https://support.apple.com/en-us/HT204246", "https://support.apple.com/en-us/HT204949" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10.1", "Windows 8 and Windows 7", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-4476", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204243", "https://support.apple.com/en-us/HT204245", "https://support.apple.com/en-us/HT204246", "https://support.apple.com/en-us/HT204949" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10.1", "Windows 8 and Windows 7", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "lokihardt@ASRT working with HP's Zero Day Initiative", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-4477", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204243", "https://support.apple.com/en-us/HT204245", "https://support.apple.com/en-us/HT204246", "https://support.apple.com/en-us/HT204949" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10.1", "Windows 8 and Windows 7", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2014-4479", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204243", "https://support.apple.com/en-us/HT204245", "https://support.apple.com/en-us/HT204246", "https://support.apple.com/en-us/HT204949" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "TaiG Jailbreak Team", "description": "A vulnerability existed in the symbolic linking mechanism of afc. This issue was addressed by adding additional path checks.", "id": "CVE-2014-4480", "impact": "A maliciously crafted afc command may allow access to protected parts of the filesystem", "links": [ "https://support.apple.com/en-us/HT204245", "https://support.apple.com/en-us/HT204246" ], "module": "AppleFileConduit", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Felipe Andres Manzano of the Binamuse VRT, via the iSIGHT Partners GVP Program", "description": "An integer overflow existed in the handling of PDF files. This issue was addressed through improved bounds checking.", "id": "CVE-2014-4481", "impact": "Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204244", "https://support.apple.com/en-us/HT204245", "https://support.apple.com/en-us/HT204246" ], "module": "CoreGraphics", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "A buffer overflow existed in the handling of font files. This issue was addressed through improved bounds checking.", "id": "CVE-2014-4483", "impact": "Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204244", "https://support.apple.com/en-us/HT204245", "https://support.apple.com/en-us/HT204246" ], "module": "FontParser", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Gaurav Baruah working with HP's Zero Day Initiative", "description": "A memory corruption issue existed in the handling of .dfont files. This issue was addressed through improved bounds checking.", "id": "CVE-2014-4484", "impact": "Processing a maliciously crafted .dfont file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204244", "https://support.apple.com/en-us/HT204245", "https://support.apple.com/en-us/HT204246" ], "module": "FontParser", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "A buffer overflow existed in the XML parser. This issue was addressed through improved bounds checking.", "id": "CVE-2014-4485", "impact": "Viewing a maliciously crafted XML file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204244", "https://support.apple.com/en-us/HT204245", "https://support.apple.com/en-us/HT204246" ], "module": "Foundation", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Ian Beer of Google Project Zero", "description": "A null pointer dereference existed in IOAcceleratorFamily's handling of certain IOService userclient types. This issue was addressed through improved validation of IOAcceleratorFamily contexts.", "id": "CVE-2014-4486", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT204244", "https://support.apple.com/en-us/HT204245", "https://support.apple.com/en-us/HT204246" ], "module": "IOAcceleratorFamily", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "TaiG Jailbreak Team", "description": "A buffer overflow existed in IOHIDFamily. This issue was addressed with improved bounds checking.", "id": "CVE-2014-4487", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT204244", "https://support.apple.com/en-us/HT204245", "https://support.apple.com/en-us/HT204246" ], "module": "IOHIDFamily", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "A validation issue existed in IOHIDFamily's handling of resource queue metadata. This issue was addressed through improved validation of metadata.", "id": "CVE-2014-4488", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT204244", "https://support.apple.com/en-us/HT204245", "https://support.apple.com/en-us/HT204246" ], "module": "IOHIDFamily", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "@beist", "description": "A null pointer dereference existed in IOHIDFamily's handling of event queues. This issue was addressed through improved validation of IOHIDFamily event queue initialization.", "id": "CVE-2014-4489", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT204244", "https://support.apple.com/en-us/HT204245", "https://support.apple.com/en-us/HT204246" ], "module": "IOHIDFamily", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "@PanguTeam, Stefan Esser", "description": "An information disclosure issue existed in the handling of APIs related to kernel extensions. Responses containing an OSBundleMachOHeaders key may have included kernel addresses, which may aid in bypassing address space layout randomization protection. This issue was addressed by unsliding the addresses before returning them.", "id": "CVE-2014-4491", "impact": "Maliciously crafted or compromised applications may be able to determine addresses in the kernel", "links": [ "https://support.apple.com/en-us/HT204244", "https://support.apple.com/en-us/HT204245", "https://support.apple.com/en-us/HT204246" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Ian Beer of Google Project Zero", "description": "Multiple type confusion issues existed in networkd's handling of interprocess communication. By sending networkd a maliciously formatted message, it may have been possible to execute arbitrary code as the networkd process. The issue is addressed through additional type checking.", "id": "CVE-2014-4492", "impact": "A malicious, sandboxed app can compromise the networkd daemon", "links": [ "https://support.apple.com/en-us/HT204244", "https://support.apple.com/en-us/HT204245", "https://support.apple.com/en-us/HT204246" ], "module": "libnetcore", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Hui Xue and Tao Wei of FireEye, Inc.", "description": "A vulnerability existed in the application installation process. This was addressed by preventing enterprise applications from overriding existing applications in specific scenarios.", "id": "CVE-2014-4493", "impact": "A malicious enterprise-signed application may be able to take control of the local container for applications already on a device", "links": [ "https://support.apple.com/en-us/HT204245" ], "module": "MobileInstallation", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Song Jin, Hui Xue, and Tao Wei of FireEye, Inc.", "description": "An issue existed in determining when to prompt for trust when first opening an enterprise-signed application. This issue was addressed through improved code signature validation.", "id": "CVE-2014-4494", "impact": "Enterprise-signed applications may be launched without prompting for trust", "links": [ "https://support.apple.com/en-us/HT204245" ], "module": "Springboard", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Ian Beer of Google Project Zero", "description": "Specifying a custom cache mode allowed writing to kernel read-only shared memory segments. This issue was addressed by not granting write permissions as a side-effect of some custom cache modes.", "id": "CVE-2014-4495", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT204244", "https://support.apple.com/en-us/HT204245", "https://support.apple.com/en-us/HT204246" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Yosemite v10.10.2", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "TaiG Jailbreak Team", "description": "The mach_port_kobject kernel interface leaked kernel addresses and heap permutation value, which may aid in bypassing address space layout randomization protection. This was addressed by disabling the mach_port_kobject interface in production configurations.", "id": "CVE-2014-4496", "impact": "Maliciously crafted or compromised applications may be able to determine addresses in the kernel", "links": [ "https://support.apple.com/en-us/HT204245", "https://support.apple.com/en-us/HT204246", "https://support.apple.com/en-us/HT204413" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5" ], "credit": "", "description": "An integer signedness error existed in IOBluetoothFamily which allowed manipulation of kernel memory. This issue was addressed through improved bounds checking. This issue does not affect OS X Yosemite systems.", "id": "CVE-2014-4497", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT204244" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 and v10.10.1, for: MacBook Pro Retina, MacBook Air (Mid 2013 and later), iMac (Late 2013 and later), Mac Pro (Late 2013)" ], "credit": "Trammell Hudson of Two Sigma Investments", "description": "Thunderbolt devices could modify the host firmware if connected during an EFI update. This issue was addressed by not loading option ROMs during updates.", "id": "CVE-2014-4498", "impact": "A malicious Thunderbolt device may be able to affect firmware flashing", "links": [ "https://support.apple.com/en-us/HT204244" ], "module": "CPU Software", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 and v10.10.1" ], "credit": "Sten Petersen", "description": "An issue existed in the handling of App Store logs. The App Store process could log Apple ID credentials in the log when additional logging was enabled. This issue was addressed by disallowing logging of credentials.", "id": "CVE-2014-4499", "impact": "An attacker with access to a system may be able to recover Apple ID credentials", "links": [ "https://support.apple.com/en-us/HT204244" ], "module": "CommerceKit Framework", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.3.29, 5.4.38, and 5.5.20, including one which may have led to arbitrary code execution. This update addresses the issues by updating PHP to versions 5.3.29, 5.4.38, and 5.5.20.", "id": "CVE-2014-4670", "impact": "Multiple vulnerabilities in PHP", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.3.29, 5.4.38, and 5.5.20, including one which may have led to arbitrary code execution. This update addresses the issues by updating PHP to versions 5.3.29, 5.4.38, and 5.5.20.", "id": "CVE-2014-4698", "impact": "Multiple vulnerabilities in PHP", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11" ], "credit": "Corey Kallenberg, Xeno Kovah, John Butterworth, and Sam Cornwell of The MITRE Corporation, coordinated via CERT", "description": "An issue existed with EFI argument handling. This was addressed by removing the affected functions.", "id": "CVE-2014-4860", "impact": "An attacker can exercise unused EFI functions", "links": [ "https://support.apple.com/en-us/HT205375" ], "module": "EFI", "rsr": "", "update": "June 30, 2017" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.3.29, 5.4.38, and 5.5.20, including one which may have led to arbitrary code execution. This update addresses the issues by updating PHP to versions 5.3.29, 5.4.38, and 5.5.20.", "id": "CVE-2014-5120", "impact": "Multiple vulnerabilities in PHP", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "PHP", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "", "description": "The Kerberos libgssapi library returned a context token with a dangling pointer. This issue was addressed by improving state management.", "id": "CVE-2014-5352", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT204244", "https://support.apple.com/en-us/HT204245", "https://support.apple.com/en-us/HT204246" ], "module": "Kerberos", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later", "OS X Yosemite v10.10 and v10.10.1" ], "credit": "", "description": "Multiple vulnerabilities existed in bash versions prior to 3.2 patch level 57. These issues were addressed by updating bash version 3.2 to patch level 57.", "id": "CVE-2014-6277", "impact": "Multiple vulnerabilities in bash", "links": [ "https://support.apple.com/en-us/HT204244", "https://support.apple.com/en-us/HT205267" ], "module": "bash", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.4 or later" ], "credit": "Ilya Kantor", "description": "A comparison issue existed in the node.js send module prior to version 0.8.4. This issue was addressed by upgrading to version 0.12.3.", "id": "CVE-2014-6394", "impact": "An attacker may be able to access restricted parts of the filesystem", "links": [ "https://support.apple.com/en-us/HT205217" ], "module": "IDE Xcode Server", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "", "description": "Multiple vulnerabilities existed in Python versions prior to 2.7.6. These were addressed by updating Python to version 2.7.10.", "id": "CVE-2014-7185", "impact": "Multiple vulnerabilities existed in Python 2.7.6, the most serious of which may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "python", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later", "OS X Yosemite v10.10 and v10.10.1" ], "credit": "", "description": "Multiple vulnerabilities existed in bash versions prior to 3.2 patch level 57. These issues were addressed by updating bash version 3.2 to patch level 57.", "id": "CVE-2014-7186", "impact": "Multiple vulnerabilities in bash", "links": [ "https://support.apple.com/en-us/HT204244", "https://support.apple.com/en-us/HT205267" ], "module": "bash", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later", "OS X Yosemite v10.10 and v10.10.1" ], "credit": "", "description": "Multiple vulnerabilities existed in bash versions prior to 3.2 patch level 57. These issues were addressed by updating bash version 3.2 to patch level 57.", "id": "CVE-2014-7187", "impact": "Multiple vulnerabilities in bash", "links": [ "https://support.apple.com/en-us/HT204244", "https://support.apple.com/en-us/HT205267" ], "module": "bash", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "", "description": "A validation issue existed in the mailx parsing of email addresses. This was addressed by improved sanitization.", "id": "CVE-2014-7844", "impact": "A local user may be able to execute arbitrary shell commands", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "mail_cmds", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later" ], "credit": "", "description": "Multiple vulnerabilities existed in Ruby versions prior to 2.0.0p645. These were addressed by updating Ruby to version 2.0.0p645.", "id": "CVE-2014-8080", "impact": "Multiple vulnerabilities in Ruby", "links": [ "https://support.apple.com/en-us/HT205267" ], "module": "Ruby", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later" ], "credit": "", "description": "Multiple vulnerabilities existed in Ruby versions prior to 2.0.0p645. These were addressed by updating Ruby to version 2.0.0p645.", "id": "CVE-2014-8090", "impact": "Multiple vulnerabilities in Ruby", "links": [ "https://support.apple.com/en-us/HT205267" ], "module": "Ruby", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.4 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Apache Subversion, the most serious of which may have allowed an attacker with a privileged position to spoof SSL servers via a crafted certificate. These issues were addressed by updating Apache Subversion to version 1.7.19.", "id": "CVE-2014-8108", "impact": "Multiple vulnerabilities in Apache Subversion", "links": [ "https://support.apple.com/en-us/HT204427" ], "module": "subversion", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4", "OS X Yosemite v10.10.5 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Apache versions prior to 2.4.16. These issues were addressed by updating Apache to version 2.4.16.", "id": "CVE-2014-8109", "impact": "Multiple vulnerabilities in Apache, the most serious of which may allow a remote attacker to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT205031", "https://support.apple.com/en-us/HT205219" ], "module": "apache", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "", "description": "Multiple vulnerabilities existed in libtiff versions prior to 4.0.4. They were addressed by updating libtiff to version 4.0.4.", "id": "CVE-2014-8127", "impact": "Multiple vulnerabilities existed in libtiff, the most serious of which may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204941", "https://support.apple.com/en-us/HT204942" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "", "description": "Multiple vulnerabilities existed in libtiff versions prior to 4.0.4. They were addressed by updating libtiff to version 4.0.4.", "id": "CVE-2014-8128", "impact": "Multiple vulnerabilities existed in libtiff, the most serious of which may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204941", "https://support.apple.com/en-us/HT204942" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "", "description": "Multiple vulnerabilities existed in libtiff versions prior to 4.0.4. They were addressed by updating libtiff to version 4.0.4.", "id": "CVE-2014-8129", "impact": "Multiple vulnerabilities existed in libtiff, the most serious of which may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204941", "https://support.apple.com/en-us/HT204942" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "", "description": "Multiple vulnerabilities existed in libtiff versions prior to 4.0.4. They were addressed by updating libtiff to version 4.0.4.", "id": "CVE-2014-8130", "impact": "Multiple vulnerabilities existed in libtiff, the most serious of which may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204941", "https://support.apple.com/en-us/HT204942" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.3" ], "credit": "", "description": "Multiple memory corruption issues existed in the handling of zip files. These issues were addressed through improved memory handling.", "id": "CVE-2014-8139", "impact": "Extracting a maliciously crafted zip file using the unzip tool may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204942" ], "module": "zip", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.3" ], "credit": "", "description": "Multiple memory corruption issues existed in the handling of zip files. These issues were addressed through improved memory handling.", "id": "CVE-2014-8140", "impact": "Extracting a maliciously crafted zip file using the unzip tool may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204942" ], "module": "zip", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.3" ], "credit": "", "description": "Multiple memory corruption issues existed in the handling of zip files. These issues were addressed through improved memory handling.", "id": "CVE-2014-8141", "impact": "Extracting a maliciously crafted zip file using the unzip tool may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204942" ], "module": "zip", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, and Apple Watch Edition", "Mac OS X v10.6.8 and later", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Marc Deslauriers", "description": "Multiple vulnerabilities existed in ICU versions prior to 53.1.0. These issues were addressed by updating ICU to version 55.1.", "id": "CVE-2014-8146", "impact": "Multiple vulnerabilities in ICU", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205213", "https://support.apple.com/en-us/HT205221", "https://support.apple.com/en-us/HT205267" ], "module": "ICU", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, and Apple Watch Edition", "Mac OS X v10.6.8 and later", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Marc Deslauriers", "description": "Multiple vulnerabilities existed in ICU versions prior to 53.1.0. These issues were addressed by updating ICU to version 55.1.", "id": "CVE-2014-8147", "impact": "Multiple vulnerabilities in ICU", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205213", "https://support.apple.com/en-us/HT205221", "https://support.apple.com/en-us/HT205267" ], "module": "ICU", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "", "description": "Multiple vulnerabilities existed in cURL and libcurl prior to 7.38.0. These issues were addressed by updating cURL to version 7.43.0.", "id": "CVE-2014-8150", "impact": "Multiple vulnerabilities in cURL and libcurl prior to 7.38.0, one of which may allow remote attackers to bypass the Same Origin Policy.", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "", "description": "Multiple vulnerabilities existed in cURL and libcurl prior to 7.38.0. These issues were addressed by updating cURL to version 7.43.0.", "id": "CVE-2014-8151", "impact": "Multiple vulnerabilities in cURL and libcurl prior to 7.38.0, one of which may allow remote attackers to bypass the Same Origin Policy.", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4", "OS X Yosemite v10.10.5 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in PostgreSQL versions prior to 9.3.9. These issues were addressed by updating PostgreSQL to version 9.3.9.", "id": "CVE-2014-8161", "impact": "Multiple vulnerabilities in PostgreSQL, the most serious of which may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205031", "https://support.apple.com/en-us/HT205219" ], "module": "PostgreSQL", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2" ], "credit": "", "description": "Multiple vulnerabilities existed in OpenSSL 0.9.8zc, including one that may allow an attacker to intercept connections to a server that supports export-grade ciphers. These issues were addressed by updating OpenSSL to version 0.9.8zd.", "id": "CVE-2014-8275", "impact": "Multiple vulnerabilities in OpenSSL", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "OpenSSL", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.5 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in BIND versions prior to 9.9.7. These issues were addressed by updating BIND to version 9.9.7.", "id": "CVE-2014-8500", "impact": "Multiple vulnerabilities in BIND, the most severe of which may allow a remote attacker to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT205219" ], "module": "BIND", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1" ], "credit": "", "description": "A command injection issue existed in the handling of HTTP redirects. This issue was addressed through improved validation of special characters.", "id": "CVE-2014-8517", "impact": "Using the command line ftp tool to fetch files from a malicious http server may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204244" ], "module": "lukemftp", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Adrian Chadd and Alfred Perlstein of Norse Corporation", "description": "A memory corruption issue existed in the fflush function. This issue was addressed through improved memory handling.", "id": "CVE-2014-8611", "impact": "A remote attacker may be able to cause arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205267" ], "module": "libc", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "", "description": "Multiple vulnerabilities existed in tcpdump versions prior to 4.7.3. These were addressed by updating tcpdump to version 4.7.3.", "id": "CVE-2014-8767", "impact": "Multiple vulnerabilities existed in tcpdump 4.7.3, the most serious of which may allow a remote attacker to cause a denial of service.", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "", "description": "Multiple vulnerabilities existed in tcpdump versions prior to 4.7.3. These were addressed by updating tcpdump to version 4.7.3.", "id": "CVE-2014-8769", "impact": "Multiple vulnerabilities existed in tcpdump 4.7.3, the most serious of which may allow a remote attacker to cause a denial of service.", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5" ], "credit": "Mike Myers, of Digital Operatives LLC", "description": "A memory corruption issue existed in the handling of PDF files. The issue was addressed through improved bounds checking. This issue does not affect OS X Yosemite systems.", "id": "CVE-2014-8816", "impact": "Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204244" ], "module": "CoreGraphics", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1" ], "credit": "Ian Beer of Google Project Zero", "description": "Multiple type confusion issues existed in coresymbolicationd's handling of XPC messages. These issues were addressed through improved type checking.", "id": "CVE-2014-8817", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT204244" ], "module": "CoreSymbolication", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1" ], "credit": "Ian Beer of Google Project Zero", "description": "Multiple vulnerabilities existed in the Intel graphics driver, the most serious of which may have led to arbitrary code execution with system privileges. This update addresses the issues through additional bounds checks.", "id": "CVE-2014-8819", "impact": "Multiple vulnerabilities in Intel graphics driver", "links": [ "https://support.apple.com/en-us/HT204244" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1" ], "credit": "Ian Beer of Google Project Zero", "description": "Multiple vulnerabilities existed in the Intel graphics driver, the most serious of which may have led to arbitrary code execution with system privileges. This update addresses the issues through additional bounds checks.", "id": "CVE-2014-8820", "impact": "Multiple vulnerabilities in Intel graphics driver", "links": [ "https://support.apple.com/en-us/HT204244" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1" ], "credit": "Ian Beer of Google Project Zero", "description": "Multiple vulnerabilities existed in the Intel graphics driver, the most serious of which may have led to arbitrary code execution with system privileges. This update addresses the issues through additional bounds checks.", "id": "CVE-2014-8821", "impact": "Multiple vulnerabilities in Intel graphics driver", "links": [ "https://support.apple.com/en-us/HT204244" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1" ], "credit": "Vitaliy Toropov working with HP's Zero Day Initiative", "description": "A bounds checking issue existed in a user client vended by the IOHIDFamily driver which allowed a malicious application to overwrite arbitrary portions of the kernel address space. The issue is addressed by removing the vulnerable user client method.", "id": "CVE-2014-8822", "impact": "Executing a malicious application may result in arbitrary code execution within the kernel", "links": [ "https://support.apple.com/en-us/HT204244" ], "module": "IOHIDFamily", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 and v10.10.1" ], "credit": "Ian Beer of Google Project Zero", "description": "A memory access issue existed in the handling of IOUSB controller user client functions. This issue was addressed through improved argument validation.", "id": "CVE-2014-8823", "impact": "A privileged application may be able to read arbitrary data from kernel memory", "links": [ "https://support.apple.com/en-us/HT204244" ], "module": "IOUSBFamily", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1" ], "credit": "@PanguTeam", "description": "A validation issue existed in the handling of certain metadata fields of IODataQueue objects. This issue was addressed through improved validation of metadata.", "id": "CVE-2014-8824", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT204244" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 and v10.10.1" ], "credit": "Alex Radocea of CrowdStrike", "description": "Issues existed in identitysvc validation of the directory service resolving process, flag handling, and error handling. This issue was addressed through improved validation.", "id": "CVE-2014-8825", "impact": "A local attacker can spoof directory service responses to the kernel, elevate privileges, or gain kernel execution", "links": [ "https://support.apple.com/en-us/HT204244" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1" ], "credit": "Hernan Ochoa of Amplia Security", "description": "An issue existed in the handling of application launches which allowed certain malicious JAR files to bypass Gatekeeper checks. This issue was addressed through improved handling of file type metadata.", "id": "CVE-2014-8826", "impact": "A malicious JAR file may bypass Gatekeeper checks", "links": [ "https://support.apple.com/en-us/HT204244" ], "module": "LaunchServices", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1" ], "credit": "Xavier Bertels of Mono, and multiple OS X seed testers", "description": "An issue existed in the rendering of the lock screen. This issue was address through improved screen rendering while locked.", "id": "CVE-2014-8827", "impact": "A Mac may not lock immediately upon wake", "links": [ "https://support.apple.com/en-us/HT204244" ], "module": "LoginWindow", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5" ], "credit": "Apple", "description": "A design issue existed in the caching of sandbox profiles which allowed sandboxed applications to gain write access to the cache. This issue was addressed by restricting write access to paths containing a \u201ccom.apple.sandbox\u201d segment. This issue does not affect OS X Yosemite v10.10 or later.", "id": "CVE-2014-8828", "impact": "A sandboxed process may be able to circumvent sandbox restrictions", "links": [ "https://support.apple.com/en-us/HT204244" ], "module": "Sandbox", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5" ], "credit": "Jose Duart of the Google Security Team", "description": "Multiple out of bounds write issues existed in SceneKit. These issues were addressed through improved bounds checking.", "id": "CVE-2014-8829", "impact": "A malicious application could execute arbitrary code leading to compromise of user information", "links": [ "https://support.apple.com/en-us/HT204244" ], "module": "SceneKit", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1", "OS X Mountain Lion v10.8.5" ], "credit": "Jose Duart of Google Security Team", "description": "A heap buffer overflow existed in SceneKit's handling of Collada files. Viewing a maliciously crafted Collada file may have led to arbitrary code execution. This issue was addressed through improved validation of accessor elements.", "id": "CVE-2014-8830", "impact": "Viewing a maliciously crafted Collada file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204244", "https://support.apple.com/en-us/HT204659" ], "module": "SceneKit", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1" ], "credit": "Apple", "description": "An access control issue existed in the Keychain. Applications signed with self-signed or Developer ID certificates could access keychain items whose access control lists were based on keychain groups. This issue was addressed by validating the signing identity when granting access to keychain groups.", "id": "CVE-2014-8831", "impact": "An app may access keychain items belonging to other apps", "links": [ "https://support.apple.com/en-us/HT204244" ], "module": "security_taskgate", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1" ], "credit": "F-Secure", "description": "An issue existed in Spotlight where memory contents may have been written to external hard drives when indexing. This issue was addressed with better memory management.", "id": "CVE-2014-8832", "impact": "Spotlight may save unexpected information to an external hard drive", "links": [ "https://support.apple.com/en-us/HT204244" ], "module": "Spotlight", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 and v10.10.1" ], "credit": "David J Peacock, Independent Technology Consultant", "description": "A deserialization issue existed in Spotlight's handling of permission caches. A user performing a Spotlight query may have been shown search results referencing files for which they don't have sufficient privileges to read. This issue was addressed with improved bounds checking.", "id": "CVE-2014-8833", "impact": "Spotlight may display results for files not belonging to the user", "links": [ "https://support.apple.com/en-us/HT204244" ], "module": "SpotlightIndex", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 and v10.10.1" ], "credit": "Apple", "description": "OS X Yosemite v10.10 addressed an issue in the handling of password-protected PDF files created from the Print dialog where passwords may have been included in printing preference files. This update removes such extraneous information that may have been present in printing preference files.", "id": "CVE-2014-8834", "impact": "Printing-related preference files may contain sensitive information about PDF documents", "links": [ "https://support.apple.com/en-us/HT204244" ], "module": "UserAccountUpdater", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1" ], "credit": "Ian Beer of Google Project Zero", "description": "A type confusion vulnerability existed in sysmond that allowed a local application to escalate privileges. The issue was addressed with improved type checking.", "id": "CVE-2014-8835", "impact": "A malicious application may be able to execute arbitrary code with root privileges", "links": [ "https://support.apple.com/en-us/HT204244" ], "module": "sysmond", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 and v10.10.1" ], "credit": "Ian Beer of Google Project Zero", "description": "An error existed in the Bluetooth driver that allowed a malicious application to control the size of a write to kernel memory. The issue was addressed through additional input validation.", "id": "CVE-2014-8836", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT204244" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 and v10.10.1" ], "credit": "Roberto Paleari and Aristide Fattori of Emaze Networks", "description": "Multiple security issues existed in the Bluetooth driver, allowing a malicious application to execute arbitrary code with system privilege. The issues were addressed through additional input validation.", "id": "CVE-2014-8837", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT204244" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1" ], "credit": "Apple", "description": "An issue existed with how cached application certificate information was evaluated. This issue was addressed with cache logic improvements.", "id": "CVE-2014-8838", "impact": "A downloaded application signed with a revoked Developer ID certificate may pass Gatekeeper checks", "links": [ "https://support.apple.com/en-us/HT204244" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 and v10.10.1" ], "credit": "John Whitehead of The New York Times, Frode Moe of LastFriday.no", "description": "Spotlight did not check the status of Mail\u2019s \"Load remote content in messages\" setting. This issue was addressed by improving configuration checking.", "id": "CVE-2014-8839", "impact": "The sender of an email could determine the IP address of the recipient", "links": [ "https://support.apple.com/en-us/HT204244" ], "module": "Spotlight", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "lokihardt@ASRT working with HP's Zero Day Initiative", "description": "An issue existed in the handling of URLs redirected from Safari to the iTunes Store that could allow a malicious website to bypass Safari's sandbox restrictions. The issue was addressed with improved filtering of URLs opened by the iTunes Store.", "id": "CVE-2014-8840", "impact": "A website may be able to bypass sandbox restrictions using the iTunes Store", "links": [ "https://support.apple.com/en-us/HT204245" ], "module": "iTunes Store", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "", "description": "Multiple vulnerabilities existed in tcpdump versions prior to 4.7.3. These were addressed by updating tcpdump to version 4.7.3.", "id": "CVE-2014-9140", "impact": "Multiple vulnerabilities existed in tcpdump 4.7.3, the most serious of which may allow a remote attacker to cause a denial of service.", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 and v10.10.1" ], "credit": "", "description": "Multiple input validation issues existed in ntpd. These issues were addressed through improved data validation.", "id": "CVE-2014-9297", "impact": "Using the ntp daemon with cryptographic authentication enabled may lead to information leaks", "links": [ "https://support.apple.com/en-us/HT204244" ], "module": "ntpd", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.2" ], "credit": "", "description": "The config_auth function in ntpd generated a weak key when an authentication key was not configured. This issue was addressed by improved key generation.", "id": "CVE-2014-9298", "impact": "A remote attacker may brute force ntpd authentication keys", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "ntp", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "", "description": "Multiple vulnerabilities existed in Python versions prior to 2.7.6. These were addressed by updating Python to version 2.7.10.", "id": "CVE-2014-9365", "impact": "Multiple vulnerabilities existed in Python 2.7.6, the most serious of which may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "python", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.4 or later" ], "credit": "Matt Mackall of Mercurial and Augie Fackler of Mercurial", "description": "The checks involved in disallowed paths did not account for case insensitivity or unicode characters. This issue was addressed by adding additional checks.", "id": "CVE-2014-9390", "impact": "Synching with a malicious git repository may allow unexpected files to be added to the .git folder", "links": [ "https://support.apple.com/en-us/HT204427" ], "module": "Git", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.5.27, including one which may have led to remote code execution. This issue was addressed by updating PHP to version 5.5.27.", "id": "CVE-2014-9425", "impact": "Multiple vulnerabilities in PHP", "links": [ "https://support.apple.com/en-us/HT205267" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.5.27, including one which may have led to remote code execution. This issue was addressed by updating PHP to version 5.5.27.", "id": "CVE-2014-9427", "impact": "Multiple vulnerabilities in PHP", "links": [ "https://support.apple.com/en-us/HT205267" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.5.27, including one which may have led to remote code execution. This issue was addressed by updating PHP to version 5.5.27.", "id": "CVE-2014-9652", "impact": "Multiple vulnerabilities in PHP", "links": [ "https://support.apple.com/en-us/HT205267" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "", "description": "Multiple vulnerabilities existed in sudo versions prior to 1.7.10p9. These were addressed by updating sudo to version 1.7.10p9.", "id": "CVE-2014-9680", "impact": "Multiple vulnerabilities existed in sudo versions prior to 1.7.10p9, the most serious of which may allow an attacker access to arbitrary files", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "sudo", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.5.27, including one which may have led to remote code execution. This issue was addressed by updating PHP to version 5.5.27.", "id": "CVE-2014-9705", "impact": "Multiple vulnerabilities in PHP", "links": [ "https://support.apple.com/en-us/HT205267" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.5.27, including one which may have led to remote code execution. This issue was addressed by updating PHP to version 5.5.27.", "id": "CVE-2014-9709", "impact": "Multiple vulnerabilities in PHP", "links": [ "https://support.apple.com/en-us/HT205267" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2" ], "credit": "", "description": "Multiple vulnerabilities existed in OpenSSL 0.9.8zc, including one that may allow an attacker to intercept connections to a server that supports export-grade ciphers. These issues were addressed by updating OpenSSL to version 0.9.8zd.", "id": "CVE-2015-0204", "impact": "Multiple vulnerabilities in OpenSSL", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "OpenSSL", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.3" ], "credit": "", "description": "Multiple issues existed in OpenSSL 0.9.8zd which were addressed by updating OpenSSL to version 0.9.8zf.", "id": "CVE-2015-0209", "impact": "Multiple issues exist in OpenSSL, including one that may allow an attacker to intercept connections to a server that supports export-grade ciphers", "links": [ "https://support.apple.com/en-us/HT204942" ], "module": "OpenSSL", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4", "OS X Yosemite v10.10.5 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Apache versions prior to 2.4.16. These issues were addressed by updating Apache to version 2.4.16.", "id": "CVE-2015-0228", "impact": "Multiple vulnerabilities in Apache, the most serious of which may allow a remote attacker to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT205031", "https://support.apple.com/en-us/HT205219" ], "module": "apache", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.5.27, including one which may have led to remote code execution. This issue was addressed by updating PHP to version 5.5.27.", "id": "CVE-2015-0231", "impact": "Multiple vulnerabilities in PHP", "links": [ "https://support.apple.com/en-us/HT205267" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.5.27, including one which may have led to remote code execution. This issue was addressed by updating PHP to version 5.5.27.", "id": "CVE-2015-0232", "impact": "Multiple vulnerabilities in PHP", "links": [ "https://support.apple.com/en-us/HT205267" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later", "OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.5.29 and 5.4.45. These were addressed by updating PHP to versions 5.5.29 and 5.4.45.", "id": "CVE-2015-0235", "impact": "Multiple vulnerabilities in PHP", "links": [ "https://support.apple.com/en-us/HT204942", "https://support.apple.com/en-us/HT205267", "https://support.apple.com/en-us/HT205375" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4", "OS X Yosemite v10.10.5 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in PostgreSQL versions prior to 9.3.9. These issues were addressed by updating PostgreSQL to version 9.3.9.", "id": "CVE-2015-0241", "impact": "Multiple vulnerabilities in PostgreSQL, the most serious of which may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205031", "https://support.apple.com/en-us/HT205219" ], "module": "PostgreSQL", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4", "OS X Yosemite v10.10.5 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in PostgreSQL versions prior to 9.3.9. These issues were addressed by updating PostgreSQL to version 9.3.9.", "id": "CVE-2015-0242", "impact": "Multiple vulnerabilities in PostgreSQL, the most serious of which may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205031", "https://support.apple.com/en-us/HT205219" ], "module": "PostgreSQL", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4", "OS X Yosemite v10.10.5 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in PostgreSQL versions prior to 9.3.9. These issues were addressed by updating PostgreSQL to version 9.3.9.", "id": "CVE-2015-0243", "impact": "Multiple vulnerabilities in PostgreSQL, the most serious of which may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205031", "https://support.apple.com/en-us/HT205219" ], "module": "PostgreSQL", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4", "OS X Yosemite v10.10.5 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in PostgreSQL versions prior to 9.3.9. These issues were addressed by updating PostgreSQL to version 9.3.9.", "id": "CVE-2015-0244", "impact": "Multiple vulnerabilities in PostgreSQL, the most serious of which may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205031", "https://support.apple.com/en-us/HT205219" ], "module": "PostgreSQL", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.4 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in svn versions prior to 1.7.19. These issues were addressed by updating svn to version 1.7.20.", "id": "CVE-2015-0248", "impact": "Multiple vulnerabilities existed in svn versions prior to 1.7.19", "links": [ "https://support.apple.com/en-us/HT205217" ], "module": "subversion", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.4 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in svn versions prior to 1.7.19. These issues were addressed by updating svn to version 1.7.20.", "id": "CVE-2015-0251", "impact": "Multiple vulnerabilities existed in svn versions prior to 1.7.19", "links": [ "https://support.apple.com/en-us/HT205217" ], "module": "subversion", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4", "OS X Yosemite v10.10.5 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Apache versions prior to 2.4.16. These issues were addressed by updating Apache to version 2.4.16.", "id": "CVE-2015-0253", "impact": "Multiple vulnerabilities in Apache, the most serious of which may allow a remote attacker to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT205031", "https://support.apple.com/en-us/HT205219" ], "module": "apache", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later", "OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.5.29 and 5.4.45. These were addressed by updating PHP to versions 5.5.29 and 5.4.45.", "id": "CVE-2015-0273", "impact": "Multiple vulnerabilities in PHP", "links": [ "https://support.apple.com/en-us/HT204942", "https://support.apple.com/en-us/HT205267", "https://support.apple.com/en-us/HT205375" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later", "OS X Yosemite v10.10 to v10.10.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "", "description": "Multiple vulnerabilities existed in OpenSSL versions prior to 0.9.8zg. These were addressed by updating OpenSSL to version 0.9.8zg.", "id": "CVE-2015-0286", "impact": "Multiple vulnerabilities in OpenSSL", "links": [ "https://support.apple.com/en-us/HT204942", "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205267" ], "module": "OpenSSL", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later", "OS X Yosemite v10.10 to v10.10.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "", "description": "Multiple vulnerabilities existed in OpenSSL versions prior to 0.9.8zg. These were addressed by updating OpenSSL to version 0.9.8zg.", "id": "CVE-2015-0287", "impact": "Multiple vulnerabilities in OpenSSL", "links": [ "https://support.apple.com/en-us/HT204942", "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205267" ], "module": "OpenSSL", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.3" ], "credit": "", "description": "Multiple issues existed in OpenSSL 0.9.8zd which were addressed by updating OpenSSL to version 0.9.8zf.", "id": "CVE-2015-0288", "impact": "Multiple issues exist in OpenSSL, including one that may allow an attacker to intercept connections to a server that supports export-grade ciphers", "links": [ "https://support.apple.com/en-us/HT204942" ], "module": "OpenSSL", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.3" ], "credit": "", "description": "Multiple issues existed in OpenSSL 0.9.8zd which were addressed by updating OpenSSL to version 0.9.8zf.", "id": "CVE-2015-0289", "impact": "Multiple issues exist in OpenSSL, including one that may allow an attacker to intercept connections to a server that supports export-grade ciphers", "links": [ "https://support.apple.com/en-us/HT204942" ], "module": "OpenSSL", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.3" ], "credit": "", "description": "Multiple issues existed in OpenSSL 0.9.8zd which were addressed by updating OpenSSL to version 0.9.8zf.", "id": "CVE-2015-0293", "impact": "Multiple issues exist in OpenSSL, including one that may allow an attacker to intercept connections to a server that supports export-grade ciphers", "links": [ "https://support.apple.com/en-us/HT204942" ], "module": "OpenSSL", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Mountain Lion v10.8.5 and OS X Mavericks v10.9.5", "OS X Yosemite v10.10.2", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Ian Beer of Google Project Zero", "description": "A type confusion issue existed in IOSurface's handling of serialized objects. The issue was addressed through additional type checking.", "id": "CVE-2015-1061", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT204413", "https://support.apple.com/en-us/HT204423", "https://support.apple.com/en-us/HT204426", "https://support.apple.com/en-us/HT204563" ], "module": "IOSurface", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "TaiG Jailbreak Team", "description": "An issue existed in the developer disk mounting logic which resulted in invalid disk image folders not being deleted. This was addressed through improved error handling.", "id": "CVE-2015-1062", "impact": "A malicious application may be able to create folders in trusted locations in the file system", "links": [ "https://support.apple.com/en-us/HT204423", "https://support.apple.com/en-us/HT204426" ], "module": "MobileStorageMounter", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Roman Digerberg, Sweden", "description": "A null pointer dereference issue existed in CoreTelephony's handling of Class 0 SMS messages. This issue was addressed through improved message validation.", "id": "CVE-2015-1063", "impact": "A remote attacker can cause a device to unexpectedly restart", "links": [ "https://support.apple.com/en-us/HT204423" ], "module": "CoreTelephony", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "", "description": "An unexpected application termination during activation could have caused the device to show the home screen. The issue was addressed through improved error handling during activation.", "id": "CVE-2015-1064", "impact": "A person with physical access to the device may be able to see the home screen of the device even if the device is not activated", "links": [ "https://support.apple.com/en-us/HT204423" ], "module": "Springboard", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.2", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Andrey Belenko of NowSecure", "description": "Multiple buffer overflows existed in the handling of data during iCloud Keychain recovery. These issues were addressed through improved bounds checking.", "id": "CVE-2015-1065", "impact": "An attacker with a privileged network position may be able to execute arbitrary code", "links": [ "https://support.apple.com/en-us/HT204423", "https://support.apple.com/en-us/HT204563" ], "module": "iCloud Keychain", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.2" ], "credit": "Ian Beer of Google Project Zero", "description": "An off by one issue existed in IOAcceleratorFamily. This issue was addressed through improved bounds checking.", "id": "CVE-2015-1066", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT204413" ], "module": "IOAcceleratorFamily", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "Apple Watch Sport, Apple Watch, and Apple Watch Edition", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.2", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Benjamin Beurdouche, Karthikeyan Bhargavan, Antoine Delignat-Lavaud, Alfredo Pironti, and Jean Karim Zinzindohoue of Prosecco at Inria Paris", "description": "Secure Transport accepted short ephemeral RSA keys, usually used only in export-strength RSA cipher suites, on connections using full-strength RSA cipher suites. This issue, also known as FREAK, only affected connections to servers which support export-strength RSA cipher suites, and was addressed by removing support for ephemeral RSA keys.", "id": "CVE-2015-1067", "impact": "An attacker with a privileged network position may intercept SSL/TLS connections", "links": [ "https://support.apple.com/en-us/HT204413", "https://support.apple.com/en-us/HT204423", "https://support.apple.com/en-us/HT204426", "https://support.apple.com/en-us/HT204870" ], "module": "Secure Transport", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.2", "Windows 8 and Windows 7", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-1068", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204560", "https://support.apple.com/en-us/HT204661", "https://support.apple.com/en-us/HT204662", "https://support.apple.com/en-us/HT204949" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.2", "OS X Yosemite v10.10 to v10.10.2", "Windows 8 and Windows 7", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-1069", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204560", "https://support.apple.com/en-us/HT204659", "https://support.apple.com/en-us/HT204661", "https://support.apple.com/en-us/HT204662", "https://support.apple.com/en-us/HT204949" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.2", "Windows 8 and Windows 7", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-1070", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204560", "https://support.apple.com/en-us/HT204661", "https://support.apple.com/en-us/HT204662", "https://support.apple.com/en-us/HT204949" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.2", "Windows 8 and Windows 7", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-1071", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204560", "https://support.apple.com/en-us/HT204661", "https://support.apple.com/en-us/HT204662", "https://support.apple.com/en-us/HT204949" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.2", "Windows 8 and Windows 7", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-1072", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204560", "https://support.apple.com/en-us/HT204661", "https://support.apple.com/en-us/HT204662", "https://support.apple.com/en-us/HT204949" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.2", "Windows 8 and Windows 7", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-1073", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204560", "https://support.apple.com/en-us/HT204661", "https://support.apple.com/en-us/HT204662", "https://support.apple.com/en-us/HT204949" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.2", "Windows 8 and Windows 7", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-1074", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204560", "https://support.apple.com/en-us/HT204661", "https://support.apple.com/en-us/HT204662", "https://support.apple.com/en-us/HT204949" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.2", "Windows 8 and Windows 7" ], "credit": "Google Chrome Security team", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-1075", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204560", "https://support.apple.com/en-us/HT204949" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.2", "Windows 8 and Windows 7", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-1076", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204560", "https://support.apple.com/en-us/HT204661", "https://support.apple.com/en-us/HT204662", "https://support.apple.com/en-us/HT204949" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.2", "Windows 8 and Windows 7", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-1077", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204560", "https://support.apple.com/en-us/HT204661", "https://support.apple.com/en-us/HT204662", "https://support.apple.com/en-us/HT204949" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.2", "Windows 8 and Windows 7", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-1078", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204560", "https://support.apple.com/en-us/HT204661", "https://support.apple.com/en-us/HT204662", "https://support.apple.com/en-us/HT204949" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.2", "Windows 8 and Windows 7", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-1079", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204560", "https://support.apple.com/en-us/HT204661", "https://support.apple.com/en-us/HT204662", "https://support.apple.com/en-us/HT204949" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.2", "Windows 8 and Windows 7", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-1080", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204560", "https://support.apple.com/en-us/HT204661", "https://support.apple.com/en-us/HT204662", "https://support.apple.com/en-us/HT204949" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.2", "Windows 8 and Windows 7", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-1081", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204560", "https://support.apple.com/en-us/HT204661", "https://support.apple.com/en-us/HT204662", "https://support.apple.com/en-us/HT204949" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.2", "Windows 8 and Windows 7", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-1082", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204560", "https://support.apple.com/en-us/HT204661", "https://support.apple.com/en-us/HT204662", "https://support.apple.com/en-us/HT204949" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.2", "Windows 8 and Windows 7", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-1083", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204560", "https://support.apple.com/en-us/HT204661", "https://support.apple.com/en-us/HT204662", "https://support.apple.com/en-us/HT204949" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.2", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "A user interface inconsistency existed in Safari that allowed an attacker to misrepresent the URL. This issue was addressed through improved user interface consistency checks.", "id": "CVE-2015-1084", "impact": "Inconsistent user interface may prevent users from discerning a phishing attack", "links": [ "https://support.apple.com/en-us/HT204560", "https://support.apple.com/en-us/HT204661" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Elias Limneos", "description": "iOS allowed access to an interface which allowed attempts to confirm the user's passcode. This issue was addressed with improved entitlement checking.", "id": "CVE-2015-1085", "impact": "A malicious application may be able to guess the user's passcode", "links": [ "https://support.apple.com/en-us/HT204661" ], "module": "AppleKeyStore", "rsr": "", "update": "May 17, 2017" }, { "available": [ "Apple TV 3rd generation and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "", "description": "A validation issue existed in IOKit objects used by an audio driver. This issue was addressed through improved validation of metadata.", "id": "CVE-2015-1086", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT204661", "https://support.apple.com/en-us/HT204662" ], "module": "Audio Drivers", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "TaiG Jailbreak Team", "description": "An issue existed in the relative path evaluation logic of the backup system. This issues was addressed through improved path evaluation.", "id": "CVE-2015-1087", "impact": "An attacker may be able to use the backup system to access restricted areas of the file system", "links": [ "https://support.apple.com/en-us/HT204661" ], "module": "Backup", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.2", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "", "description": "An input validation issue existed within URL processing. This issue was addressed through improved URL validation.", "id": "CVE-2015-1088", "impact": "Visiting a maliciously crafted website may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204659", "https://support.apple.com/en-us/HT204661" ], "module": "CFURL", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.2", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Niklas Keller (http://kelunik.com)", "description": "A cross-domain cookie issue existed in redirect handling. Cookies set in a redirect response could be passed on to a redirect target belonging to another origin. The issue was address through improved handling of redirects.", "id": "CVE-2015-1089", "impact": "Cookies belonging to one origin may be sent to another origin", "links": [ "https://support.apple.com/en-us/HT204659", "https://support.apple.com/en-us/HT204661" ], "module": "CFNetwork", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "", "description": "Clearing Safari's history did not clear saved HTTP Strict Transport Security state. The issue was addressed through improved data deletion.", "id": "CVE-2015-1090", "impact": "A user may be unable to fully delete browsing history", "links": [ "https://support.apple.com/en-us/HT204661" ], "module": "CFNetwork", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.2", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Diego Torres (http://dtorres.me)", "description": "A cross-domain HTTP request headers issue existed in redirect handling. HTTP request headers sent in a redirect response could be passed on to another origin. The issue was addressed through improved handling of redirects.", "id": "CVE-2015-1091", "impact": "Authentication credentials may be sent to a server on another origin", "links": [ "https://support.apple.com/en-us/HT204659", "https://support.apple.com/en-us/HT204661" ], "module": "CFNetwork Session", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "Apple Watch Sport, Apple Watch, and Apple Watch Edition", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Ikuya Fukumoto", "description": "An XML External Entity issue existed in NSXMLParser's handling of XML. This issue was addressed by not loading external entities across origins.", "id": "CVE-2015-1092", "impact": "An application using NSXMLParser may be misused to disclose information", "links": [ "https://support.apple.com/en-us/HT204661", "https://support.apple.com/en-us/HT204662", "https://support.apple.com/en-us/HT204870" ], "module": "Foundation", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, and Apple Watch Edition", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Marc Schoenefeld", "description": "A memory corruption issue existed in the processing of font files. This issue was addressed through improved bounds checking.", "id": "CVE-2015-1093", "impact": "Processing a maliciously crafted font file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204659", "https://support.apple.com/en-us/HT204661", "https://support.apple.com/en-us/HT204870" ], "module": "FontParser", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "Apple Watch Sport, Apple Watch, and Apple Watch Edition", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Cererdlong of Alibaba Mobile Security Team", "description": "An issue existed in IOAcceleratorFamily that led to the disclosure of kernel memory content. This issue was addressed by removing unneeded code.", "id": "CVE-2015-1094", "impact": "A malicious application may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT204661", "https://support.apple.com/en-us/HT204662", "https://support.apple.com/en-us/HT204870" ], "module": "IOAcceleratorFamily", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Yosemite v10.10 to v10.10.2", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Andrew Church", "description": "A memory corruption issue existed in an IOHIDFamily API. This issue was addressed through improved memory handling.", "id": "CVE-2015-1095", "impact": "A malicious HID device may be able to cause arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204659", "https://support.apple.com/en-us/HT204661", "https://support.apple.com/en-us/HT204662" ], "module": "IOHIDFamily", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "Apple Watch Sport, Apple Watch, and Apple Watch Edition", "OS X Yosemite v10.10 to v10.10.2", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Ilja van Sprundel of IOActive", "description": "An issue existed in IOHIDFamily that led to the disclosure of kernel memory content. This issue was addressed through improved bounds checking.", "id": "CVE-2015-1096", "impact": "A malicious application may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT204659", "https://support.apple.com/en-us/HT204661", "https://support.apple.com/en-us/HT204662", "https://support.apple.com/en-us/HT204870" ], "module": "IOHIDFamily", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Barak Gabai of the IBM X-Force Application Security Research Team", "description": "An issue existed in MobileFrameBuffer that led to the disclosure of kernel memory content. This issue was addressed through improved bounds checking.", "id": "CVE-2015-1097", "impact": "A malicious application may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT204661", "https://support.apple.com/en-us/HT204662" ], "module": "IOMobileFramebuffer", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Christopher Hickstein", "description": "A memory corruption issue existed in the handling of iWork files. This issue was addressed through improved memory handling.", "id": "CVE-2015-1098", "impact": "Opening a maliciously crafted iWork file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204659", "https://support.apple.com/en-us/HT204661" ], "module": "iWork Viewer", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "Apple Watch Sport, Apple Watch, and Apple Watch Edition", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Mark Mentovai of Google Inc.", "description": "A race condition existed in the kernel's setreuid system call. This issue was addressed through improved state management.", "id": "CVE-2015-1099", "impact": "A malicious application may be able to cause a system denial of service", "links": [ "https://support.apple.com/en-us/HT204659", "https://support.apple.com/en-us/HT204661", "https://support.apple.com/en-us/HT204662", "https://support.apple.com/en-us/HT204870" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "Apple Watch Sport, Apple Watch, and Apple Watch Edition", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Maxime Villard of m00nbsd", "description": "An out of bounds memory access issue existed in the kernel. This issue was addressed through improved memory handling.", "id": "CVE-2015-1100", "impact": "A malicious application may be able to cause unexpected system termination or read kernel memory", "links": [ "https://support.apple.com/en-us/HT204659", "https://support.apple.com/en-us/HT204661", "https://support.apple.com/en-us/HT204662", "https://support.apple.com/en-us/HT204870" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "Apple Watch Sport, Apple Watch, and Apple Watch Edition", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "lokihardt@ASRT working with HP's Zero Day Initiative", "description": "A memory corruption issue existed in the kernel. This issue was addressed through improved memory handling.", "id": "CVE-2015-1101", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT204659", "https://support.apple.com/en-us/HT204661", "https://support.apple.com/en-us/HT204662", "https://support.apple.com/en-us/HT204870" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "Apple Watch Sport, Apple Watch, and Apple Watch Edition", "OS X Yosemite v10.10 to v10.10.2", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Andrey Khudyakov and Maxim Zhuravlev of Kaspersky Lab", "description": "A state inconsistency existed in the processing of TCP headers. This issue was addressed through improved state handling.", "id": "CVE-2015-1102", "impact": "An attacker with a privileged network position may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT204659", "https://support.apple.com/en-us/HT204661", "https://support.apple.com/en-us/HT204662", "https://support.apple.com/en-us/HT204870" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "Apple Watch Sport, Apple Watch, and Apple Watch Edition", "OS X Yosemite v10.10 to v10.10.2", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Zimperium Mobile Security Labs", "description": "ICMP redirects were enabled by default. This issue was addressed by disabling ICMP redirects.", "id": "CVE-2015-1103", "impact": "An attacker with a privileged network position may be able to redirect user traffic to arbitrary hosts", "links": [ "https://support.apple.com/en-us/HT204659", "https://support.apple.com/en-us/HT204661", "https://support.apple.com/en-us/HT204662", "https://support.apple.com/en-us/HT204870" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "Apple Watch Sport, Apple Watch, and Apple Watch Edition", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Stephen Roettger of the Google Security Team", "description": "The system would treat some IPv6 packets from remote network interfaces as local packets. The issue was addressed by rejecting these packets.", "id": "CVE-2015-1104", "impact": "A remote attacker may be able to bypass network filters", "links": [ "https://support.apple.com/en-us/HT204659", "https://support.apple.com/en-us/HT204661", "https://support.apple.com/en-us/HT204662", "https://support.apple.com/en-us/HT204870" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "Apple Watch Sport, Apple Watch, and Apple Watch Edition", "OS X Yosemite v10.10 to v10.10.2", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Kenton Varda of Sandstorm.io", "description": "A state inconsistency issue existed in the handling of TCP out of band data. This issue was addressed through improved state management.", "id": "CVE-2015-1105", "impact": "A remote attacker may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT204659", "https://support.apple.com/en-us/HT204661", "https://support.apple.com/en-us/HT204662", "https://support.apple.com/en-us/HT204870" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Jarrod Dwenger, Steve Favorito, Paul Reedy of ConocoPhillips, Pedro Tavares of Molecular Biophysics at UCIBIO/FCT/UNL, De Paul Sunny, Christian Still of Evolve Media, Canada", "description": "When using Bluetooth keyboards, QuickType could learn users' passcodes. This issue was addressed by preventing QuickType from being displayed on the lockscreen.", "id": "CVE-2015-1106", "impact": "QuickType could learn users' passcodes", "links": [ "https://support.apple.com/en-us/HT204661" ], "module": "Keyboards", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Brent Erickson, Stuart Ryan of University of Technology, Sydney", "description": "In some circumstances, a device might not erase itself after failed passcode attempts. This issue was addressed through additional enforcement of erasure.", "id": "CVE-2015-1107", "impact": "An attacker in possession of a device may prevent erasing the device after failed passcode attempts", "links": [ "https://support.apple.com/en-us/HT204661" ], "module": "Lock Screen", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "", "description": "In some circumstances, the failed passcode attempt limit was not enforced. This issue was addressed through additional enforcement of this limit.", "id": "CVE-2015-1108", "impact": "An attacker in possession of a device may exceed the maximum number of failed passcode attempts", "links": [ "https://support.apple.com/en-us/HT204661" ], "module": "Lock Screen", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Josh Tway of IPVanish", "description": "An issue existed in the handling of VPN configuration logs. This issue was addressed by removing logging of credentials.", "id": "CVE-2015-1109", "impact": "An attacker in possession of a device may be able to recover VPN credentials", "links": [ "https://support.apple.com/en-us/HT204661" ], "module": "NetworkExtension", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Alex Selivanov", "description": "When downloading assets for podcast a user was subscribed to, unique identifiers were sent to external servers. This issue was resolved by removing these identifiers.", "id": "CVE-2015-1110", "impact": "Unnecessary information may be sent to external servers when downloading podcast assets", "links": [ "https://support.apple.com/en-us/HT204661", "https://support.apple.com/en-us/HT204662" ], "module": "Podcasts", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Frode Moe of LastFriday.no", "description": "Clearing Safari's history did not clear \"Recently closed tabs\". The issue was addressed through improved data deletion.", "id": "CVE-2015-1111", "impact": "A user may be unable to fully delete browsing history", "links": [ "https://support.apple.com/en-us/HT204661" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.2", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "William Breuer, The Netherlands", "description": "A state management issue existed in Safari that resulted in users' browsing history not being purged from history.plist. This issue was addressed by improved state management.", "id": "CVE-2015-1112", "impact": "Users' browsing history may not be completely purged", "links": [ "https://support.apple.com/en-us/HT204658", "https://support.apple.com/en-us/HT204661" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Andreas Kurtz of NESO Security Labs, Markus Tro\u00dfbach of Heilbronn University", "description": "An information disclosure issue existed in the third-party app sandbox. This issue was addressed by improving the sandbox profile.", "id": "CVE-2015-1113", "impact": "A malicious application may be able to access phone numbers or email addresses of recent contacts", "links": [ "https://support.apple.com/en-us/HT204661" ], "module": "Sandbox Profiles", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "", "description": "An information disclosure issue existed in the third-party app sandbox. This issue was addressed by improving the sandbox profile.", "id": "CVE-2015-1114", "impact": "Hardware identifiers may be accessible by third-party apps", "links": [ "https://support.apple.com/en-us/HT204661", "https://support.apple.com/en-us/HT204662" ], "module": "Sandbox Profiles", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Andreas Kurtz of NESO Security Labs, Markus Tro\u00dfbach of Heilbronn University", "description": "An access control issue existed in the telephony subsystem. Sandboxed apps could access restricted telephony functions. This issue was addressed with improved entitlement checking.", "id": "CVE-2015-1115", "impact": "A malicious application may be able to access restricted telephony functions", "links": [ "https://support.apple.com/en-us/HT204661" ], "module": "Telephony", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "The mobile app team at HP Security Voltage, Aaron Rogers of Mint.com, David Edwards of Tech4Tomorrow, David Zhang of Dropbox", "description": "An issue existed in UIKit, which did not blur application snapshots containing sensitive data in the Task Switcher. This issue was addressed by correctly blurring the snapshot.", "id": "CVE-2015-1116", "impact": "Sensitive data may be exposed in application snapshots presented in the Task Switcher", "links": [ "https://support.apple.com/en-us/HT204661" ], "module": "UIKit View", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "Apple Watch Sport, Apple Watch, and Apple Watch Edition", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Mark Mentovai of Google Inc.", "description": "setreuid and setregid system calls failed to drop privileges permanently. This issue was addressed by correctly dropping privileges.", "id": "CVE-2015-1117", "impact": "A malicious application may escalate privileges using a compromised service intended to run with reduced privileges", "links": [ "https://support.apple.com/en-us/HT204659", "https://support.apple.com/en-us/HT204661", "https://support.apple.com/en-us/HT204662", "https://support.apple.com/en-us/HT204870" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Yosemite v10.10 to v10.10.2", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Zhaofeng Chen, Hui Xue, Yulong Zhang, and Tao Wei of FireEye, Inc.", "description": "A memory corruption issue existed in the handling of configuration profiles. This issue was addressed through improved bounds checking.", "id": "CVE-2015-1118", "impact": "Processing a maliciously crafted configuration profile may lead to unexpected application termination", "links": [ "https://support.apple.com/en-us/HT204659", "https://support.apple.com/en-us/HT204661", "https://support.apple.com/en-us/HT204662" ], "module": "libnetcore", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.2", "Windows 8 and Windows 7", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Renata Hodovan of University of Szeged / Samsung Electronics", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-1119", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204658", "https://support.apple.com/en-us/HT204661", "https://support.apple.com/en-us/HT204662", "https://support.apple.com/en-us/HT204949" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.2", "Windows 8 and Windows 7", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-1120", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204658", "https://support.apple.com/en-us/HT204661", "https://support.apple.com/en-us/HT204662", "https://support.apple.com/en-us/HT204949" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.2", "Windows 8 and Windows 7", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-1121", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204658", "https://support.apple.com/en-us/HT204661", "https://support.apple.com/en-us/HT204662", "https://support.apple.com/en-us/HT204949" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.2", "Windows 8 and Windows 7", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-1122", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204658", "https://support.apple.com/en-us/HT204661", "https://support.apple.com/en-us/HT204662", "https://support.apple.com/en-us/HT204949" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Randy Luecke and Anoop Menon of Google Inc.", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-1123", "impact": "Visiting a maliciously crafted website may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204661", "https://support.apple.com/en-us/HT204662" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 3rd generation and later", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.2", "Windows 8 and Windows 7", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-1124", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204658", "https://support.apple.com/en-us/HT204661", "https://support.apple.com/en-us/HT204662", "https://support.apple.com/en-us/HT204949" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Phillip Moon and Matt Weston of www.sandfield.co.nz", "description": "An issue existed when handling touch events. A tap could propagate to another website. The issue was addressed through improved event handling.", "id": "CVE-2015-1125", "impact": "Visiting a maliciously crafted website may lead to a user invoking a click on another website", "links": [ "https://support.apple.com/en-us/HT204661" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.2", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Jouko Pynnonen of Klikki Oy", "description": "The screen which reports an untrusted Wi-Fi certificate had only one button which trusted the certificate. A user who did not wish to use the Wi-Fi access point would have had to press the home or lock buttons to escape the screen. This issue was addressed by adding a visible 'Cancel' button.", "id": "CVE-2015-1126", "impact": "A user's password might be sent to an untrusted Wi-Fi access point", "links": [ "https://support.apple.com/en-us/HT204658", "https://support.apple.com/en-us/HT204661" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.2" ], "credit": "Tyler C", "description": "A state management issue existed in Safari that inadvertently indexed users' browsing history when in private browsing mode. This issue was addressed by improved state management.", "id": "CVE-2015-1127", "impact": "Users' browsing history in private mode may be indexed", "links": [ "https://support.apple.com/en-us/HT204658" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.2" ], "credit": "Joseph Winn of Credit Union Geek", "description": "Responding to push notification requests in private browsing mode revealed users' browsing history. This issue was addressed by disabling push notification prompts in private browsing mode.", "id": "CVE-2015-1128", "impact": "Notifications preferences may reveal users' browsing history in private browsing mode", "links": [ "https://support.apple.com/en-us/HT204658" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.2", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Stefan Kraus of fluid Operations AG, Sylvain Munaut of Whatever s.a.", "description": "An issue existed in Safari's client certificate matching for SSL authentication. This issue was addressed through improved matching of valid client certificates.", "id": "CVE-2015-1129", "impact": "Users may be tracked by malicious websites using client certificates", "links": [ "https://support.apple.com/en-us/HT204658", "https://support.apple.com/en-us/HT205212" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.2" ], "credit": "Emil Kvarnhammar at TrueSec", "description": "An issue existed when checking XPC entitlements. This issue was addressed with improved entitlement checking.", "id": "CVE-2015-1130", "impact": "A process may gain admin privileges without properly authenticating", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "Admin Framework", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2" ], "credit": "Ian Beer of Google Project Zero", "description": "The certificate trust policy was updated. View the", "id": "CVE-2015-1131", "impact": "Update to the certificate trust policy", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "ATS", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2" ], "credit": "Ian Beer of Google Project Zero", "description": "The certificate trust policy was updated. View the", "id": "CVE-2015-1132", "impact": "Update to the certificate trust policy", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "ATS", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2" ], "credit": "Ian Beer of Google Project Zero", "description": "The certificate trust policy was updated. View the", "id": "CVE-2015-1133", "impact": "Update to the certificate trust policy", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "ATS", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2" ], "credit": "Ian Beer of Google Project Zero", "description": "The certificate trust policy was updated. View the", "id": "CVE-2015-1134", "impact": "Update to the certificate trust policy", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "ATS", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2" ], "credit": "Ian Beer of Google Project Zero", "description": "The certificate trust policy was updated. View the", "id": "CVE-2015-1135", "impact": "Update to the certificate trust policy", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "ATS", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2" ], "credit": "Apple", "description": "A use-after-free issue existed in CoreAnimation. This issue was addressed through improved mutex management.", "id": "CVE-2015-1136", "impact": "Visiting a maliciously crafted website may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "CoreAnimation", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2" ], "credit": "Frank Graziano and John Villamil of the Yahoo Pentest Team", "description": "A NULL pointer dereference existed in NVIDIA graphics driver's handling of certain IOService userclient types. This issue was addressed through additional context validation.", "id": "CVE-2015-1137", "impact": "A local user may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "Graphics Driver", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.2" ], "credit": "Izik Eidus and Alex Fishman", "description": "An input validation issue existed in the hypervisor framework. This issue was addressed through improved input validation.", "id": "CVE-2015-1138", "impact": "A local application may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "Hypervisor", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2" ], "credit": "Apple", "description": "A memory corruption issue existed in the handling of .sgi files. This issue was addressed through improved bounds checking.", "id": "CVE-2015-1139", "impact": "Processing a maliciously crafted .sgi file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2" ], "credit": "lokihardt@ASRT working with HP's Zero Day Initiative, Luca Todesco, Vitaliy Toropov working with HP's Zero Day Initiative (ZDI)", "description": "A buffer overflow issue existed in IOHIDFamily. This issue was addressed through improved memory handling.", "id": "CVE-2015-1140", "impact": "A local user may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "IOHIDFamily", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.2" ], "credit": "Ole Andre Vadla Ravnas of www.frida.re", "description": "An issue existed in the handling of virtual memory operations within the kernel. The issue is fixed through improved handling of the mach_vm_read operation.", "id": "CVE-2015-1141", "impact": "A local user may be able to cause unexpected system shutdown", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.2" ], "credit": "", "description": "An input validation issue existed in LaunchServices's handling of application localization data. This issue was addressed through improved validation of localization data.", "id": "CVE-2015-1142", "impact": "A local user may be able to cause the Finder to crash", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "LaunchServices", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2" ], "credit": "Apple", "description": "A type confusion issue existed in LaunchServices's handling of localized strings. This issue was addressed through additional bounds checking.", "id": "CVE-2015-1143", "impact": "A local user may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "LaunchServices", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2" ], "credit": "Apple", "description": "A buffer overflow existed in the way Uniform Type Identifiers were handled. This issue was addressed with improved bounds checking.", "id": "CVE-2015-1144", "impact": "A local user may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "UniformTypeIdentifiers", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2" ], "credit": "", "description": "Applications containing specially crafted bundles may have been able to launch without a completely valid signature. This issue was addressed by adding additional checks.", "id": "CVE-2015-1145", "impact": "Tampered applications may not be prevented from launching", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "Security - Code Signing", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2" ], "credit": "", "description": "Applications containing specially crafted bundles may have been able to launch without a completely valid signature. This issue was addressed by adding additional checks.", "id": "CVE-2015-1146", "impact": "Tampered applications may not be prevented from launching", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "Security - Code Signing", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2" ], "credit": "Apple", "description": "If an Open Directory client was bound to an OS X Server but did not install the certificates of the OS X Server, and then a user on that client changed their password, the password change request was sent over the network without encryption. This issue was addressed by having the client require encryption for this case.", "id": "CVE-2015-1147", "impact": "A password might be sent unencrypted over the network when using Open Directory from OS X Server", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "Open Directory Client", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.2" ], "credit": "Apple", "description": "In some circumstances, Screen Sharing may log a user's password that is not readable by other users on the system. This issue was addressed by removing logging of credential.", "id": "CVE-2015-1148", "impact": "A user's password may be logged to a local file", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "Screen Sharing", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 or later" ], "credit": "", "description": "A integer overflow issue existed in the simulator that could lead to conversions returning unexpected values. This issue was addressed by using improved checks.", "id": "CVE-2015-1149", "impact": "Swift programs performing certain type conversions may receive unexpected values", "links": [ "https://support.apple.com/en-us/HT204663" ], "module": "Swift", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 or later" ], "credit": "Phil Schumm of the Research Computing Group, University of Chicago", "description": "An incorrect path was referenced in the firewall configuration files. This issue was addressed by correcting the path to point to the correct configuration file.", "id": "CVE-2015-1150", "impact": "Custom firewall rules may not be enforced", "links": [ "https://support.apple.com/en-us/HT204201" ], "module": "Firewall", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 or later" ], "credit": "", "description": "Access controls for the Activity and People wiki pages were not enforced on iPad clients. This issue was addressed by improving access control verification.", "id": "CVE-2015-1151", "impact": "Access controls may not be enforced on mobile devices", "links": [ "https://support.apple.com/en-us/HT204201" ], "module": "Wiki Server", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.3", "Windows 7 and later", "Windows 8 and Windows 7", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "A redirection issue existed in the handling of certain network connections. This issue was addressed through improved resource validation.", "id": "CVE-2015-1152", "impact": "An attacker in a privileged network position may be able to obtain encrypted SMB credentials", "links": [ "https://support.apple.com/en-us/HT204826", "https://support.apple.com/en-us/HT204941", "https://support.apple.com/en-us/HT204949", "https://support.apple.com/en-us/HT205221" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.3", "Windows 7 and later", "Windows 8 and Windows 7", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "A redirection issue existed in the handling of certain network connections. This issue was addressed through improved resource validation.", "id": "CVE-2015-1153", "impact": "An attacker in a privileged network position may be able to obtain encrypted SMB credentials", "links": [ "https://support.apple.com/en-us/HT204826", "https://support.apple.com/en-us/HT204941", "https://support.apple.com/en-us/HT204949", "https://support.apple.com/en-us/HT205221" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.3", "Windows 8 and Windows 7" ], "credit": "", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-1154", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204826", "https://support.apple.com/en-us/HT204949" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Joe Vennix of Rapid7 Inc. working with HP's Zero Day Initiative", "description": "A state management issue existed in Safari that allowed unprivileged origins to access contents on the filesystem. This issue was addressed through improved state management.", "id": "CVE-2015-1155", "impact": "Visiting a maliciously crafted website may compromise user information on the filesystem", "links": [ "https://support.apple.com/en-us/HT204826", "https://support.apple.com/en-us/HT204941" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Zachary Durber of Moodle", "description": "An issue existed in the handling of the rel attribute in anchor elements. Target objects could get unauthorized access to link objects. This issue was addressed through improved link type adherence.", "id": "CVE-2015-1156", "impact": "Visiting a malicious website by clicking a link may lead to user interface spoofing", "links": [ "https://support.apple.com/en-us/HT204826", "https://support.apple.com/en-us/HT204941" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in the processing of text files. These issues were addressed through improved memory handling.", "id": "CVE-2015-1157", "impact": "Applications that use CoreText may be vulnerable to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204941", "https://support.apple.com/en-us/HT204942", "https://support.apple.com/en-us/HT205221" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.2" ], "credit": "Neel Mehta of Google", "description": "A use after free issue existed in how CUPS handled IPP messages. This issue was addressed through improved reference counting.", "id": "CVE-2015-1158", "impact": "A local user may be able to execute arbitrary code with root privileges", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "CUPS", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.2" ], "credit": "Neel Mehta of Google", "description": "A cross-site scripting issue existed in the CUPS web interface. This issue was addressed through improved output sanitization.", "id": "CVE-2015-1159", "impact": "In certain configurations, a remote attacker may be able to submit arbitrary print jobs", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "CUPS", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.2", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Elisha Eshed, Roy Iarchy, and Yair Amit of Skycure Security Research", "description": "A NULL pointer dereference issue existed in the handling of X.509 certificates. This issue was addressed through improved input validation.", "id": "CVE-2015-1160", "impact": "Processing a maliciously crafted X.509 certificate may lead to unexpected application termination", "links": [ "https://support.apple.com/en-us/HT204659", "https://support.apple.com/en-us/HT204661" ], "module": "Secure Transport", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.5 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in BIND versions prior to 9.9.7. These issues were addressed by updating BIND to version 9.9.7.", "id": "CVE-2015-1349", "impact": "Multiple vulnerabilities in BIND, the most severe of which may allow a remote attacker to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT205219" ], "module": "BIND", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.5.27, including one which may have led to remote code execution. This issue was addressed by updating PHP to version 5.5.27.", "id": "CVE-2015-1351", "impact": "Multiple vulnerabilities in PHP", "links": [ "https://support.apple.com/en-us/HT205267" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.5.27, including one which may have led to remote code execution. This issue was addressed by updating PHP to version 5.5.27.", "id": "CVE-2015-1352", "impact": "Multiple vulnerabilities in PHP", "links": [ "https://support.apple.com/en-us/HT205267" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2" ], "credit": "Ryan Tandy", "description": "Multiple input validation issues existed in OpenLDAP. These issues were addressed by improved input validation.", "id": "CVE-2015-1545", "impact": "A remote unauthenticated client may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "OpenLDAP", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.2" ], "credit": "Ryan Tandy", "description": "Multiple input validation issues existed in OpenLDAP. These issues were addressed by improved input validation.", "id": "CVE-2015-1546", "impact": "A remote unauthenticated client may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT204659" ], "module": "OpenLDAP", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4" ], "credit": "", "description": "Multiple vulnerabilities existed in OpenSSL versions prior to 0.9.8zg. These were addressed by updating OpenSSL to version 0.9.8zg.", "id": "CVE-2015-1788", "impact": "Multiple vulnerabilities existed in OpenSSL versions prior to 0.9.8zg, the most serious of which may allow a remote attacker to cause a denial of service.", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "OpenSSL", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4" ], "credit": "", "description": "Multiple vulnerabilities existed in OpenSSL versions prior to 0.9.8zg. These were addressed by updating OpenSSL to version 0.9.8zg.", "id": "CVE-2015-1789", "impact": "Multiple vulnerabilities existed in OpenSSL versions prior to 0.9.8zg, the most serious of which may allow a remote attacker to cause a denial of service.", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "OpenSSL", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4" ], "credit": "", "description": "Multiple vulnerabilities existed in OpenSSL versions prior to 0.9.8zg. These were addressed by updating OpenSSL to version 0.9.8zg.", "id": "CVE-2015-1790", "impact": "Multiple vulnerabilities existed in OpenSSL versions prior to 0.9.8zg, the most serious of which may allow a remote attacker to cause a denial of service.", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "OpenSSL", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4" ], "credit": "", "description": "Multiple vulnerabilities existed in OpenSSL versions prior to 0.9.8zg. These were addressed by updating OpenSSL to version 0.9.8zg.", "id": "CVE-2015-1791", "impact": "Multiple vulnerabilities existed in OpenSSL versions prior to 0.9.8zg, the most serious of which may allow a remote attacker to cause a denial of service.", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "OpenSSL", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4" ], "credit": "", "description": "Multiple vulnerabilities existed in OpenSSL versions prior to 0.9.8zg. These were addressed by updating OpenSSL to version 0.9.8zg.", "id": "CVE-2015-1792", "impact": "Multiple vulnerabilities existed in OpenSSL versions prior to 0.9.8zg, the most serious of which may allow a remote attacker to cause a denial of service.", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "OpenSSL", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3" ], "credit": "", "description": "Multiple issues existed in the authentication of ntp packets being received by configured end-points. These issues were addressed through improved connection state management.", "id": "CVE-2015-1798", "impact": "An attacker in a privileged position may be able to perform a denial of service attack against two ntp clients", "links": [ "https://support.apple.com/en-us/HT204942" ], "module": "ntp", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3" ], "credit": "", "description": "Multiple issues existed in the authentication of ntp packets being received by configured end-points. These issues were addressed through improved connection state management.", "id": "CVE-2015-1799", "impact": "An attacker in a privileged position may be able to perform a denial of service attack against two ntp clients", "links": [ "https://support.apple.com/en-us/HT204942" ], "module": "ntp", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later" ], "credit": "", "description": "Multiple vulnerabilities existed in Ruby versions prior to 2.0.0p645. These were addressed by updating Ruby to version 2.0.0p645.", "id": "CVE-2015-1855", "impact": "Multiple vulnerabilities in Ruby", "links": [ "https://support.apple.com/en-us/HT205267" ], "module": "Ruby", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.5.27, including one which may have led to remote code execution. This issue was addressed by updating PHP to version 5.5.27.", "id": "CVE-2015-2301", "impact": "Multiple vulnerabilities in PHP", "links": [ "https://support.apple.com/en-us/HT205267" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.5.27, including one which may have led to remote code execution. This issue was addressed by updating PHP to version 5.5.27.", "id": "CVE-2015-2305", "impact": "Multiple vulnerabilities in PHP", "links": [ "https://support.apple.com/en-us/HT205267" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.5.27, including one which may have led to remote code execution. This issue was addressed by updating PHP to version 5.5.27.", "id": "CVE-2015-2331", "impact": "Multiple vulnerabilities in PHP", "links": [ "https://support.apple.com/en-us/HT205267" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.5.27, including one which may have led to remote code execution. This issue was addressed by updating PHP to version 5.5.27.", "id": "CVE-2015-2348", "impact": "Multiple vulnerabilities in PHP", "links": [ "https://support.apple.com/en-us/HT205267" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later", "OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.5.27, including one which may have led to remote code execution. This issue was addressed by updating PHP to version 5.5.27.", "id": "CVE-2015-2783", "impact": "Multiple vulnerabilities in PHP", "links": [ "https://support.apple.com/en-us/HT205031", "https://support.apple.com/en-us/HT205267" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later", "OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.5.27, including one which may have led to remote code execution. This issue was addressed by updating PHP to version 5.5.27.", "id": "CVE-2015-2787", "impact": "Multiple vulnerabilities in PHP", "links": [ "https://support.apple.com/en-us/HT205031", "https://support.apple.com/en-us/HT205267" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "", "description": "Multiple vulnerabilities existed in cURL and libcurl prior to 7.38.0. These issues were addressed by updating cURL to version 7.43.0.", "id": "CVE-2015-3143", "impact": "Multiple vulnerabilities in cURL and libcurl prior to 7.38.0, one of which may allow remote attackers to bypass the Same Origin Policy.", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "", "description": "Multiple vulnerabilities existed in cURL and libcurl prior to 7.38.0. These issues were addressed by updating cURL to version 7.43.0.", "id": "CVE-2015-3144", "impact": "Multiple vulnerabilities in cURL and libcurl prior to 7.38.0, one of which may allow remote attackers to bypass the Same Origin Policy.", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "", "description": "Multiple vulnerabilities existed in cURL and libcurl prior to 7.38.0. These issues were addressed by updating cURL to version 7.43.0.", "id": "CVE-2015-3145", "impact": "Multiple vulnerabilities in cURL and libcurl prior to 7.38.0, one of which may allow remote attackers to bypass the Same Origin Policy.", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "", "description": "Multiple vulnerabilities existed in cURL and libcurl prior to 7.38.0. These issues were addressed by updating cURL to version 7.43.0.", "id": "CVE-2015-3148", "impact": "Multiple vulnerabilities in cURL and libcurl prior to 7.38.0, one of which may allow remote attackers to bypass the Same Origin Policy.", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "", "description": "Multiple vulnerabilities existed in cURL and libcurl prior to 7.38.0. These issues were addressed by updating cURL to version 7.43.0.", "id": "CVE-2015-3153", "impact": "Multiple vulnerabilities in cURL and libcurl prior to 7.38.0, one of which may allow remote attackers to bypass the Same Origin Policy.", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.5 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in PostgreSQL versions prior to 9.3.9. These issues were addressed by updating PostgreSQL to version 9.3.9.", "id": "CVE-2015-3165", "impact": "Multiple vulnerabilities in PostgreSQL, the most serious of which may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205219" ], "module": "PostgreSQL", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.5 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in PostgreSQL versions prior to 9.3.9. These issues were addressed by updating PostgreSQL to version 9.3.9.", "id": "CVE-2015-3166", "impact": "Multiple vulnerabilities in PostgreSQL, the most serious of which may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205219" ], "module": "PostgreSQL", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.5 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in PostgreSQL versions prior to 9.3.9. These issues were addressed by updating PostgreSQL to version 9.3.9.", "id": "CVE-2015-3167", "impact": "Multiple vulnerabilities in PostgreSQL, the most serious of which may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205219" ], "module": "PostgreSQL", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4", "OS X Yosemite v10.10.5 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Apache versions prior to 2.4.16. These issues were addressed by updating Apache to version 2.4.16.", "id": "CVE-2015-3183", "impact": "Multiple vulnerabilities in Apache, the most serious of which may allow a remote attacker to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT205031", "https://support.apple.com/en-us/HT205219" ], "module": "apache", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4", "OS X Yosemite v10.10.4 or later", "OS X Yosemite v10.10.5 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Apache versions prior to 2.4.16. These issues were addressed by updating Apache to version 2.4.16.", "id": "CVE-2015-3185", "impact": "Multiple vulnerabilities in Apache, the most serious of which may allow a remote attacker to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT205031", "https://support.apple.com/en-us/HT205217", "https://support.apple.com/en-us/HT205219" ], "module": "apache", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.5.20. These were addressed by updating Apache to version 5.5.27.", "id": "CVE-2015-3307", "impact": "Multiple vulnerabilities existed in PHP 5.5.20, the most serious of which may lead to arbitrary code execution.", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later", "OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.5.27, including one which may have led to remote code execution. This issue was addressed by updating PHP to version 5.5.27.", "id": "CVE-2015-3329", "impact": "Multiple vulnerabilities in PHP", "links": [ "https://support.apple.com/en-us/HT205031", "https://support.apple.com/en-us/HT205267" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later", "OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.5.27, including one which may have led to remote code execution. This issue was addressed by updating PHP to version 5.5.27.", "id": "CVE-2015-3330", "impact": "Multiple vulnerabilities in PHP", "links": [ "https://support.apple.com/en-us/HT205031", "https://support.apple.com/en-us/HT205267" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, and Apple Watch Edition", "Mac OS X v10.6.8 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "", "description": "Multiple vulnerabilities existed in SQLite v3.8.5. These issues were addressed by updating SQLite to version 3.8.10.2.", "id": "CVE-2015-3414", "impact": "Multiple vulnerabilities in SQLite v3.8.5", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205213", "https://support.apple.com/en-us/HT205267" ], "module": "SQLite", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, and Apple Watch Edition", "Mac OS X v10.6.8 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "", "description": "Multiple vulnerabilities existed in SQLite v3.8.5. These issues were addressed by updating SQLite to version 3.8.10.2.", "id": "CVE-2015-3415", "impact": "Multiple vulnerabilities in SQLite v3.8.5", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205213", "https://support.apple.com/en-us/HT205267" ], "module": "SQLite", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, and Apple Watch Edition", "Mac OS X v10.6.8 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "", "description": "Multiple vulnerabilities existed in SQLite v3.8.5. These issues were addressed by updating SQLite to version 3.8.10.2.", "id": "CVE-2015-3416", "impact": "Multiple vulnerabilities in SQLite v3.8.5", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205213", "https://support.apple.com/en-us/HT205267" ], "module": "SQLite", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Brad Hill of Facebook", "description": "An issue existed where Safari would preserve the Origin request header for cross-origin redirects, allowing malicious websites to circumvent CSRF protections. This issue was addressed through improved handling of redirects.", "id": "CVE-2015-3658", "impact": "Visiting a maliciously crafted website may lead to account account takeover", "links": [ "https://support.apple.com/en-us/HT204941", "https://support.apple.com/en-us/HT204950" ], "module": "WebKit Page Loading", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Peter Rutenbar working with HP's Zero Day Initiative", "description": "An insufficient comparison issue existed in SQLite authorizer which allowed invocation of arbitrary SQL functions. This issue was addressed with improved authorization checks.", "id": "CVE-2015-3659", "impact": "Visiting a maliciously crafted webpage may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204941", "https://support.apple.com/en-us/HT204950" ], "module": "WebKit Storage", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.3" ], "credit": "Apple", "description": "An issue existed with PDF-embedded links which could execute JavaScript in a hosting webpage's context. This issue was addressed by restricting the support for JavaScript links.", "id": "CVE-2015-3660", "impact": "Clicking a maliciously crafted link in a PDF embedded in a webpage may lead to cookie theft or user information leakage", "links": [ "https://support.apple.com/en-us/HT204950" ], "module": "WebKit PDF", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3", "Windows 7 and Windows Vista" ], "credit": "G. Geshev working with HP's Zero Day Initiative", "description": "Multiple memory corruption issues existed in QuickTime. These issues were addressed through improved memory handling.", "id": "CVE-2015-3661", "impact": "Processing a maliciously crafted file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204942", "https://support.apple.com/en-us/HT204947" ], "module": "QT Media Foundation", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3", "Windows 7 and Windows Vista" ], "credit": "kdot working with HP's Zero Day Initiative", "description": "Multiple memory corruption issues existed in QuickTime. These issues were addressed through improved memory handling.", "id": "CVE-2015-3662", "impact": "Processing a maliciously crafted file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204942", "https://support.apple.com/en-us/HT204947" ], "module": "QT Media Foundation", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3", "Windows 7 and Windows Vista" ], "credit": "kdot working with HP's Zero Day Initiative", "description": "Multiple memory corruption issues existed in QuickTime. These issues were addressed through improved memory handling.", "id": "CVE-2015-3663", "impact": "Processing a maliciously crafted file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204942", "https://support.apple.com/en-us/HT204947" ], "module": "QT Media Foundation", "rsr": "", "update": "" }, { "available": [ "Windows 7 and Windows Vista" ], "credit": "Andrea Micalizzi (rgod) working with HP's Zero Day Initiative", "description": "Multiple memory corruption issues existed in QuickTime. These issues were addressed through improved memory handling.", "id": "CVE-2015-3664", "impact": "Processing a maliciously crafted file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204947" ], "module": "QT Media Foundation", "rsr": "", "update": "" }, { "available": [ "Windows 7 and Windows Vista" ], "credit": "WanderingGlitch of HP's Zero Day Initiative", "description": "Multiple memory corruption issues existed in QuickTime. These issues were addressed through improved memory handling.", "id": "CVE-2015-3665", "impact": "Processing a maliciously crafted file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204947" ], "module": "QT Media Foundation", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3", "Windows 7 and Windows Vista" ], "credit": "Steven Seeley of Source Incite working with HP's Zero Day Initiative", "description": "Multiple memory corruption issues existed in QuickTime. These issues were addressed through improved memory handling.", "id": "CVE-2015-3666", "impact": "Processing a maliciously crafted file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204942", "https://support.apple.com/en-us/HT204947" ], "module": "QT Media Foundation", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3", "Windows 7 and Windows Vista" ], "credit": "Ryan Pentney, Richard Johnson of Cisco Talos and Kai Lu of Fortinet's FortiGuard Labs", "description": "Multiple memory corruption issues existed in QuickTime. These issues were addressed through improved memory handling.", "id": "CVE-2015-3667", "impact": "Processing a maliciously crafted file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204942", "https://support.apple.com/en-us/HT204947" ], "module": "QT Media Foundation", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3", "Windows 7 and Windows Vista" ], "credit": "Kai Lu of Fortinet's FortiGuard Labs", "description": "Multiple memory corruption issues existed in QuickTime. These issues were addressed through improved memory handling.", "id": "CVE-2015-3668", "impact": "Processing a maliciously crafted file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204942", "https://support.apple.com/en-us/HT204947" ], "module": "QT Media Foundation", "rsr": "", "update": "" }, { "available": [ "Windows 7 and Windows Vista" ], "credit": "kdot working with HP's Zero Day Initiative", "description": "Multiple memory corruption issues existed in QuickTime. These issues were addressed through improved memory handling.", "id": "CVE-2015-3669", "impact": "Processing a maliciously crafted file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204947" ], "module": "QT Media Foundation", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3" ], "credit": "Emil Kvarnhammar at TrueSec", "description": "An issue existed when checking XPC entitlements. This issue was addressed through improved entitlement checking.", "id": "CVE-2015-3671", "impact": "A process may gain admin privileges without proper authentication", "links": [ "https://support.apple.com/en-us/HT204942" ], "module": "Admin Framework", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3" ], "credit": "Emil Kvarnhammar at TrueSec", "description": "An issue existed in the handling of user authentication. This issue was addressed through improved error checking.", "id": "CVE-2015-3672", "impact": "A non-admin user may obtain admin rights", "links": [ "https://support.apple.com/en-us/HT204942" ], "module": "Admin Framework", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.3" ], "credit": "Patrick Wardle of Synack, Emil Kvarnhammar at TrueSec", "description": "Directory Utility was able to be moved and modified to achieve code execution within an entitled process. This issue was addressed by limiting the disk location that writeconfig clients may be executed from.", "id": "CVE-2015-3673", "impact": "An attacker may abuse Directory Utility to gain root privileges", "links": [ "https://support.apple.com/en-us/HT204942" ], "module": "Admin Framework", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.3" ], "credit": "Dean Jerkovich of NCC Group", "description": "A memory corruption issue existed in the AFP server. This issue was addressed through improved memory handling.", "id": "CVE-2015-3674", "impact": "A remote attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204942" ], "module": "afpserver", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.3" ], "credit": "Apple", "description": "The default Apache configuration did not include mod_hfs_apple. If Apache was manually enabled and the configuration was not changed, some files that should not be accessible might have been accessible using a specially crafted URL. This issue was addressed by enabling mod_hfs_apple.", "id": "CVE-2015-3675", "impact": "An attacker may be able to access directories that are protected with HTTP authentication without knowing the correct credentials", "links": [ "https://support.apple.com/en-us/HT204942" ], "module": "apache", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.3" ], "credit": "Chen Liang of KEEN Team", "description": "An issue existed in AppleGraphicsControl which could have led to the disclosure of kernel memory layout. This issue was addressed through improved bounds checking.", "id": "CVE-2015-3676", "impact": "A malicious application may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT204942" ], "module": "AppleGraphicsControl", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3" ], "credit": "an anonymous researcher working with HP's Zero Day Initiative", "description": "An issue existed in LZVN compression that could have led to the disclosure of kernel memory content. This issue was addressed through improved memory handling.", "id": "CVE-2015-3677", "impact": "A malicious application may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT204942" ], "module": "AppleFSCompression", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.3" ], "credit": "Apple", "description": "A memory corruption issue existed in the handling of certain Thunderbolt commands from local processes. This issue was addressed through improved memory handling.", "id": "CVE-2015-3678", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT204942" ], "module": "AppleThunderboltEDMService", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.3" ], "credit": "Pawel Wylecial working with HP's Zero Day Initiative", "description": "Multiple memory corruption issues existed in handling of certain fonts. These issues were addressed through improved memory handling.", "id": "CVE-2015-3679", "impact": "Processing a maliciously crafted font file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204942" ], "module": "ATS", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.3" ], "credit": "Pawel Wylecial working with HP's Zero Day Initiative", "description": "Multiple memory corruption issues existed in handling of certain fonts. These issues were addressed through improved memory handling.", "id": "CVE-2015-3680", "impact": "Processing a maliciously crafted font file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204942" ], "module": "ATS", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.3" ], "credit": "John Villamil (@day6reak), Yahoo Pentest Team", "description": "Multiple memory corruption issues existed in handling of certain fonts. These issues were addressed through improved memory handling.", "id": "CVE-2015-3681", "impact": "Processing a maliciously crafted font file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204942" ], "module": "ATS", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.3" ], "credit": "\u9b4f\u8bfa\u5fb7", "description": "Multiple memory corruption issues existed in handling of certain fonts. These issues were addressed through improved memory handling.", "id": "CVE-2015-3682", "impact": "Processing a maliciously crafted font file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204942" ], "module": "ATS", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3" ], "credit": "Roberto Paleari and Aristide Fattori of Emaze Networks", "description": "A memory corruption issue existed in the Bluetooth HCI interface. This issue was addressed through improved memory handling.", "id": "CVE-2015-3683", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT204942" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "A memory corruption issue existed in handling of certain URL credentials. This issue was addressed through improved memory handling.", "id": "CVE-2015-3684", "impact": "Following a maliciously crafted URL may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204941", "https://support.apple.com/en-us/HT204942" ], "module": "CFNetwork HTTPAuthentication", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in the processing of text files. These issues were addressed through improved bounds checking.", "id": "CVE-2015-3685", "impact": "Processing a maliciously crafted text file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204941", "https://support.apple.com/en-us/HT204942" ], "module": "CoreText", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "John Villamil (@day6reak), Yahoo Pentest Team", "description": "Multiple memory corruption issues existed in the processing of text files. These issues were addressed through improved memory handling.", "id": "CVE-2015-3686", "impact": "Applications that use CoreText may be vulnerable to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204941", "https://support.apple.com/en-us/HT204942", "https://support.apple.com/en-us/HT205221" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "John Villamil (@day6reak), Yahoo Pentest Team", "description": "Multiple memory corruption issues existed in the processing of text files. These issues were addressed through improved memory handling.", "id": "CVE-2015-3687", "impact": "Applications that use CoreText may be vulnerable to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204941", "https://support.apple.com/en-us/HT204942", "https://support.apple.com/en-us/HT205221" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "John Villamil (@day6reak), Yahoo Pentest Team", "description": "Multiple memory corruption issues existed in the processing of text files. These issues were addressed through improved memory handling.", "id": "CVE-2015-3688", "impact": "Applications that use CoreText may be vulnerable to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204941", "https://support.apple.com/en-us/HT204942", "https://support.apple.com/en-us/HT205221" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in the processing of text files. These issues were addressed through improved bounds checking.", "id": "CVE-2015-3689", "impact": "Processing a maliciously crafted text file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204941", "https://support.apple.com/en-us/HT204942" ], "module": "CoreText", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Peter Rutenbar working with HP's Zero Day Initiative", "description": "An information disclosure issue existed in the processing of disk images. This issue was addressed through improved memory management.", "id": "CVE-2015-3690", "impact": "A malicious application may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT204941", "https://support.apple.com/en-us/HT204942" ], "module": "DiskImages", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.3" ], "credit": "Roberto Paleari and Aristide Fattori of Emaze Networks", "description": "An issue existed in the Monitor Control Command Set kernel extension by which a userland process could control the value of a function pointer within the kernel. The issue was addressed by removing the affected interface.", "id": "CVE-2015-3691", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT204942" ], "module": "Display Drivers", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3" ], "credit": "Trammell Hudson of Two Sigma Investments, Xeno Kovah and Corey Kallenberg of LegbaCore LLC, Pedro Vila\u00e7a", "description": "An insufficient locking issue existed with EFI flash when resuming from sleep states. This issue was addressed through improved locking.", "id": "CVE-2015-3692", "impact": "A malicious application with root privileges may be able to modify EFI flash memory", "links": [ "https://support.apple.com/en-us/HT204934", "https://support.apple.com/en-us/HT204942" ], "module": "EFI", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5", "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3" ], "credit": "Mark Seaborn and Thomas Dullien of Google, working from original research by Yoongu Kim et al (2014)", "description": "A disturbance error, also known as Rowhammer, exists with some DDR3 RAM that could have led to memory corruption. This issue was mitigated by increasing memory refresh rates.", "id": "CVE-2015-3693", "impact": "A malicious application may induce memory corruption to escalate privileges", "links": [ "https://support.apple.com/en-us/HT204934", "https://support.apple.com/en-us/HT204942" ], "module": "EFI", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "John Villamil (@day6reak), Yahoo Pentest Team", "description": "A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation.", "id": "CVE-2015-3694", "impact": "Processing a maliciously crafted font file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204941", "https://support.apple.com/en-us/HT204942" ], "module": "FontParser", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3" ], "credit": "Ian Beer of Google Project Zero", "description": "Multiple buffer overflow issues existed in the Intel graphics driver. These were addressed through additional bounds checks.", "id": "CVE-2015-3695", "impact": "Multiple buffer overflow issues exist in the Intel graphics driver, the most serious of which may lead to arbitrary code execution with system privileges", "links": [ "https://support.apple.com/en-us/HT204942" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3" ], "credit": "Ian Beer of Google Project Zero", "description": "Multiple buffer overflow issues existed in the Intel graphics driver. These were addressed through additional bounds checks.", "id": "CVE-2015-3696", "impact": "Multiple buffer overflow issues exist in the Intel graphics driver, the most serious of which may lead to arbitrary code execution with system privileges", "links": [ "https://support.apple.com/en-us/HT204942" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3" ], "credit": "Ian Beer of Google Project Zero", "description": "Multiple buffer overflow issues existed in the Intel graphics driver. These were addressed through additional bounds checks.", "id": "CVE-2015-3697", "impact": "Multiple buffer overflow issues exist in the Intel graphics driver, the most serious of which may lead to arbitrary code execution with system privileges", "links": [ "https://support.apple.com/en-us/HT204942" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3" ], "credit": "Ian Beer of Google Project Zero", "description": "Multiple buffer overflow issues existed in the Intel graphics driver. These were addressed through additional bounds checks.", "id": "CVE-2015-3698", "impact": "Multiple buffer overflow issues exist in the Intel graphics driver, the most serious of which may lead to arbitrary code execution with system privileges", "links": [ "https://support.apple.com/en-us/HT204942" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3" ], "credit": "Ian Beer of Google Project Zero", "description": "Multiple buffer overflow issues existed in the Intel graphics driver. These were addressed through additional bounds checks.", "id": "CVE-2015-3699", "impact": "Multiple buffer overflow issues exist in the Intel graphics driver, the most serious of which may lead to arbitrary code execution with system privileges", "links": [ "https://support.apple.com/en-us/HT204942" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3" ], "credit": "Ian Beer of Google Project Zero", "description": "Multiple buffer overflow issues existed in the Intel graphics driver. These were addressed through additional bounds checks.", "id": "CVE-2015-3700", "impact": "Multiple buffer overflow issues exist in the Intel graphics driver, the most serious of which may lead to arbitrary code execution with system privileges", "links": [ "https://support.apple.com/en-us/HT204942" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3" ], "credit": "Ian Beer of Google Project Zero", "description": "Multiple buffer overflow issues existed in the Intel graphics driver. These were addressed through additional bounds checks.", "id": "CVE-2015-3701", "impact": "Multiple buffer overflow issues exist in the Intel graphics driver, the most serious of which may lead to arbitrary code execution with system privileges", "links": [ "https://support.apple.com/en-us/HT204942" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3" ], "credit": "KEEN Team", "description": "Multiple buffer overflow issues existed in the Intel graphics driver. These were addressed through additional bounds checks.", "id": "CVE-2015-3702", "impact": "Multiple buffer overflow issues exist in the Intel graphics driver, the most serious of which may lead to arbitrary code execution with system privileges", "links": [ "https://support.apple.com/en-us/HT204942" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "A memory corruption issue existed in the processing of .tiff files. This issue was addressed through improved bounds checking.", "id": "CVE-2015-3703", "impact": "Processing a maliciously crafted .tiff file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204941", "https://support.apple.com/en-us/HT204942" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3" ], "credit": "Ian Beer of Google Project Zero", "description": "Several issues existed in how Install.framework's 'runner' setuid binary dropped privileges. This was addressed by properly dropping privileges.", "id": "CVE-2015-3704", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT204942" ], "module": "Install Framework Legacy", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.3" ], "credit": "KEEN Team", "description": "Multiple memory corruption issues existed in IOAcceleratorFamily. These issues were addressed through improved memory handling.", "id": "CVE-2015-3705", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT204942" ], "module": "IOAcceleratorFamily", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.3" ], "credit": "KEEN Team", "description": "Multiple memory corruption issues existed in IOAcceleratorFamily. These issues were addressed through improved memory handling.", "id": "CVE-2015-3706", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT204942" ], "module": "IOAcceleratorFamily", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.3" ], "credit": "Roberto Paleari and Aristide Fattori of Emaze Networks", "description": "Multiple null pointer dereference issues existed in the FireWire driver. These issues were addressed through improved error checking.", "id": "CVE-2015-3707", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT204942" ], "module": "IOFireWireFamily", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.3" ], "credit": "Ian Beer of Google Project Zero", "description": "kextd followed symbolic links while creating a new file. This issue was addressed through improved handling of symbolic links.", "id": "CVE-2015-3708", "impact": "A malicious application may be able to overwrite arbitrary files", "links": [ "https://support.apple.com/en-us/HT204942" ], "module": "kext tools", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.3" ], "credit": "Ian Beer of Google Project Zero", "description": "A time-of-check time-of-use (TOCTOU) race condition condition existed while validating the paths of kernel extensions. This issue was addressed through improved checks to validate the path of the kernel extensions.", "id": "CVE-2015-3709", "impact": "A local user may be able to load unsigned kernel extensions", "links": [ "https://support.apple.com/en-us/HT204942" ], "module": "kext tools", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Aaron Sigel of vtty.com, Jan Sou\u010dek", "description": "An issue existed in the support for HTML email which allowed message content to be refreshed with an arbitrary webpage. The issue was addressed through restricted support for HTML content.", "id": "CVE-2015-3710", "impact": "A maliciously crafted email can replace the message content with an arbitrary webpage when the message is viewed", "links": [ "https://support.apple.com/en-us/HT204941", "https://support.apple.com/en-us/HT204942" ], "module": "Mail", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3" ], "credit": "Peter Rutenbar working with HP's Zero Day Initiative", "description": "An issue existed in NTFS that could have led to the disclosure of kernel memory content. This issue was addressed through improved memory handling.", "id": "CVE-2015-3711", "impact": "A malicious application may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT204942" ], "module": "ntfs", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.3" ], "credit": "Ian Beer of Google Project Zero", "description": "An out of bounds write issue existed in NVIDIA graphics driver. This issue was addressed through improved bounds checking.", "id": "CVE-2015-3712", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT204942" ], "module": "Graphics Driver", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in QuickTime. These issues were addressed through improved memory handling.", "id": "CVE-2015-3713", "impact": "Processing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204942" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3" ], "credit": "Joshua Pitts of Leviathan Security Group", "description": "Apps using custom resource rules may have been susceptible to tampering that would not have invalidated the signature. This issue was addressed with improved resource validation.", "id": "CVE-2015-3714", "impact": "Tampered applications may not be prevented from launching", "links": [ "https://support.apple.com/en-us/HT204942" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3" ], "credit": "Patrick Wardle of Synack", "description": "An issue existed where code signing did not verify libraries loaded outside the application bundle. This issue was addressed with improved bundle verification.", "id": "CVE-2015-3715", "impact": "A malicious application may be able to bypass code signing checks", "links": [ "https://support.apple.com/en-us/HT204942" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3" ], "credit": "Apple", "description": "A command injection vulnerability existed in the handling of filenames of photos added to the local photo library. This issue was addressed through improved input validation.", "id": "CVE-2015-3716", "impact": "Searching for a malicious file with Spotlight may lead to command injection", "links": [ "https://support.apple.com/en-us/HT204942" ], "module": "Spotlight", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Peter Rutenbar working with HP's Zero Day Initiative", "description": "Multiple buffer overflows existed in SQLite's printf implementation. These issues were addressed through improved bounds checking.", "id": "CVE-2015-3717", "impact": "A remote attacker may cause an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204941", "https://support.apple.com/en-us/HT204942" ], "module": "SQLite", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.3" ], "credit": "Roberto Paleari and Aristide Fattori of Emaze Networks", "description": "A type confusion issue existed in systemstatsd's handling of interprocess communication. By sending a maliciously formatted message to systemstatsd, it may have been possible to execute arbitrary code as the systemstatsd process. The issue was addressed through additional type checking.", "id": "CVE-2015-3718", "impact": "A malicious app may be able to compromise systemstatsd", "links": [ "https://support.apple.com/en-us/HT204942" ], "module": "System Stats", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "John Villamil (@day6reak), Yahoo Pentest Team", "description": "A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation.", "id": "CVE-2015-3719", "impact": "Processing a maliciously crafted font file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204941", "https://support.apple.com/en-us/HT204942" ], "module": "TrueTypeScaler", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.3" ], "credit": "Stefan Esser", "description": "A memory management issue existed in the handling of APIs related to kernel extensions which could have led to the disclosure of kernel memory layout. This issue was addressed through improved memory management.", "id": "CVE-2015-3720", "impact": "A malicious application may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT204942" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Ian Beer of Google Project Zero", "description": "A memory management issue existed in the handling of HFS parameters which could have led to the disclosure of kernel memory layout. This issue was addressed through improved memory management.", "id": "CVE-2015-3721", "impact": "A malicious application may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT204941", "https://support.apple.com/en-us/HT204942" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Zhaofeng Chen, Hui Xue, and Tao (Lenx) Wei from FireEye, Inc.", "description": "An issue existed in the install logic for universal provisioning profile apps, which allowed a collision to occur with existing bundle IDs. This issue was addressed through improved collision checking.", "id": "CVE-2015-3722", "impact": "A malicious universal provisioning profile app may prevent apps from launching", "links": [ "https://support.apple.com/en-us/HT204941" ], "module": "Application Store", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "chaithanya (SegFault) working with HP's Zero Day Initiative", "description": "Multiple memory corruption issues existed in the handling of ICC profiles. These issues were addressed through improved memory handling.", "id": "CVE-2015-3723", "impact": "Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204941" ], "module": "CoreGraphics", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "WanderingGlitch of HP's Zero Day Initiative", "description": "Multiple memory corruption issues existed in the handling of ICC profiles. These issues were addressed through improved memory handling.", "id": "CVE-2015-3724", "impact": "Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204941" ], "module": "CoreGraphics", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Zhaofeng Chen, Hui Xue, and Tao (Lenx) Wei from FireEye, Inc.", "description": "An issue existed in the install logic for universal provisioning profile apps on the Watch which allowed a collision to occur with existing bundle IDs. This issue was addressed through improved collision checking.", "id": "CVE-2015-3725", "impact": "A malicious universal provisioning profile app can prevent a Watch app from launching", "links": [ "https://support.apple.com/en-us/HT204941" ], "module": "MobileInstallation", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Matt Spisak of Endgame", "description": "Multiple input validation issues existed in the parsing of SIM/UIM payloads. These issues were addressed through improved payload validation.", "id": "CVE-2015-3726", "impact": "Maliciously crafted SIM cards may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204941" ], "module": "Telephony", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Peter Rutenbar working with HP's Zero Day Initiative", "description": "An issue existed in the authorization checks for renaming WebSQL tables. This could have allowed a maliciously crafted website to access databases belonging to other websites. The issue was addressed with improved authorization checks.", "id": "CVE-2015-3727", "impact": "A maliciously crafted website can access the WebSQL databases of other websites", "links": [ "https://support.apple.com/en-us/HT204941", "https://support.apple.com/en-us/HT204950" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Brian W. Gray of Carnegie Mellon University, Craig Young from TripWire", "description": "An insufficient comparison issue existed in Wi-Fi manager's evaluation of known access point advertisements. This issue was addressed through improved matching of security parameters.", "id": "CVE-2015-3728", "impact": "iOS devices may auto-associate with untrusted access points advertising a known ESSID but with a downgraded security type", "links": [ "https://support.apple.com/en-us/HT204941" ], "module": "Wi-Fi Connectivity", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.4", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Code Audit Labs of VulnHunt.com", "description": "A malicious website could open another site and prompt for user input without a way for the user to tell where the prompt originated. The issue was addressed by displaying the prompt's origin to the user.", "id": "CVE-2015-3729", "impact": "Visiting a malicious website may lead to user interface spoofing", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205033" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.4", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "A redirection issue existed in the handling of certain network connections. This issue was addressed through improved resource validation.", "id": "CVE-2015-3730", "impact": "An attacker in a privileged network position may be able to obtain encrypted SMB credentials", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205033", "https://support.apple.com/en-us/HT205221" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.4", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "A redirection issue existed in the handling of certain network connections. This issue was addressed through improved resource validation.", "id": "CVE-2015-3731", "impact": "An attacker in a privileged network position may be able to obtain encrypted SMB credentials", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205033", "https://support.apple.com/en-us/HT205221" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.4", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-3732", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205033" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.4", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "A redirection issue existed in the handling of certain network connections. This issue was addressed through improved resource validation.", "id": "CVE-2015-3733", "impact": "An attacker in a privileged network position may be able to obtain encrypted SMB credentials", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205033", "https://support.apple.com/en-us/HT205221" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.4", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "A redirection issue existed in the handling of certain network connections. This issue was addressed through improved resource validation.", "id": "CVE-2015-3734", "impact": "An attacker in a privileged network position may be able to obtain encrypted SMB credentials", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205033", "https://support.apple.com/en-us/HT205221" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.4", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "A redirection issue existed in the handling of certain network connections. This issue was addressed through improved resource validation.", "id": "CVE-2015-3735", "impact": "An attacker in a privileged network position may be able to obtain encrypted SMB credentials", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205033", "https://support.apple.com/en-us/HT205221" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.4", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "A redirection issue existed in the handling of certain network connections. This issue was addressed through improved resource validation.", "id": "CVE-2015-3736", "impact": "An attacker in a privileged network position may be able to obtain encrypted SMB credentials", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205033", "https://support.apple.com/en-us/HT205221" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.4", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "A redirection issue existed in the handling of certain network connections. This issue was addressed through improved resource validation.", "id": "CVE-2015-3737", "impact": "An attacker in a privileged network position may be able to obtain encrypted SMB credentials", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205033", "https://support.apple.com/en-us/HT205221" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.4", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "A redirection issue existed in the handling of certain network connections. This issue was addressed through improved resource validation.", "id": "CVE-2015-3738", "impact": "An attacker in a privileged network position may be able to obtain encrypted SMB credentials", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205033", "https://support.apple.com/en-us/HT205221" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.4", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "A redirection issue existed in the handling of certain network connections. This issue was addressed through improved resource validation.", "id": "CVE-2015-3739", "impact": "An attacker in a privileged network position may be able to obtain encrypted SMB credentials", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205033", "https://support.apple.com/en-us/HT205221" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.4", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "A redirection issue existed in the handling of certain network connections. This issue was addressed through improved resource validation.", "id": "CVE-2015-3740", "impact": "An attacker in a privileged network position may be able to obtain encrypted SMB credentials", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205033", "https://support.apple.com/en-us/HT205221" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.4", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "A redirection issue existed in the handling of certain network connections. This issue was addressed through improved resource validation.", "id": "CVE-2015-3741", "impact": "An attacker in a privileged network position may be able to obtain encrypted SMB credentials", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205033", "https://support.apple.com/en-us/HT205221" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.4", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "A redirection issue existed in the handling of certain network connections. This issue was addressed through improved resource validation.", "id": "CVE-2015-3742", "impact": "An attacker in a privileged network position may be able to obtain encrypted SMB credentials", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205033", "https://support.apple.com/en-us/HT205221" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.4", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "A redirection issue existed in the handling of certain network connections. This issue was addressed through improved resource validation.", "id": "CVE-2015-3743", "impact": "An attacker in a privileged network position may be able to obtain encrypted SMB credentials", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205033", "https://support.apple.com/en-us/HT205221" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.4", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "A redirection issue existed in the handling of certain network connections. This issue was addressed through improved resource validation.", "id": "CVE-2015-3744", "impact": "An attacker in a privileged network position may be able to obtain encrypted SMB credentials", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205033", "https://support.apple.com/en-us/HT205221" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.4", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "A redirection issue existed in the handling of certain network connections. This issue was addressed through improved resource validation.", "id": "CVE-2015-3745", "impact": "An attacker in a privileged network position may be able to obtain encrypted SMB credentials", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205033", "https://support.apple.com/en-us/HT205221" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.4", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "A redirection issue existed in the handling of certain network connections. This issue was addressed through improved resource validation.", "id": "CVE-2015-3746", "impact": "An attacker in a privileged network position may be able to obtain encrypted SMB credentials", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205033", "https://support.apple.com/en-us/HT205221" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.4", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "A redirection issue existed in the handling of certain network connections. This issue was addressed through improved resource validation.", "id": "CVE-2015-3747", "impact": "An attacker in a privileged network position may be able to obtain encrypted SMB credentials", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205033", "https://support.apple.com/en-us/HT205221" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.4", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "A redirection issue existed in the handling of certain network connections. This issue was addressed through improved resource validation.", "id": "CVE-2015-3748", "impact": "An attacker in a privileged network position may be able to obtain encrypted SMB credentials", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205033", "https://support.apple.com/en-us/HT205221" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.4", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "A redirection issue existed in the handling of certain network connections. This issue was addressed through improved resource validation.", "id": "CVE-2015-3749", "impact": "An attacker in a privileged network position may be able to obtain encrypted SMB credentials", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205033", "https://support.apple.com/en-us/HT205221" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.4", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Muneaki Nishimura (nishimunea)", "description": "An issue existed where Content Security Policy report requests would not honor HTTP Strict Transport Security (HSTS). The issue was addressed by applying HSTS to CSP.", "id": "CVE-2015-3750", "impact": "A malicious website can trigger plaintext requests to an origin under HTTP Strict Transport Security", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205033" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.4", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Muneaki Nishimura (nishimunea)", "description": "An issue existed where websites with video controls would load images nested in object elements in violation of the website's Content Security Policy directive. This issue was addressed through improved Content Security Policy enforcement.", "id": "CVE-2015-3751", "impact": "Image loading may violate a website's Content Security Policy directive", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205033" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.4", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Muneaki Nishimura (nishimunea)", "description": "Two issues existed in how cookies were added to Content Security Policy report requests. Cookies were sent in cross-origin report requests in violation of the standard. Cookies set during regular browsing were sent in private browsing. These issues were addressed through improved cookie handling.", "id": "CVE-2015-3752", "impact": "Content Security Policy report requests may leak cookies", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205033" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.4", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Antonio Sanso and Damien Antipa of Adobe", "description": "Images fetched through URLs that redirected to a data:image resource could have been exfiltrated cross-origin. This issue was addressed through improved canvas taint tracking.", "id": "CVE-2015-3753", "impact": "A malicious website may exfiltrate image data cross-origin", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205033" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.4" ], "credit": "Dongsung Kim (@kid1ng)", "description": "An issue existed in caching of HTTP authentication. Credentials entered in private browsing mode were carried over to regular browsing which would reveal parts of the user's private browsing history. This issue was addressed through improved caching restrictions.", "id": "CVE-2015-3754", "impact": "Cached authentication state may reveal private browsing history", "links": [ "https://support.apple.com/en-us/HT205033" ], "module": "WebKit Page Loading", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.4", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "xisigr of Tencent's Xuanwu Lab", "description": "Navigating to a malformed URL may have allowed a malicious website to display an arbitrary URL. This issue was addressed through improved URL handling.", "id": "CVE-2015-3755", "impact": "Visiting a malicious website may lead to user interface spoofing", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205033" ], "module": "Web", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Andy Grant of NCC Group", "description": "Under certain circumstances, the device may have presented a certificate trust dialog while in a locked state. This issue was addressed through improved state management.", "id": "CVE-2015-3756", "impact": "An attacker with a privileged network position may be able to accept untrusted certificates from the lock screen", "links": [ "https://support.apple.com/en-us/HT205030" ], "module": "Certificate UI", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "Mark S C Smith", "description": "An authorization issue existed when modifying the system date and time preferences. This issue was addressed with additional authorization checks.", "id": "CVE-2015-3757", "impact": "Applications that rely on system time may have unexpected behavior", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "Date & Time pref pane", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Brian Simmons of Salesforce, Guillaume Ross", "description": "An issue existed in the parsing of FaceTime URLs within WebViews. This issue was addressed through improved URL validation.", "id": "CVE-2015-3758", "impact": "A malicious application may be able to initiate FaceTime calls without user authorization", "links": [ "https://support.apple.com/en-us/HT205030" ], "module": "UIKit WebView", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Cererdlong of Alibaba Mobile Security Team", "description": "A symbolic link issue was addressed through improved path validation.", "id": "CVE-2015-3759", "impact": "A local user may be able to modify protected parts of the filesystem", "links": [ "https://support.apple.com/en-us/HT205030" ], "module": "Location Framework", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "beist of grayhash, Stefan Esser", "description": "A path validation issue existed in dyld. This was addressed through improved environment sanitization.", "id": "CVE-2015-3760", "impact": "A local user may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "dyld", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "beist of grayish", "description": "A path validation issue existed. This was addressed through improved environment sanitization.", "id": "CVE-2015-3761", "impact": "A local user may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "Xiaoyong Wu of the Evernote Security Team", "description": "An XML external entity reference issue existed with TextEdit parsing. This issue was addressed through improved parsing.", "id": "CVE-2015-3762", "impact": "Parsing a maliciously crafted text file may lead to disclosure of user information", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "Text Formats", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "", "description": "An issue existed where a malicious or hacked website could show infinite alert messages and make users believe their browser was locked. The issue was addressed through throttling of JavaScript alerts.", "id": "CVE-2015-3763", "impact": "A malicious website may trigger an infinite number of alert messages", "links": [ "https://support.apple.com/en-us/HT205030" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "Jonathan Zdziarski", "description": "An issue existed in Notification Center, which did not properly delete user notifications. This issue was addressed by correctly deleting notifications dismissed by users.", "id": "CVE-2015-3764", "impact": "A malicious application may be able to access all notifications previously displayed to users", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "Notification Center OSX", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4" ], "credit": "Joe Burnett of Audio Poison", "description": "Multiple memory corruption issues existed in QuickTime. These issues were addressed through improved memory handling.", "id": "CVE-2015-3765", "impact": "Processing a maliciously crafted file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "QuickTime 7", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Cererdlong of Alibaba Mobile Security Team, @PanguTeam", "description": "An issue existed in the mach_port_space_info interface, which could have led to the disclosure of kernel memory layout. This was addressed by disabling the mach_port_space_info interface.", "id": "CVE-2015-3766", "impact": "A malicious application may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205031" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "beist of grayhash", "description": "A memory corruption issue existed in parsing of malformed DMG images. This issue was addressed through improved memory handling.", "id": "CVE-2015-3767", "impact": "Processing a maliciously crafted DMG file may lead to an unexpected application termination or arbitrary code execution with system privileges", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "udf", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Ilja van Sprundel", "description": "An access issue existed with certain debugging mechanisms. This issue was addressed by adding additional validation checks.", "id": "CVE-2015-3768", "impact": "A malicious application may be able to bypass background execution restrictions", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205031" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "Ilja van Sprundel", "description": "Memory corruption issues existed in IOFireWireFamily. These issues were addressed through additional type input validation.", "id": "CVE-2015-3769", "impact": "A local user may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "IOFireWireFamily", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "Ilja van Sprundel", "description": "A memory corruption issue existed in IOGraphics. This issue was addressed through additional type input validation.", "id": "CVE-2015-3770", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "IOGraphics", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "Ilja van Sprundel", "description": "Memory corruption issues existed in IOFireWireFamily. These issues were addressed through additional type input validation.", "id": "CVE-2015-3771", "impact": "A local user may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "IOFireWireFamily", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "Ilja van Sprundel", "description": "Memory corruption issues existed in IOFireWireFamily. These issues were addressed through additional type input validation.", "id": "CVE-2015-3772", "impact": "A local user may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "IOFireWireFamily", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "Ilja van Sprundel", "description": "A memory corruption issue existed in the SMB client. This issue was addressed through improved memory handling.", "id": "CVE-2015-3773", "impact": "A remote attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "SMBClient", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "Jeffrey Paul of EEQJ, Jan Bee of the Google Security Team", "description": "An issue existed in the Dictionary app, which did not properly secure user communications. This issue was addressed by moving Dictionary queries to HTTPS.", "id": "CVE-2015-3774", "impact": "An attacker with a privileged network position may be able to intercept users' Dictionary app queries", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "Dictionary Application", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "[Eldon Ahrold]", "description": "An issue existed in handling of user authentication. This issue was addressed through improved authentication checks.", "id": "CVE-2015-3775", "impact": "A standard user may be able to gain access to admin privileges without proper authentication", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Teddy Reed of Facebook Security, Patrick Stein (@jollyjinx) of Jinx Germany", "description": "A memory corruption existed in processing of malformed plists. This issue was addressed through improved memory handling.", "id": "CVE-2015-3776", "impact": "Parsing a maliciously crafted plist may lead to an unexpected application termination or arbitrary code execution with system privileges", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205031" ], "module": "IOKit", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "mitp0sh of [PDX]", "description": "Multiple buffer overflow issues existed in blued's handling of XPC messages. These issues were addressed through improved bounds checking.", "id": "CVE-2015-3777", "impact": "A local attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Piers O'Hanlon of Oxford Internet Institute, University of Oxford (on the EPSRC Being There project)", "description": "Upon connecting to a Wi-Fi network, MAC addresses of previously accessed networks may have been broadcast. This issue was addressed by broadcasting only MAC addresses associated with the current SSID.", "id": "CVE-2015-3778", "impact": "An attacker may be able to determine Wi-Fi networks a device has previously accessed", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205031" ], "module": "bootp", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4", "OS X Yosemite v10.10 to v10.10.4" ], "credit": "Teddy Reed of Facebook Security", "description": "A memory corruption issue existed in IOBluetoothHCIController. This issue was addressed through improved memory handling.", "id": "CVE-2015-3779", "impact": "A local user may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "Roberto Paleari and Aristide Fattori of Emaze Networks", "description": "A memory management issue could have led to the disclosure of kernel memory layout. This issue was addressed with improved memory management.", "id": "CVE-2015-3780", "impact": "A malicious application may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "Andrew Pouliot of Facebook, Anto Loyola of Qubole", "description": "An issue existed where QuickLook had the capability to execute JavaScript. The issue was addressed by disallowing execution of JavaScript.", "id": "CVE-2015-3781", "impact": "Searching for a previously viewed website may launch the web browser and render that website", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "Quick Look", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Deepkanwal Plaha of University of Toronto", "description": "A state inconsistency existed in CloudKit when signing out users. This issue was addressed through improved state handling.", "id": "CVE-2015-3782", "impact": "A malicious application may be able to access the iCloud user record of a previously signed in user", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205031" ], "module": "CloudKit", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4" ], "credit": "Haris Andrianakis of Google Security Team", "description": "A memory corruption issue existed in SceneKit. This issue was addressed through improved memory handling.", "id": "CVE-2015-3783", "impact": "A remote attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "SceneKit", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4", "OS X Yosemite v10.10.4 or later, iOS 8.4 or later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Bruno Morisson of INTEGRITY S.A.", "description": "Multiple input validation issues existed in parsing a maliciously crafted document. These issues were addressed through improved input validation.", "id": "CVE-2015-3784", "impact": "Opening a maliciously crafted document may lead to compromise of user information", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205031", "https://support.apple.com/en-us/HT205373" ], "module": "Keynote, Pages, and Numbers", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later" ], "credit": "Dan Bastone of Gotham Digital Science", "description": "An issue existed in the authorization checks for placing phone calls. This issue was addressed through improved authorization checks.", "id": "CVE-2015-3785", "impact": "A local attacker can place phone calls without the user's knowledge when using Continuity", "links": [ "https://support.apple.com/en-us/HT205267" ], "module": "Telephony", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "Xiaolong Bai (Tsinghua University), Luyi Xing (System Security Lab of Indiana University), Tongxin Li (Peking University), XiaoFeng Wang (Indiana University)", "description": "An issue existed where a malicious app could access a Bluetooth-paired Mac or iOS device's Notification Center notifications via the Apple Notification Center Service. The issue affected devices using Handoff and logged into the same iCloud account. This issue was resolved by revoking access to the Apple Notification Center Service.", "id": "CVE-2015-3786", "impact": "A malicious app may be able to access notifications from other iCloud devices", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "moony li of Trend Micro", "description": "An input validation issue existed in parsing of Bluetooth ACL packets. This issue was addressed through improved input validation.", "id": "CVE-2015-3787", "impact": "An attacker with privileged network position may be able to perform denial of service attack using malformed Bluetooth packets", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4", "Windows 7 and Windows Vista" ], "credit": "Ryan Pentney and Richard Johnson of Cisco Talos", "description": "Multiple memory corruption issues existed in QuickTime. These issues were addressed through improved memory handling.", "id": "CVE-2015-3788", "impact": "Processing a maliciously crafted file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205031", "https://support.apple.com/en-us/HT205046" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4", "Windows 7 and Windows Vista" ], "credit": "Ryan Pentney and Richard Johnson of Cisco Talos", "description": "Multiple memory corruption issues existed in QuickTime. These issues were addressed through improved memory handling.", "id": "CVE-2015-3789", "impact": "Processing a maliciously crafted file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205031", "https://support.apple.com/en-us/HT205046" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4", "Windows 7 and Windows Vista" ], "credit": "Ryan Pentney and Richard Johnson of Cisco Talos", "description": "Multiple memory corruption issues existed in QuickTime. These issues were addressed through improved memory handling.", "id": "CVE-2015-3790", "impact": "Processing a maliciously crafted file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205031", "https://support.apple.com/en-us/HT205046" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4", "Windows 7 and Windows Vista" ], "credit": "Ryan Pentney and Richard Johnson of Cisco Talos", "description": "Multiple memory corruption issues existed in QuickTime. These issues were addressed through improved memory handling.", "id": "CVE-2015-3791", "impact": "Processing a maliciously crafted file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205031", "https://support.apple.com/en-us/HT205046" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4", "Windows 7 and Windows Vista" ], "credit": "Ryan Pentney and Richard Johnson of Cisco Talos", "description": "Multiple memory corruption issues existed in QuickTime. These issues were addressed through improved memory handling.", "id": "CVE-2015-3792", "impact": "Processing a maliciously crafted file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205031", "https://support.apple.com/en-us/HT205046" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Andreas Weinlein of the Appthority Mobility Threat Team", "description": "An issue existed in the third-party app sandbox. This issue was addressed by improving the third-party sandbox profile.", "id": "CVE-2015-3793", "impact": "A malicious app may be able to read other apps' managed preferences", "links": [ "https://support.apple.com/en-us/HT205030" ], "module": "CFPreferences", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "Adam Greenbaum of Refinitive", "description": "A memory corruption issue existed in handling of Unicode strings. This issue was addressed by improved memory handling.", "id": "CVE-2015-3794", "impact": "Parsing a maliciously crafted unicode string with speech alerts enabled may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "Speech UI", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Mathew Rowley", "description": "A memory corruption issue existed in handling of malformed XPC messages. This issue was improved through improved bounds checking.", "id": "CVE-2015-3795", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205031" ], "module": "libxpc", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Ian Beer of Google Project Zero", "description": "A memory corruption issue existed in the TRE library. This issue was addressed through improved memory handling.", "id": "CVE-2015-3796", "impact": "Processing a maliciously crafted regular expression may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205031" ], "module": "Libc", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Ian Beer of Google Project Zero", "description": "A memory corruption issue existed in the TRE library. This issue was addressed through improved memory handling.", "id": "CVE-2015-3797", "impact": "Processing a maliciously crafted regular expression may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205031" ], "module": "Libc", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Ian Beer of Google Project Zero", "description": "A memory corruption issue existed in the TRE library. This issue was addressed through improved memory handling.", "id": "CVE-2015-3798", "impact": "Processing a maliciously crafted regular expression may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205031" ], "module": "Libc", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "an anonymous researcher working with HP's Zero Day Initiative", "description": "In some circumstances, a state management issue existed in password authentication. The issue was addressed through improved state management.", "id": "CVE-2015-3799", "impact": "A malicious application may be able change the password of a local user", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "Apple ID OD Plug-in", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Frank Graziano of the Yahoo Pentest Team", "description": "A memory corruption issue existed in parsing of malformed DMG images. This issue was addressed through improved memory handling.", "id": "CVE-2015-3800", "impact": "Processing a maliciously crafted DMG file may lead to an unexpected application termination or arbitrary code execution with system privileges", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205031" ], "module": "DiskImages", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5 and OS X El Capitan v10.11", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Erling Ellingsen of Facebook", "description": "WebKit would accept multiple cookies to be set in the document.cookie API. This issue was addressed through improved parsing.", "id": "CVE-2015-3801", "impact": "An attacker may be able to create unintended cookies for a website", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205265" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "TaiG Jailbreak Team", "description": "A validation issue existed in the handling of Mach-O files. This was addressed by adding additional checks.", "id": "CVE-2015-3802", "impact": "A local user may be able to execute unsigned code", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205031" ], "module": "Code Signing", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "TaiG Jailbreak Team", "description": "An issue existed in the way multi-architecture executable files were evaluated that could have allowed unsigned code to be executed. This issue was addressed through improved validation of executable files.", "id": "CVE-2015-3803", "impact": "A specially crafted executable file could allow unsigned, malicious code to execute", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205031" ], "module": "Code Signing", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation.", "id": "CVE-2015-3804", "impact": "Processing a maliciously crafted font file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205031" ], "module": "FontParser", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "TaiG Jailbreak Team", "description": "A validation issue existed in the handling of Mach-O files. This was addressed by adding additional checks.", "id": "CVE-2015-3805", "impact": "A local user may be able to execute unsigned code", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205031" ], "module": "Code Signing", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "TaiG Jailbreak Team", "description": "An issue existed that allowed unsigned code to be appended to signed code in a specially crafted executable file. This issue was addressed through improved code signature validation.", "id": "CVE-2015-3806", "impact": "A malicious application may be able to execute unsigned code", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205031" ], "module": "Code Signing", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Michal Zalewski", "description": "A memory corruption issue existed in parsing of XML files. This issue was addressed through improved memory handling.", "id": "CVE-2015-3807", "impact": "Parsing a maliciously crafted XML document may lead to disclosure of user information", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205031" ], "module": "libxml2", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "The weakdh team at weakdh.org, Hanno Boeck", "description": "coreTLS accepted short ephemeral Diffie-Hellman (DH) keys, as used in export-strength ephemeral DH cipher suites. This issue, also known as Logjam, allowed an attacker with a privileged network position to downgrade security to 512-bit DH if the server supported an export-strength ephemeral DH cipher suite. The issue was addressed by increasing the default minimum size allowed for DH ephemeral keys to 768 bits.", "id": "CVE-2015-4000", "impact": "An attacker with a privileged network position may intercept SSL/TLS connections", "links": [ "https://support.apple.com/en-us/HT204941", "https://support.apple.com/en-us/HT204942" ], "module": "coreTLS", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.5.20. These were addressed by updating Apache to version 5.5.27.", "id": "CVE-2015-4021", "impact": "Multiple vulnerabilities existed in PHP 5.5.20, the most serious of which may lead to arbitrary code execution.", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.5.20. These were addressed by updating Apache to version 5.5.27.", "id": "CVE-2015-4022", "impact": "Multiple vulnerabilities existed in PHP 5.5.20, the most serious of which may lead to arbitrary code execution.", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.5.20. These were addressed by updating Apache to version 5.5.27.", "id": "CVE-2015-4024", "impact": "Multiple vulnerabilities existed in PHP 5.5.20, the most serious of which may lead to arbitrary code execution.", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.5.20. These were addressed by updating Apache to version 5.5.27.", "id": "CVE-2015-4025", "impact": "Multiple vulnerabilities existed in PHP 5.5.20, the most serious of which may lead to arbitrary code execution.", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.5.20. These were addressed by updating Apache to version 5.5.27.", "id": "CVE-2015-4026", "impact": "Multiple vulnerabilities existed in PHP 5.5.20, the most serious of which may lead to arbitrary code execution.", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.5.20. These were addressed by updating Apache to version 5.5.27.", "id": "CVE-2015-4147", "impact": "Multiple vulnerabilities existed in PHP 5.5.20, the most serious of which may lead to arbitrary code execution.", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.5.20. These were addressed by updating Apache to version 5.5.27.", "id": "CVE-2015-4148", "impact": "Multiple vulnerabilities existed in PHP 5.5.20, the most serious of which may lead to arbitrary code execution.", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5" ], "credit": "Corey Kallenberg, Xeno Kovah, John Butterworth, and Sam Cornwell of The MITRE Corporation, coordinated via CERT", "description": "An issue existed with EFI argument handling. This was addressed by removing the affected functions.", "id": "CVE-2015-4860", "impact": "An attacker can exercise unused EFI functions", "links": [ "https://support.apple.com/en-us/HT205317" ], "module": "EFI", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and v10.11.1" ], "credit": "", "description": "Multiple vulnerabilities existed in LibreSSL versions prior to 2.1.8. These were addressed by updating LibreSSL to version 2.1.8.", "id": "CVE-2015-5333", "impact": "Multiple vulnerabilities in LibreSSL", "links": [ "https://support.apple.com/en-us/HT205637" ], "module": "OpenSSH", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and v10.11.1" ], "credit": "", "description": "Multiple vulnerabilities existed in LibreSSL versions prior to 2.1.8. These were addressed by updating LibreSSL to version 2.1.8.", "id": "CVE-2015-5334", "impact": "Multiple vulnerabilities in LibreSSL", "links": [ "https://support.apple.com/en-us/HT205637" ], "module": "OpenSSH", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.5 or later" ], "credit": "", "description": "An assertion issue existed in the handling of TKEY packets. This issue was addressed by updating BIND to version 9.9.7-P2.", "id": "CVE-2015-5477", "impact": "A remote attacker may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT205032" ], "module": "BIND", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, and Apple Watch Edition", "Mac OS X v10.6.8 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Fernando Mu\u00f1oz of NULLGroup.com", "description": "Multiple memory corruption issues existed in tidy. These issues were addressed through improved memory handling.", "id": "CVE-2015-5522", "impact": "Visiting a maliciously crafted website may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205213", "https://support.apple.com/en-us/HT205267" ], "module": "tidy", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, and Apple Watch Edition", "Mac OS X v10.6.8 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Fernando Mu\u00f1oz of NULLGroup.com", "description": "Multiple memory corruption issues existed in tidy. These issues were addressed through improved memory handling.", "id": "CVE-2015-5523", "impact": "Visiting a maliciously crafted website may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205213", "https://support.apple.com/en-us/HT205267" ], "module": "tidy", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "", "description": "An issue existed when processing keyboard-interactive devices. This issue was addressed through improved authentication request validation.", "id": "CVE-2015-5600", "impact": "Remote attackers may be able to circumvent a time delay for failed login attempts and conduct brute-force attacks", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "OpenSSH", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite 10.10.5, OS X El Capitan 10.11.1 or later" ], "credit": "Hanno B\u00f6ck from the Fuzzing Project", "description": "Multiple vulnerabilities existed in BIND versions prior to 9.9.7-P3, one of which may have allowed a remote attacker to cause a denial of service. These issues were addressed by updating BIND to version 9.9.7-P3.", "id": "CVE-2015-5722", "impact": "Multiple vulnerabilities in BIND", "links": [ "https://support.apple.com/en-us/HT205376" ], "module": "BIND", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "evad3rs, TaiG Jailbreak Team", "description": "An issue existed in the symbolic linking mechanism of afc. This issue was addressed by adding additional path checks.", "id": "CVE-2015-5746", "impact": "A maliciously crafted afc command may allow access to protected parts of the filesystem", "links": [ "https://support.apple.com/en-us/HT205030" ], "module": "AppleFileConduit", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "The Brainy Code Scanner (m00nbsd)", "description": "A resource exhaustion issue existed in the fasttrap driver. This was addressed through improved memory handling.", "id": "CVE-2015-5747", "impact": "A local user may be able to cause a system denial of service", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, and Apple Watch Edition", "OS X Yosemite v10.10 to v10.10.4", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Maxime Villard of m00nbsd", "description": "An issue existed in HFS drive mounting. This was addressed by additional validation checks.", "id": "CVE-2015-5748", "impact": "A local user may be able to cause a system denial of service", "links": [ "https://support.apple.com/en-us/HT205031", "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205213" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Andreas Weinlein of the Appthority Mobility Threat Team", "description": "An issue existed in the third-party app sandbox. This issue was addressed by improving the third-party sandbox profile.", "id": "CVE-2015-5749", "impact": "An malicious app may be able to read other apps' managed preferences", "links": [ "https://support.apple.com/en-us/HT205030" ], "module": "Sandbox_profiles", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "M1x7e1 of Safeye Team (www.safeye.org)", "description": "Memory corruption issues existed in processing of Unicode characters. These issues were addressed through improved memory handling.", "id": "CVE-2015-5750", "impact": "Processing a sequence of unicode characters can lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "Data Detectors Engine", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4", "Windows 7 and Windows Vista" ], "credit": "WalkerFuz", "description": "Multiple memory corruption issues existed in QuickTime. These issues were addressed through improved memory handling.", "id": "CVE-2015-5751", "impact": "Processing a maliciously crafted file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205031", "https://support.apple.com/en-us/HT205046" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "TaiG Jailbreak Team", "description": "An issue existed within the path validation logic for symlinks. This issue was addressed through improved path sanitization.", "id": "CVE-2015-5752", "impact": "A malicious application may be able to create symlinks to protected regions of the disk", "links": [ "https://support.apple.com/en-us/HT205030" ], "module": "Backup", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in QuickTime. These issues were addressed through improved memory handling.", "id": "CVE-2015-5753", "impact": "Processing a maliciously crafted file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "QuickTime 7", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "Ian Beer of Google Project Zero", "description": "A race condition existed in Install.framework's 'runner' binary that resulted in privileges being incorrectly dropped. This issue was addressed through improved object locking.", "id": "CVE-2015-5754", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "Install Framework Legacy", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "John Villamil (@day6reak), Yahoo Pentest Team", "description": "Multiple memory corruption issues existed in the processing of text files. These issues were addressed through improved memory handling.", "id": "CVE-2015-5755", "impact": "Applications that use CoreText may be vulnerable to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205031", "https://support.apple.com/en-us/HT205221" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "John Villamil (@day6reak), Yahoo Pentest Team", "description": "A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation.", "id": "CVE-2015-5756", "impact": "Processing a maliciously crafted font file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205031" ], "module": "FontParser", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Lufeng Li of Qihoo 360", "description": "A memory corruption issue existed in handling syscalls. This issue was addressed through improved lock state checking.", "id": "CVE-2015-5757", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205031" ], "module": "libpthread", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "A memory corruption issue existed in the processing of .tiff files. This issue was addressed through improved bounds checking.", "id": "CVE-2015-5758", "impact": "Processing a maliciously crafted .tiff file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205031" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Phillip Moon and Matt Weston of Sandfield", "description": "An issue existed in how synthetic clicks are generated from tap events that could cause clicks to target other pages. The issue was addressed through restricted click propagation.", "id": "CVE-2015-5759", "impact": "A malicious website can make a tap event produce a synthetic click on another page", "links": [ "https://support.apple.com/en-us/HT205030" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "John Villamil (@day6reak), Yahoo Pentest Team", "description": "Multiple memory corruption issues existed in the processing of text files. These issues were addressed through improved memory handling.", "id": "CVE-2015-5761", "impact": "Applications that use CoreText may be vulnerable to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205031", "https://support.apple.com/en-us/HT205221" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Michael Santos", "description": "The screen which reports an untrusted Wi-Fi certificate had only one button which trusted the certificate. A user who did not wish to use the Wi-Fi access point would have had to press the home or lock buttons to escape the screen. This issue was addressed by adding a visible 'Cancel' button.", "id": "CVE-2015-5762", "impact": "A user's password might be sent to an untrusted Wi-Fi access point", "links": [ "https://support.apple.com/en-us/HT204661" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "Roberto Paleari and Aristide Fattori of Emaze Networks", "description": "A memory corruption issue existed in NTFS. This issue was addressed through improved memory handling.", "id": "CVE-2015-5763", "impact": "A local user may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "ntfs", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5 and OS X El Capitan v10.11", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Antonio Sanso (@asanso) of Adobe", "description": "Multiple user interface inconsistencies may have allowed a malicious website to display an arbitrary URL. These issues were addressed through improved URL display logic.", "id": "CVE-2015-5764", "impact": "Visiting a malicious website may lead to user interface spoofing", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205265" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5 and OS X El Capitan v10.11", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Ron Masas", "description": "Multiple user interface inconsistencies may have allowed a malicious website to display an arbitrary URL. These issues were addressed through improved URL display logic.", "id": "CVE-2015-5765", "impact": "Visiting a malicious website may lead to user interface spoofing", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205265" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "TaiG Jailbreak Team", "description": "A path traversal issue existed in asset handling. This was addressed with improved validation.", "id": "CVE-2015-5766", "impact": "AirTraffic may have allowed access to protected parts of the filesystem", "links": [ "https://support.apple.com/en-us/HT205030" ], "module": "Air Traffic", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5 and OS X El Capitan v10.11", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Krystian Kloskowski via Secunia, Masato Kinugawa", "description": "Multiple user interface inconsistencies may have allowed a malicious website to display an arbitrary URL. These issues were addressed through improved URL display logic.", "id": "CVE-2015-5767", "impact": "Visiting a malicious website may lead to user interface spoofing", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205265" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "JieTao Yang of KeenTeam", "description": "An issue existed in AppleGraphicsControl which could have led to the disclosure of kernel memory layout. This issue was addressed through improved bounds checking.", "id": "CVE-2015-5768", "impact": "A malicious application may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "AppleGraphicsControl", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Proteas of Qihoo 360 Nirvan Team", "description": "A denial of service issue was addressed through improved memory handling.", "id": "CVE-2015-5769", "impact": "Viewing a malicious video may lead to a unexpected system termination", "links": [ "https://support.apple.com/en-us/HT205030" ], "module": "MSVDX Driver", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Zhaofeng Chen, Yulong Zhang, and Tao Wei of FireEye, Inc", "description": "An issue existed in the install logic for universal provisioning profile apps, which allowed a collision to occur with existing bundle IDs. This issue was addressed through improved bundle ID validation.", "id": "CVE-2015-5770", "impact": "A malicious enterprise application may be able to replace extensions for other apps", "links": [ "https://support.apple.com/en-us/HT205030" ], "module": "MobileInstallation", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4" ], "credit": "Apple", "description": "A memory corruption issue existed in parsing of QuickTime files. This issue was addressed through improved memory handling.", "id": "CVE-2015-5771", "impact": "Parsing a maliciously crafted QuickTime file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "Quartz Composer Framework", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "Apple", "description": "A heap buffer overflow existed in SceneKit's handling of Collada files. This issue was addressed through improved input validation.", "id": "CVE-2015-5772", "impact": "Viewing a maliciously crafted Collada file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "SceneKit", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "A memory corruption issue existed in parsing of office documents. This issue was addressed through improved memory handling.", "id": "CVE-2015-5773", "impact": "Parsing a maliciously crafted office document may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205031" ], "module": "QL Office", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "TaiG Jailbreak Team", "description": "A buffer overflow issue existed in IOHIDFamily. This issue was addressed through improved memory handling.", "id": "CVE-2015-5774", "impact": "A local user may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205031" ], "module": "IOHIDFamily", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation.", "id": "CVE-2015-5775", "impact": "Processing a maliciously crafted font file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205031" ], "module": "FontParser", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "A memory corruption issue existed in handling AF_INET6 sockets. This issue was addressed by improved memory handling.", "id": "CVE-2015-5776", "impact": "A remote attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205031" ], "module": "Libinfo", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "A memory corruption issue existed in CoreMedia Playback. This issue was addressed through improved memory handling.", "id": "CVE-2015-5777", "impact": "Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205031" ], "module": "CoreMedia Playback", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "A memory corruption issue existed in CoreMedia Playback. This issue was addressed through improved memory handling.", "id": "CVE-2015-5778", "impact": "Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205031" ], "module": "CoreMedia Playback", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4", "Windows 7 and Windows Vista" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in QuickTime. These issues were addressed through improved memory handling.", "id": "CVE-2015-5779", "impact": "Processing a maliciously crafted file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205031", "https://support.apple.com/en-us/HT205046" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5 and OS X El Capitan v10.11" ], "credit": "Ben Toms of macmule.com", "description": "A validated, user-installed Safari extension could be replaced on disk without prompting the user. This issue was addressed by improved validation of extensions.", "id": "CVE-2015-5780", "impact": "Safari extensions may be replaced on disk", "links": [ "https://support.apple.com/en-us/HT205265" ], "module": "Safari Extensions", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Michal Zalewski", "description": "An uninitialized memory access issue existed in ImageIO's handling of PNG images. Visiting a malicious website may result in sending data from process memory to the website. This issue was addressed through improved memory initialization and additional validation of PNG images.", "id": "CVE-2015-5781", "impact": "Visiting a maliciously crafted website may result in the disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205031" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Michal Zalewski", "description": "An uninitialized memory access issue existed in ImageIO's handling of TIFF images. Visiting a malicious website may result in sending data from process memory to the website. This issue is addressed through improved memory initialization and additional validation of TIFF images.", "id": "CVE-2015-5782", "impact": "Visiting a maliciously crafted website may result in the disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT205030", "https://support.apple.com/en-us/HT205031" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "Ilja van Sprundel", "description": "A memory corruption issue existed in IOGraphics. This issue was addressed through additional type input validation.", "id": "CVE-2015-5783", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "IOGraphics", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.4" ], "credit": "Ian Beer of Google Project Zero", "description": "An issue existed in how Install.framework's 'runner' binary dropped privileges. This issue was addressed through improved privilege management.", "id": "CVE-2015-5784", "impact": "A malicious application may be able to execute arbitrary code with root privileges", "links": [ "https://support.apple.com/en-us/HT205031" ], "module": "Install Framework Legacy", "rsr": "", "update": "" }, { "available": [ "Windows 7 and Windows Vista" ], "credit": "Kai Lu of Fortinet's FortiGuard Labs", "description": "Multiple memory corruption issues existed in QuickTime. These issues were addressed through improved memory handling.", "id": "CVE-2015-5785", "impact": "Processing a maliciously crafted file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205046" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Windows 7 and Windows Vista" ], "credit": "Ryan Pentney and Richard Johnson of Cisco Talos", "description": "Multiple memory corruption issues existed in QuickTime. These issues were addressed through improved memory handling.", "id": "CVE-2015-5786", "impact": "Processing a maliciously crafted file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205046" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Alessandro Reina, Mattia Pagnozzi and Stefano Bianchi Mazzone of FireEye", "description": "An access issue existed with certain debugging mechanisms. This issue was addressed by adding additional validation checks.", "id": "CVE-2015-5787", "impact": "A malicious application may be able to bypass background execution restrictions", "links": [ "https://support.apple.com/en-us/HT205030" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5 and OS X El Capitan v10.11", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "A race condition existed in validation of image origins. This issue was addressed by improved validation of resource origins.", "id": "CVE-2015-5788", "impact": "Partially loaded images may exfiltrate data across origins", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205265" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5 and OS X El Capitan v10.11", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-5789", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205221", "https://support.apple.com/en-us/HT205265" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5 and OS X El Capitan v10.11", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-5790", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205221", "https://support.apple.com/en-us/HT205265" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5 and OS X El Capitan v10.11", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-5791", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205221", "https://support.apple.com/en-us/HT205265" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5 and OS X El Capitan v10.11", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-5792", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205221", "https://support.apple.com/en-us/HT205265" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5 and OS X El Capitan v10.11", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-5793", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205221", "https://support.apple.com/en-us/HT205265" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5 and OS X El Capitan v10.11", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-5794", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205221", "https://support.apple.com/en-us/HT205265" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5 and OS X El Capitan v10.11", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-5795", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205221", "https://support.apple.com/en-us/HT205265" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5 and OS X El Capitan v10.11", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-5796", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205221", "https://support.apple.com/en-us/HT205265" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5 and OS X El Capitan v10.11", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-5797", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205221", "https://support.apple.com/en-us/HT205265" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5 and OS X El Capitan v10.11", "Windows 7 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-5798", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205221", "https://support.apple.com/en-us/HT205265" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5 and OS X El Capitan v10.11", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-5799", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205221", "https://support.apple.com/en-us/HT205265" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5 and OS X El Capitan v10.11", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-5800", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205221", "https://support.apple.com/en-us/HT205265" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5 and OS X El Capitan v10.11", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-5801", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205221", "https://support.apple.com/en-us/HT205265" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5 and OS X El Capitan v10.11", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-5802", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205221", "https://support.apple.com/en-us/HT205265" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5 and OS X El Capitan v10.11", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-5803", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205221", "https://support.apple.com/en-us/HT205265" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5 and OS X El Capitan v10.11", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-5804", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205221", "https://support.apple.com/en-us/HT205265" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5 and OS X El Capitan v10.11", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-5805", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205221", "https://support.apple.com/en-us/HT205265" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5 and OS X El Capitan v10.11", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-5806", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205221", "https://support.apple.com/en-us/HT205265" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5 and OS X El Capitan v10.11", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-5807", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205221", "https://support.apple.com/en-us/HT205265" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5 and OS X El Capitan v10.11", "Windows 7 and later" ], "credit": "Joe Vennix", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-5808", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205221", "https://support.apple.com/en-us/HT205265" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5 and OS X El Capitan v10.11", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-5809", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205221", "https://support.apple.com/en-us/HT205265" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5 and OS X El Capitan v10.11", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-5810", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205221", "https://support.apple.com/en-us/HT205265" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5 and OS X El Capitan v10.11", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-5811", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205221", "https://support.apple.com/en-us/HT205265" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5 and OS X El Capitan v10.11", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-5812", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205221", "https://support.apple.com/en-us/HT205265" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5 and OS X El Capitan v10.11", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-5813", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205221", "https://support.apple.com/en-us/HT205265" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5 and OS X El Capitan v10.11", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-5814", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205221", "https://support.apple.com/en-us/HT205265" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5 and OS X El Capitan v10.11", "Windows 7 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-5815", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205221", "https://support.apple.com/en-us/HT205265" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5 and OS X El Capitan v10.11", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-5816", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205221", "https://support.apple.com/en-us/HT205265" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5 and OS X El Capitan v10.11", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-5817", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205221", "https://support.apple.com/en-us/HT205265" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5 and OS X El Capitan v10.11", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-5818", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205221", "https://support.apple.com/en-us/HT205265" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5 and OS X El Capitan v10.11", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-5819", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205221", "https://support.apple.com/en-us/HT205265" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5 and OS X El Capitan v10.11", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Guillaume Ross, Andrei Neculaesei", "description": "An issue existed in handling of tel://, facetime://, and facetime-audio:// URLs. This issue was addressed through improved URL handling.", "id": "CVE-2015-5820", "impact": "Visiting a malicious website may lead to unintended dialing", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205265" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5 and OS X El Capitan v10.11", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-5821", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205221", "https://support.apple.com/en-us/HT205265" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5 and OS X El Capitan v10.11", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Mark S. Miller of Google", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-5822", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205221", "https://support.apple.com/en-us/HT205265" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5 and OS X El Capitan v10.11", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-5823", "impact": "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205221", "https://support.apple.com/en-us/HT205265" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, and Apple Watch Edition", "Mac OS X v10.6.8 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Timothy J. Wood of The Omni Group", "description": "A certificate validation issue existed in NSURL when a certificate changed. This issue was addressed through improved certificate validation.", "id": "CVE-2015-5824", "impact": "An attacker with a privileged network position may intercept SSL/TLS connections", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205213", "https://support.apple.com/en-us/HT205267" ], "module": "CFNetwork SSL", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5 and OS X El Capitan v10.11", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Yossi Oren et al. of Columbia University's Network Security Lab", "description": "WebKit's Performance API could have allowed a malicious website to leak browsing history, network activity, and mouse movements by measuring time. This issue was addressed by limiting time resolution.", "id": "CVE-2015-5825", "impact": "The Performance API may allow a malicious website to leak browsing history, network activity, and mouse movements", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205265" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5 and OS X El Capitan v10.11", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "filedescriptior, Chris Evans", "description": "Safari allowed cross-origin stylesheets to be loaded with non-CSS MIME types which could be used for cross-origin data exfiltration. This issue was addressed by limiting MIME types for cross-origin stylesheets.", "id": "CVE-2015-5826", "impact": "A malicious website may exfiltrate data cross-origin", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205265" ], "module": "WebKit CSS", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5 and OS X El Capitan v10.11", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Gildas", "description": "An object leak issue broke the isolation boundary between origins. This issue was addressed through improved isolation between origins.", "id": "CVE-2015-5827", "impact": "Object references may be leaked between isolated origins on custom events, message events and pop state events", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205265" ], "module": "WebKit JavaScript Bindings", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5 and OS X El Capitan v10.11" ], "credit": "Lorenzo Fontana", "description": "The Safari plugins API did not communicate to plugins that a server-side redirect had happened. This could lead to unauthorized requests. This issue was addressed through improved API support.", "id": "CVE-2015-5828", "impact": "Safari plugins may send an HTTP request without knowing the request was redirected", "links": [ "https://support.apple.com/en-us/HT205265" ], "module": "WebKit Plug-ins", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, and Apple Watch Edition", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "M1x7e1 of Safeye Team (www.safeye.org)", "description": "Memory corruption issues existed in the processing of text files. These issues were addressed through improved bounds checking.", "id": "CVE-2015-5829", "impact": "Processing a maliciously crafted text file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205213" ], "module": "Data Detectors Engine", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later" ], "credit": "Yuki MIZUNO (@mzyy94)", "description": "Multiple memory corruption issues existed in the Intel Graphics Driver. These issues were addressed through improved memory handling.", "id": "CVE-2015-5830", "impact": "A local user may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT205267" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Maxime Villard of m00nbsd", "description": "An uninitialized memory issue in the kernel led to the disclosure of kernel memory content. This issue was addressed through improved memory initialization.", "id": "CVE-2015-5831", "impact": "A malicious application may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205267" ], "module": "NetworkExtension", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Kasif Dekel from Check Point Software Technologies", "description": "An issue existed in keychain deletion. This issue was addressed through improved account cleanup.", "id": "CVE-2015-5832", "impact": "AppleID credentials may persist in the keychain after sign out", "links": [ "https://support.apple.com/en-us/HT205212" ], "module": "iTunes Store", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later" ], "credit": "Carlos Moreira, Rainer Dorau of rainer dorau informationsdesign, Chris Nehren, Kai Takac, Hans Douma, Toni Vaahtera, and Jon Hall of Asynchrony", "description": "An issue existed with captured display locking. The issue was addressed through improved lock handling.", "id": "CVE-2015-5833", "impact": "The screen lock may not engage after the specified time period", "links": [ "https://support.apple.com/en-us/HT205267" ], "module": "Login Window", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, and Apple Watch Edition", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Cererdlong of Alibaba Mobile Security Team", "description": "An issue existed that led to the disclosure of kernel memory content. This issue was addressed through improved bounds checking.", "id": "CVE-2015-5834", "impact": "A malicious application may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205213" ], "module": "IOAcceleratorFamily", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Teun van Run of FiftyTwoDegreesNorth B.V.; XiaoFeng Wang of Indiana University, Luyi Xing of Indiana University, Tongxin Li of Peking University, Tongxin Li of Peking University, Xiaolong Bai of Tsinghua University", "description": "An issue existed that allowed a malicious app to intercept URL scheme communication between apps. This was mitigated by displaying a dialog when a URL scheme is used for the first time.", "id": "CVE-2015-5835", "impact": "A malicious app may be able to intercept communication between apps", "links": [ "https://support.apple.com/en-us/HT205212" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later" ], "credit": "XiaoFeng Wang of Indiana University, Luyi Xing of Indiana University, Tongxin Li of Peking University, Tongxin Li of Peking University, Xiaolong Bai of Tsinghua University", "description": "An issue existed in validation of access control lists for iCloud keychain items. This issue was addressed through improved access control list checks.", "id": "CVE-2015-5836", "impact": "A malicious application may gain access to a user's keychain items", "links": [ "https://support.apple.com/en-us/HT205267" ], "module": "Apple Online Store Kit", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, and Apple Watch Edition", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Zhaofeng Chen, Hui Xue, and Tao (Lenx) Wei of FireEye, Inc.", "description": "An issue existed in the validation of extensions during installation. This was addressed through improved app verification.", "id": "CVE-2015-5837", "impact": "A malicious enterprise application can install extensions before the application has been trusted", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205213" ], "module": "PluginKit", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Min (Spark) Zheng, Hui Xue, Tao (Lenx) Wei, John C.S. Lui", "description": "An access issue existed with privileged API calls. This issue was addressed through additional restrictions.", "id": "CVE-2015-5838", "impact": "A malicious application may be able to spoof another application's dialog windows", "links": [ "https://support.apple.com/en-us/HT205212" ], "module": "SpringBoard", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, and Apple Watch Edition", "Mac OS X v10.6.8 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "@PanguTeam", "description": "An issue existed with validation of the code signature of executables. This issue was addressed through improved bounds checking.", "id": "CVE-2015-5839", "impact": "An application may be able to bypass code signing", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205213", "https://support.apple.com/en-us/HT205267" ], "module": "Dev Tools", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, and Apple Watch Edition", "Mac OS X v10.6.8 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "an anonymous researcher", "description": "An overflow fault existed in the checkint division routines. This issue was addressed with improved division routines.", "id": "CVE-2015-5840", "impact": "Processing malicious data may lead to unexpected application termination", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205213", "https://support.apple.com/en-us/HT205267" ], "module": "removefile", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, and Apple Watch Edition", "Mac OS X v10.6.8 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Xiaofeng Zheng of Blue Lotus Team, Tsinghua University", "description": "An issue existed in the handling of proxy connect responses. This issue was addressed by removing the set-cookie header while parsing the connect response.", "id": "CVE-2015-5841", "impact": "Connecting to a malicious web proxy may set malicious cookies for a website", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205213", "https://support.apple.com/en-us/HT205267" ], "module": "CFNetwork Proxies", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, and Apple Watch Edition", "Mac OS X v10.6.8 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "beist of grayhash", "description": "An issue existed that led to the disclosure of kernel memory layout. This was addressed through improved initialization of kernel memory structures.", "id": "CVE-2015-5842", "impact": "A local user may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205213", "https://support.apple.com/en-us/HT205267" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, and Apple Watch Edition", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Filippo Bigarella", "description": "A memory corruption issue existed in IOMobileFrameBuffer. This issue was addressed through improved memory handling.", "id": "CVE-2015-5843", "impact": "A local user may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205213" ], "module": "IOMobileFrameBuffer", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, and Apple Watch Edition", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Filippo Bigarella", "description": "A memory corruption issue existed in the kernel. This issue was addressed through improved memory handling.", "id": "CVE-2015-5844", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205213" ], "module": "IOKit", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, and Apple Watch Edition", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Filippo Bigarella", "description": "A memory corruption issue existed in the kernel. This issue was addressed through improved memory handling.", "id": "CVE-2015-5845", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205213" ], "module": "IOKit", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, and Apple Watch Edition", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Filippo Bigarella", "description": "A memory corruption issue existed in the kernel. This issue was addressed through improved memory handling.", "id": "CVE-2015-5846", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205213" ], "module": "IOKit", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, and Apple Watch Edition", "Mac OS X v10.6.8 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Filippo Bigarella, Luca Todesco", "description": "A memory corruption issue existed in DiskImages. This issue was addressed through improved memory handling.", "id": "CVE-2015-5847", "impact": "A local user may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205213", "https://support.apple.com/en-us/HT205267" ], "module": "Disk Images", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, and Apple Watch Edition", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Filippo Bigarella", "description": "A memory corruption issue existed in IOAcceleratorFamily. This issue was addressed through improved memory handling.", "id": "CVE-2015-5848", "impact": "A local user may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205213" ], "module": "IOAcceleratorFamily", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later" ], "credit": "Jack Lawrence (@_jackhl)", "description": "An issue existed with Apple Event filtering that allowed some users to send events to other users. This was addressed by improved Apple Event handling.", "id": "CVE-2015-5849", "impact": "A user connected through screen sharing can send Apple Events to a local user's session", "links": [ "https://support.apple.com/en-us/HT205267" ], "module": "AppleEvents", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "an anonymous researcher", "description": "An issue existed in resetting failed passcode attempts with a backup of the iOS device. This was addressed through improved passcode failure logic.", "id": "CVE-2015-5850", "impact": "A local attacker may be able to reset failed passcode attempts with an iOS backup", "links": [ "https://support.apple.com/en-us/HT205212" ], "module": "AppleKeyStore", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Alban Diquet (@nabla_c0d3) of Data Theorem", "description": "An issue existed in convenience initializer handling in which encryption could be actively downgraded to a non-encrypted session. This issue was addressed by changing the convenience initializer to require encryption.", "id": "CVE-2015-5851", "impact": "A local attacker may be able to observe unprotected multipeer data", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205267" ], "module": "Multipeer Connectivity", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later" ], "credit": "an anonymous researcher", "description": "An issue existed in the processing of eSCL packets. This issue was addressed through improved validation checks.", "id": "CVE-2015-5853", "impact": "An attacker with a privileged network position may be able to extract payload from eSCL packets sent over a secure connection", "links": [ "https://support.apple.com/en-us/HT205267" ], "module": "AirScan", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later" ], "credit": "Jonas Magazinius of Assured AB", "description": "An issue existed in backups by the Time Machine framework. This issue was addressed through improved coverage of Time Machine backups.", "id": "CVE-2015-5854", "impact": "A local attacker may gain access to keychain items", "links": [ "https://support.apple.com/en-us/HT205267" ], "module": "Time Machine", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Nasser Alnasser", "description": "An issue existed in Game Center in the handling of a player's email. This issue was addressed through improved access restrictions.", "id": "CVE-2015-5855", "impact": "A malicious Game Center application may be able to access a player's email address", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205267" ], "module": "Game Center", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Zhaofeng Chen, Hui Xue, and Tao (Lenx) Wei of FireEye, Inc.", "description": "An issue existed with installation through ITMS links. This was addressed through additional installation verification.", "id": "CVE-2015-5856", "impact": "Clicking a malicious ITMS link may lead to a denial of service in an enterprise-signed application", "links": [ "https://support.apple.com/en-us/HT205212" ], "module": "Application Store", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Emre Saglam of salesforce.com", "description": "An issue existed in the handling of the sender's address. This issue was addressed through improved validation.", "id": "CVE-2015-5857", "impact": "An attacker can send an email that appears to come from a contact in the recipient's address book", "links": [ "https://support.apple.com/en-us/HT205212" ], "module": "Mail", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Xiaofeng Zheng of Blue Lotus Team, Tsinghua University", "description": "A URL parsing vulnerability existed in HSTS handling. This issue was addressed through improved URL parsing.", "id": "CVE-2015-5858", "impact": "A maliciously crafted URL may be able to bypass HSTS and leak sensitive data", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205267" ], "module": "CFNetwork HTTPProtocol", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Rosario Giustolisi of University of Luxembourg", "description": "An issue existed in the handling of HSTS preload list entries in Safari private browsing mode. This issue was addressed through improved state handling.", "id": "CVE-2015-5859", "impact": "An attacker with a privileged network position may be able to intercept network traffic", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205267" ], "module": "CFNetwork HTTPProtocol", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Sam Greenhalgh of RadicalResearch Ltd", "description": "An issue existed in the handling of HSTS state in Safari private browsing mode. This issue was addressed through improved state handling.", "id": "CVE-2015-5860", "impact": "A malicious website may be able to track users in Safari private browsing mode", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205267" ], "module": "CFNetwork HTTPProtocol", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Daniel Miedema of Meridian Apps", "description": "A lock screen issue allowed users to reply to audio messages when message previews were disabled. This issue was addressed through improved state management.", "id": "CVE-2015-5861", "impact": "A person with physical access to an iOS device can reply to an audio message from the lock screen when message previews from the lock screen are disabled", "links": [ "https://support.apple.com/en-us/HT205212" ], "module": "SpringBoard", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, and Apple Watch Edition", "Mac OS X v10.6.8 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "YoungJin Yoon of Information Security Lab. (Adv.: Prof. Taekyoung Kwon), Yonsei University, Seoul, Korea", "description": "A memory corruption issue existed in the handling of audio files. This issue issue was addressed through improved memory handling.", "id": "CVE-2015-5862", "impact": "Playing a malicious audio file may lead to an unexpected application termination", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205213", "https://support.apple.com/en-us/HT205267" ], "module": "Audio", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, and Apple Watch Edition", "Mac OS X v10.6.8 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Ilja van Sprundel of IOActive", "description": "A memory initialization issue existed in the kernel. This issue was addressed through improved memory handling.", "id": "CVE-2015-5863", "impact": "A local attacker may be able to read kernel memory", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205213", "https://support.apple.com/en-us/HT205267" ], "module": "IOStorageFamily", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later" ], "credit": "Luca Todesco", "description": "An issue existed in IOAudioFamily that led to the disclosure of kernel memory content. This issue was addressed by permuting kernel pointers.", "id": "CVE-2015-5864", "impact": "A local user may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT205267" ], "module": "IOAudioFamily", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later" ], "credit": "Luca Todesco", "description": "An issue existed in IOGraphics which could have led to the disclosure of kernel memory layout. This issue was addressed through improved memory management.", "id": "CVE-2015-5865", "impact": "A malicious application may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT205267" ], "module": "IOGraphics", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in IOHIDFamily. These issues were addressed through improved memory handling.", "id": "CVE-2015-5866", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT205267" ], "module": "IOHIDFamily", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "moony li of Trend Micro", "description": "Multiple memory corruption issues existed in IOHIDFamily. These issues were addressed through improved memory handling.", "id": "CVE-2015-5867", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205267" ], "module": "IOHIDFamily", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, and Apple Watch Edition", "Mac OS X v10.6.8 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Cererdlong of Alibaba Mobile Security Team", "description": "Multiple memory corruption issues existed in the Kernel. These issues were addressed through improved memory handling.", "id": "CVE-2015-5868", "impact": "A local user may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205213", "https://support.apple.com/en-us/HT205267" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, and Apple Watch Edition", "Mac OS X v10.6.8 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Dennis Spindel Ljungmark", "description": "An insufficient validation issue existed in the handling of IPv6 router advertisements that allowed an attacker to set the hop limit to an arbitrary value. This issue was addressed by enforcing a minimum hop limit.", "id": "CVE-2015-5869", "impact": "An attacker in a local LAN segment may disable IPv6 routing", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205213", "https://support.apple.com/en-us/HT205267" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later" ], "credit": "Apple", "description": "An issue existed in debugging interfaces that led to the disclosure of memory content. This issue was addressed by sanitizing output from debugging interfaces.", "id": "CVE-2015-5870", "impact": "A local user may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT205267" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later" ], "credit": "Ilja van Sprundel of IOActive", "description": "Multiple memory corruption issues existed in the kernel. These issues were addressed through improved memory handling.", "id": "CVE-2015-5871", "impact": "A local user may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT205267" ], "module": "IOGraphics", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later" ], "credit": "Ilja van Sprundel of IOActive", "description": "Multiple memory corruption issues existed in the kernel. These issues were addressed through improved memory handling.", "id": "CVE-2015-5872", "impact": "A local user may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT205267" ], "module": "IOGraphics", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later" ], "credit": "Ilja van Sprundel of IOActive", "description": "Multiple memory corruption issues existed in the kernel. These issues were addressed through improved memory handling.", "id": "CVE-2015-5873", "impact": "A local user may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT205267" ], "module": "IOGraphics", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, and Apple Watch Edition", "Mac OS X v10.6.8 and later", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "John Villamil (@day6reak), Yahoo Pentest Team", "description": "A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation.", "id": "CVE-2015-5874", "impact": "Processing a maliciously crafted font file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205213", "https://support.apple.com/en-us/HT205221", "https://support.apple.com/en-us/HT205267" ], "module": "CoreText", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later" ], "credit": "xisigr of Tencent's Xuanwu LAB (www.tencent.com)", "description": "A cross-site scripting issue existed in parsing text by the Notes application. This issue was addressed through improved input validation.", "id": "CVE-2015-5875", "impact": "A local user may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT205267" ], "module": "Notes", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, and Apple Watch Edition", "Mac OS X v10.6.8 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "beist of grayhash", "description": "A memory corruption issue existed in dyld. This was addressed through improved memory handling.", "id": "CVE-2015-5876", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205213", "https://support.apple.com/en-us/HT205267" ], "module": "Dev Tools", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later" ], "credit": "Camillus Gerard Cai", "description": "Multiple memory corruption issues existed in the Intel Graphics Driver. These issues were addressed through improved memory handling.", "id": "CVE-2015-5877", "impact": "A local user may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT205267" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later" ], "credit": "Craig Young of Tripwire VERT, an anonymous researcher", "description": "An issue existed in parsing links in the Notes application. This issue was addressed through improved input validation.", "id": "CVE-2015-5878", "impact": "A local user may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT205267" ], "module": "Notes", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Jonathan Looney", "description": "An issue existed in xnu's validation of TCP packet headers. This issue was addressed through improved TCP packet header validation.", "id": "CVE-2015-5879", "impact": "An attacker may be able to launch denial of service attacks on targeted TCP connections without knowing the correct sequence number", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205267" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Jin Han, Su Mon Kywe, Qiang Yan, Robert Deng, Debin Gao, Yingjiu Li of School of Information Systems Singapore Management University, Feng Bao and Jianying Zhou of Cryptography and Security Department Institute for Infocomm Research", "description": "Applications could access the screen framebuffer while they were in the background. This issue was addressed with improved access control on IOSurfaces.", "id": "CVE-2015-5880", "impact": "A malicious application may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT205212" ], "module": "CoreAnimation", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later" ], "credit": "Apple", "description": "launchd had no limit on the number of processes that could be started by a network connection. This issue was addressed by limiting the number of SSH processes to 40.", "id": "CVE-2015-5881", "impact": "Many SSH connections could cause a denial of service", "links": [ "https://support.apple.com/en-us/HT205267" ], "module": "libxpc", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, and Apple Watch Edition", "Mac OS X v10.6.8 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Pedro Vila\u00e7a, working from original research by Ming-chieh Pan and Sung-ting Tsai; Jonathan Levin", "description": "An issue existed where root processes using the processor_set_tasks API were allowed to retrieve the task ports of other processes. This issue was addressed through additional entitlement checks.", "id": "CVE-2015-5882", "impact": "A local process can modify other processes without entitlement checks", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205213", "https://support.apple.com/en-us/HT205267" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later" ], "credit": "Lukas Schauer (@lukas2511)", "description": "Terminal did not handle bidirectional override characters in the same way when displaying text and when selecting text. This issue was addressed by suppressing bidirectional override characters in Terminal.", "id": "CVE-2015-5883", "impact": "Maliciously crafted text could mislead the user in Terminal", "links": [ "https://support.apple.com/en-us/HT205267" ], "module": "Terminal", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later" ], "credit": "John McCombs of Integrated Mapping Ltd", "description": "An issue existed in handling encryption parameters for large email attachments sent via Mail Drop. The issue is addressed by no longer offering Mail Drop when sending an encrypted e-mail.", "id": "CVE-2015-5884", "impact": "An attacker in a privileged network position may be able to intercept attachments of S/MIME-encrypted e-mail sent via Mail Drop", "links": [ "https://support.apple.com/en-us/HT205267" ], "module": "Mail", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, and Apple Watch Edition", "Mac OS X v10.6.8 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Xiaofeng Zheng of Blue Lotus Team, Tsinghua University", "description": "A cross-domain cookie issue existed in the handling of top level domains. The issue was address through improved restrictions of cookie creation.", "id": "CVE-2015-5885", "impact": "An attacker in a privileged network position can track a user's activity", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205213", "https://support.apple.com/en-us/HT205267" ], "module": "CFNetwork Cookies", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later" ], "credit": "Benjamin Beurdouche, Karthikeyan Bhargavan, Antoine Delignat-Lavaud, Alfredo Pironti, and Jean Karim Zinzindohoue of INRIA Paris-Rocquencourt, and Cedric Fournet and Markulf Kohlweiss of Microsoft Research, Pierre-Yves Strub of IMDEA Software Institute", "description": "Secure Transport accepted the CertificateRequest message before the ServerKeyExchange message. This issue was addressed by requiring the ServerKeyExchange first.", "id": "CVE-2015-5887", "impact": "A remote server may prompt for a certificate before identifying itself", "links": [ "https://support.apple.com/en-us/HT205267" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later" ], "credit": "Apple", "description": "A restriction issue existed in the Install private framework containing a privileged executable. This issue was addressed by removing the executable.", "id": "CVE-2015-5888", "impact": "A local user may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/HT205267" ], "module": "Install Framework Legacy", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later" ], "credit": "Philip Pettersson", "description": "An issue existed in the usage of environment variables by the rsh binary. This issue was addressed by dropping setuid privileges from the rsh binary.", "id": "CVE-2015-5889", "impact": "A local user may be able to execute arbitrary code with root privileges", "links": [ "https://support.apple.com/en-us/HT205267" ], "module": "remote_cmds", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later" ], "credit": "Ilja van Sprundel of IOActive", "description": "Multiple memory corruption issues existed in the kernel. These issues were addressed through improved memory handling.", "id": "CVE-2015-5890", "impact": "A local user may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT205267" ], "module": "IOGraphics", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later" ], "credit": "Ilja van Sprundel of IOActive", "description": "A memory corruption issue existed in the kernel. This issue was addressed through improved memory handling.", "id": "CVE-2015-5891", "impact": "A local user may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT205267" ], "module": "SMB", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Robert S Mozayeni, Joshua Donvito", "description": "When a request was made to Siri, client side restrictions were not being checked by the server. This issue was addressed through improved restriction checking.", "id": "CVE-2015-5892", "impact": "A person with physical access to an iOS device may be able to use Siri to read notifications of content that is set not to be displayed at the lock screen", "links": [ "https://support.apple.com/en-us/HT205212" ], "module": "Siri", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later" ], "credit": "Ilja van Sprundel of IOActive", "description": "An issue existed in SMBClient that led to the disclosure of kernel memory content. This issue was addressed through improved bounds checking.", "id": "CVE-2015-5893", "impact": "A local user may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT205267" ], "module": "SMB", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later" ], "credit": "Hannes Oud of kWallet GmbH", "description": "The kSecRevocationRequirePositiveResponse flag was specified but not implemented. This issue was addressed by implementing the flag.", "id": "CVE-2015-5894", "impact": "A trust evaluation configured to require revocation checking may succeed even if revocation checking fails", "links": [ "https://support.apple.com/en-us/HT205267" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, and Apple Watch Edition", "Mac OS X v10.6.8 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Maxime Villard of m00nbsd", "description": "Multiple memory corruption issues existed in the Kernel. These issues were addressed through improved memory handling.", "id": "CVE-2015-5896", "impact": "A local user may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205213", "https://support.apple.com/en-us/HT205267" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later" ], "credit": "Dan Bastone of Gotham Digital Science", "description": "An issue existed in Address Book framework's handling of an environment variable. This issue was addressed through improved environment variable handling.", "id": "CVE-2015-5897", "impact": "A local attacker may be able to inject arbitrary code to processes loading the Address Book framework", "links": [ "https://support.apple.com/en-us/HT205267" ], "module": "Address Book", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, and Apple Watch Edition", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Andreas Kurtz of NESO Security Labs", "description": "Cache data was encrypted with a key protected only by the hardware UID. This issue was addressed by encrypting the cache data with a key protected by the hardware UID and the user's passcode.", "id": "CVE-2015-5898", "impact": "A person with physical access to an iOS device may read cache data from Apple apps", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205213" ], "module": "CFNetwork", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, and Apple Watch Edition", "Mac OS X v10.6.8 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Lufeng Li of Qihoo 360 Vulcan Team", "description": "A memory corruption issue existed in the kernel. This issue was addressed through improved memory handling.", "id": "CVE-2015-5899", "impact": "A local user may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205213", "https://support.apple.com/en-us/HT205267" ], "module": "libpthread", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later" ], "credit": "Xeno Kovah & Corey Kallenberg from LegbaCore", "description": "An issue existed with the addresses covered by the protected range register. This issue was fixed by changing the protected range.", "id": "CVE-2015-5900", "impact": "A malicious application can prevent some systems from booting", "links": [ "https://support.apple.com/en-us/HT205267" ], "module": "EFI", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later" ], "credit": "Apple", "description": "An issue existed in guaranteeing secure deletion of Trash files on some systems, such as those with flash storage. This issue was addressed by removing the \"Secure Empty Trash\" option.", "id": "CVE-2015-5901", "impact": "The \"Secure Empty Trash\" feature may not securely delete files placed in the Trash", "links": [ "https://support.apple.com/en-us/HT205267" ], "module": "Finder", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later" ], "credit": "Sergi Alvarez (pancake) of NowSecure Research Team", "description": "A state management issue existed in debugging functionality. This issue was addressed through improved validation.", "id": "CVE-2015-5902", "impact": "A local user may be able to cause a system denial of service", "links": [ "https://support.apple.com/en-us/HT205267" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, and Apple Watch Edition", "Mac OS X v10.6.8 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "CESG", "description": "Multiple memory corruption issues existed in the Kernel. These issues were addressed through improved memory handling.", "id": "CVE-2015-5903", "impact": "A local user may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205213", "https://support.apple.com/en-us/HT205267" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Erling Ellingsen of Facebook, \u0141ukasz Pilorz", "description": "An issue may have allowed a website to display content with a URL from a different website. This issue was addressed through improved URL handling.", "id": "CVE-2015-5904", "impact": "Visiting a malicious website may lead to user interface spoofing", "links": [ "https://support.apple.com/en-us/HT205212" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Keita Haga of keitahaga.com", "description": "Navigating to a malicious website with a malformed window opener may have allowed the display of arbitrary URLs. This issue was addressed through improved handling of window openers.", "id": "CVE-2015-5905", "impact": "Visiting a malicious website may lead to user interface spoofing", "links": [ "https://support.apple.com/en-us/HT205212" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Louis Romero of Google Inc.", "description": "An issue existed in WebKit's handling of password input context. This issue was addressed through improved input context handling.", "id": "CVE-2015-5906", "impact": "QuickType may learn the last character of a password in a filled-in web form", "links": [ "https://support.apple.com/en-us/HT205212" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Yaoqi Jia of National University of Singapore (NUS)", "description": "An issue existed in the handling of resource caches on sites with invalid certificates. The issue was addressed by rejecting the application cache of domains with invalid certificates.", "id": "CVE-2015-5907", "impact": "An attacker in a privileged network position may be able to redirect to a malicious domain", "links": [ "https://support.apple.com/en-us/HT205212" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.4 or later" ], "credit": "Daniel Tomlinson of Rocket Apps, David Gatwood of Anchorfree", "description": "An access issue existed in the handling of repository email lists. This issue was addressed through improved validation.", "id": "CVE-2015-5909", "impact": "Build notifications may be sent to unintended recipients", "links": [ "https://support.apple.com/en-us/HT205217" ], "module": "IDE Xcode Server", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.4 or later" ], "credit": "an anonymous researcher", "description": "Connections to Xcode Server may have been made without encryption. This issue was addressed through improved network connection logic.", "id": "CVE-2015-5910", "impact": "An attacker with a privileged network position may be able to inspect traffic to Xcode Server", "links": [ "https://support.apple.com/en-us/HT205217" ], "module": "IDE Xcode Server", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.5 or later" ], "credit": "Zachary Jones of WhiteHat Security Threat Research Center", "description": "Multiple XML vulnerabilities existed in Wiki Server based on Twisted. This issue was addressed by removing Twisted.", "id": "CVE-2015-5911", "impact": "Multiple XML security issues in Wiki Server", "links": [ "https://support.apple.com/en-us/HT205219" ], "module": "Wiki Server", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Amit Klein", "description": "An issue existed in the handling of FTP packets when using the PASV command. This issue was resolved through improved validation.", "id": "CVE-2015-5912", "impact": "Malicious FTP servers may be able to cause the client to perform reconnaissance on other hosts", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205267" ], "module": "CFNetwork FTPProtocol", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later" ], "credit": "Tarun Chopra of Microsoft Corporation, U.S. and Yu Fan of Microsoft Corporation, China", "description": "An authentication issue existed in Kerberos credentials. This issue was addressed through additional validation of credentials using a list of recently seen credentials.", "id": "CVE-2015-5913", "impact": "An attacker may be able to replay Kerberos credentials to the SMB server", "links": [ "https://support.apple.com/en-us/HT205267" ], "module": "Heimdal", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later" ], "credit": "Trammell Hudson of Two Sigma Investments and snare", "description": "Apple Ethernet Thunderbolt adapters could modify the host firmware if connected during an EFI update. This issue was addressed by not loading option ROMs during updates.", "id": "CVE-2015-5914", "impact": "A malicious Apple Ethernet Thunderbolt adapter may be able to affect firmware flashing", "links": [ "https://support.apple.com/en-us/HT205267" ], "module": "EFI", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later" ], "credit": "Peter Walz of University of Minnesota, David Ephron, Eric E. Lawrence, Apple", "description": "A state management issue existed in the way keychain lock status was tracked. This issue was addressed through improved state management.", "id": "CVE-2015-5915", "impact": "The lock state of the keychain may be incorrectly displayed to the user", "links": [ "https://support.apple.com/en-us/HT205267" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "Apple Watch Sport, Apple Watch, and Apple Watch Edition", "iPhone 6 and iPhone 6 Plus" ], "credit": "", "description": "The transaction log functionality was enabled in certain configurations. This issue was addressed by removing the transaction log functionality. This update additionally addresses the issue for Apple Watches manufactured with watchOS 2.", "id": "CVE-2015-5916", "impact": "Some cards may allow a terminal to retrieve limited recent transaction information when making a payment", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205213", "https://support.apple.com/en-us/HT205378" ], "module": "Apple Pay", "rsr": "", "update": "" }, { "available": [ "Mac OS X v10.6.8 and later" ], "credit": "Maksymilian Arciemowicz of cxsecurity.com", "description": "A glob-processing issue existed in tnftpd. This issue was addressed through improved glob validation.", "id": "CVE-2015-5917", "impact": "A remote attacker may be able to deny service to the FTP server", "links": [ "https://support.apple.com/en-us/HT205267" ], "module": "lukemftpd", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, and Apple Watch Edition" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in the kernel. These issues were addressed through improved memory handling.", "id": "CVE-2015-5918", "impact": "A local user may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT205213" ], "module": "GasGauge", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, and Apple Watch Edition" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in the kernel. These issues were addressed through improved memory handling.", "id": "CVE-2015-5919", "impact": "A local user may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT205213" ], "module": "GasGauge", "rsr": "", "update": "" }, { "available": [ "Windows 7 and later" ], "credit": "Cylance", "description": "A redirection issue existed in the handling of certain network connections. This issue was addressed through improved resource validation.", "id": "CVE-2015-5920", "impact": "An attacker in a privileged network position may be able to obtain encrypted SMB credentials", "links": [ "https://support.apple.com/en-us/HT205221" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Mickey Shkatov of the Intel(r) Advanced Threat Research Team, Daoyuan Wu of Singapore Management University, Rocky K. C. Chang of Hong Kong Polytechnic University, \u0141ukasz Pilorz, superhei of www.knownsec.com", "description": "An issue existed with Content-Disposition headers containing type attachment. This issue was addressed by disallowing some functionality for type attachment pages.", "id": "CVE-2015-5921", "impact": "An attacker in a privileged network position may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT205212" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, and Apple Watch Edition", "Mac OS X v10.6.8 and later", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Mark Brand of Google Project Zero", "description": "Multiple vulnerabilities existed in ICU versions prior to 53.1.0. These issues were addressed by updating ICU to version 55.1.", "id": "CVE-2015-5922", "impact": "Multiple vulnerabilities in ICU", "links": [ "https://support.apple.com/en-us/HT205212", "https://support.apple.com/en-us/HT205213", "https://support.apple.com/en-us/HT205221", "https://support.apple.com/en-us/HT205267" ], "module": "ICU", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "", "description": "A lock screen issue allowed access to photos and contacts on a locked device. This issue was addressed by restricting options offered on a locked device.", "id": "CVE-2015-5923", "impact": "A person with physical access to an iOS device may be able to access photos and contacts from the lock screen", "links": [ "https://support.apple.com/en-us/HT205284" ], "module": "Lock Screen", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "A memory corruption issue existed in OpenGL. This issue was addressed through improved memory handling.", "id": "CVE-2015-5924", "impact": "Visiting a maliciously crafted website may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205370", "https://support.apple.com/en-us/HT205375" ], "module": "OpenGL", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in CoreGraphics. These issues were addressed through improved memory handling.", "id": "CVE-2015-5925", "impact": "Visiting a maliciously crafted website may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205370", "https://support.apple.com/en-us/HT205375", "https://support.apple.com/en-us/HT205378" ], "module": "CoreGraphics", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in CoreGraphics. These issues were addressed through improved memory handling.", "id": "CVE-2015-5926", "impact": "Visiting a maliciously crafted website may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205370", "https://support.apple.com/en-us/HT205375", "https://support.apple.com/en-us/HT205378" ], "module": "CoreGraphics", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in the handling of font files. These issues were addressed through improved bounds checking.", "id": "CVE-2015-5927", "impact": "Processing a maliciously crafted font file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205370", "https://support.apple.com/en-us/HT205375", "https://support.apple.com/en-us/HT205378" ], "module": "FontParser", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.1", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-5928", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may result in unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205370", "https://support.apple.com/en-us/HT205372", "https://support.apple.com/en-us/HT205377" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.1", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-5929", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may result in unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205370", "https://support.apple.com/en-us/HT205372", "https://support.apple.com/en-us/HT205377" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.1", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-5930", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may result in unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205370", "https://support.apple.com/en-us/HT205372", "https://support.apple.com/en-us/HT205377" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.1", "Windows 7 and later" ], "credit": "", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-5931", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may result in unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205372", "https://support.apple.com/en-us/HT205377" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.5" ], "credit": "Luca Todesco (@qwertyoruiop), Filippo Bigarella", "description": "A type confusion issue existed in the validation of Mach tasks. This issue was addressed through improved Mach task validation.", "id": "CVE-2015-5932", "impact": "A local user may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT205375" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in the handling of audio files. These issues were addressed through improved memory handling.", "id": "CVE-2015-5933", "impact": "Playing a malicious audio file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205375" ], "module": "Audio", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in the handling of audio files. These issues were addressed through improved memory handling.", "id": "CVE-2015-5934", "impact": "Playing a malicious audio file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205375" ], "module": "Audio", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5 and OS X Yosemite v10.10.5", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in the parsing of image metadata. These issues were addressed through improved metadata validation.", "id": "CVE-2015-5935", "impact": "Processing a maliciously crafted image file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205370", "https://support.apple.com/en-us/HT205375", "https://support.apple.com/en-us/HT205378" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in the parsing of image metadata. These issues were addressed through improved metadata validation.", "id": "CVE-2015-5936", "impact": "Processing a maliciously crafted image file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205370", "https://support.apple.com/en-us/HT205375", "https://support.apple.com/en-us/HT205378" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in the parsing of image metadata. These issues were addressed through improved metadata validation.", "id": "CVE-2015-5937", "impact": "Processing a maliciously crafted image file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205370", "https://support.apple.com/en-us/HT205375", "https://support.apple.com/en-us/HT205378" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5 and OS X Yosemite v10.10.5" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in the parsing of image metadata. These issues were addressed through improved metadata validation.", "id": "CVE-2015-5938", "impact": "Processing a maliciously crafted image file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205375" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in the parsing of image metadata. These issues were addressed through improved metadata validation.", "id": "CVE-2015-5939", "impact": "Processing a maliciously crafted image file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205370", "https://support.apple.com/en-us/HT205375", "https://support.apple.com/en-us/HT205378" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "A memory corruption issue existed in the Accelerate Framework in multi-threading mode. This issue was addressed through improved accessor element validation and improved object locking.", "id": "CVE-2015-5940", "impact": "Visiting a maliciously crafted website may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205370", "https://support.apple.com/en-us/HT205375" ], "module": "Accelerate Framework", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "", "description": "Multiple memory corruption issues existed in the handling of font files. These issues were addressed through improved bounds checking.", "id": "CVE-2015-5942", "impact": "Processing a maliciously crafted font file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205370", "https://support.apple.com/en-us/HT205375", "https://support.apple.com/en-us/HT205378" ], "module": "FontParser", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan 10.11" ], "credit": "", "description": "A method existed for applications to create synthetic clicks on keychain prompts. This was addressed by disabling synthetic clicks for keychain access windows.", "id": "CVE-2015-5943", "impact": "A malicious application can programmatically control keychain access prompts", "links": [ "https://support.apple.com/en-us/HT205375" ], "module": "SecurityAgent", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5 and OS X Yosemite v10.10.5" ], "credit": "John Villamil (@day6reak), Yahoo Pentest Team", "description": "Multiple memory corruption issues existed in the handling of font files. These issues were addressed through improved bounds checking.", "id": "CVE-2015-5944", "impact": "Processing a maliciously crafted font file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205375" ], "module": "CoreText", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan 10.11" ], "credit": "Rich Trouton (@rtrouton), Howard Hughes Medical Institute, Apple", "description": "An input validation issue existed when handling NVRAM parameters. This issue was addressed through improved validation.", "id": "CVE-2015-5945", "impact": "A local user may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT205375" ], "module": "Sandbox", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite 10.10.5, OS X El Capitan 10.11.1 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in BIND versions prior to 9.9.7-P3, one of which may have allowed a remote attacker to cause a denial of service. These issues were addressed by updating BIND to version 9.9.7-P3.", "id": "CVE-2015-5986", "impact": "Multiple vulnerabilities in BIND", "links": [ "https://support.apple.com/en-us/HT205376" ], "module": "BIND", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan 10.11" ], "credit": "Moritz Jodeit of Blue Frost Security GmbH", "description": "A privilege separation issue existed in PAM support. This issue was addressed with improved authorization checks.", "id": "CVE-2015-6563", "impact": "A local user may be able to conduct impersonation attacks", "links": [ "https://support.apple.com/en-us/HT205375" ], "module": "OpenSSH", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.5.29 and 5.4.45. These were addressed by updating PHP to versions 5.5.29 and 5.4.45.", "id": "CVE-2015-6834", "impact": "Multiple vulnerabilities in PHP", "links": [ "https://support.apple.com/en-us/HT205375" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.5.29 and 5.4.45. These were addressed by updating PHP to versions 5.5.29 and 5.4.45.", "id": "CVE-2015-6835", "impact": "Multiple vulnerabilities in PHP", "links": [ "https://support.apple.com/en-us/HT205375" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.5.29 and 5.4.45. These were addressed by updating PHP to versions 5.5.29 and 5.4.45.", "id": "CVE-2015-6836", "impact": "Multiple vulnerabilities in PHP", "links": [ "https://support.apple.com/en-us/HT205375" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.5.29 and 5.4.45. These were addressed by updating PHP to versions 5.5.29 and 5.4.45.", "id": "CVE-2015-6837", "impact": "Multiple vulnerabilities in PHP", "links": [ "https://support.apple.com/en-us/HT205375" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.5.29 and 5.4.45. These were addressed by updating PHP to versions 5.5.29 and 5.4.45.", "id": "CVE-2015-6838", "impact": "Multiple vulnerabilities in PHP", "links": [ "https://support.apple.com/en-us/HT205375" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and v10.11.1" ], "credit": "", "description": "An input validation issue existed in OpenLDAP. This issue was addressed through improved input validation.", "id": "CVE-2015-6908", "impact": "A remote unauthenticated client may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT205637" ], "module": "OpenLDAP", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan 10.11", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Luca Todesco (@qwertyoruiop)", "description": "A memory corruption issue existed in the kernel. This issue was addressed through improved memory handling.", "id": "CVE-2015-6974", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT205370", "https://support.apple.com/en-us/HT205375", "https://support.apple.com/en-us/HT205378" ], "module": "IOHIDFamily", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.5 and OS X El Capitan 10.11", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "John Villamil (@day6reak), Yahoo Pentest Team", "description": "Multiple memory corruption issues existed in the processing of text files. These issues were addressed through improved memory handling.", "id": "CVE-2015-6975", "impact": "Applications that use CoreText may be vulnerable to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205370", "https://support.apple.com/en-us/HT205372", "https://support.apple.com/en-us/HT205375" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "John Villamil (@day6reak), Yahoo Pentest Team", "description": "Multiple memory corruption issues existed in the handling of font files. These issues were addressed through improved bounds checking.", "id": "CVE-2015-6976", "impact": "Processing a maliciously crafted font file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205370", "https://support.apple.com/en-us/HT205375" ], "module": "FontParser", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "John Villamil (@day6reak), Yahoo Pentest Team", "description": "Multiple memory corruption issues existed in the handling of font files. These issues were addressed through improved bounds checking.", "id": "CVE-2015-6977", "impact": "Processing a maliciously crafted font file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205370", "https://support.apple.com/en-us/HT205375" ], "module": "FontParser", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Jaanus Kp, Clarified Security, working with HP's Zero Day Initiative", "description": "Multiple memory corruption issues existed in the processing of font files. These issues were addressed through improved bounds checking.", "id": "CVE-2015-6978", "impact": "Processing a maliciously crafted font file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205370", "https://support.apple.com/en-us/HT205375", "https://support.apple.com/en-us/HT205641" ], "module": "FontParser", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "PanguTeam", "description": "A memory corruption issue existed in the kernel. This issue was addressed through improved memory handling.", "id": "CVE-2015-6979", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT205370", "https://support.apple.com/en-us/HT205641" ], "module": "GasGauge", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11" ], "credit": "Michael of Westside Community Schools", "description": "An authentication issue existed during the establishment of new sessions. This issue was addressed through improved authorization checks.", "id": "CVE-2015-6980", "impact": "A local user may be able to execute arbitrary code with root privileges", "links": [ "https://support.apple.com/en-us/HT205375" ], "module": "Directory Utility", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-6981", "impact": "Visiting a maliciously crafted website may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205370" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-6982", "impact": "Visiting a maliciously crafted website may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205370" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan 10.11", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "David Benjamin, Greg Kerr, Mark Mentovai and Sergey Ulanov from the Chrome Team", "description": "A double free issue existed in the handling of AtomicBufferedFile descriptors. This issue was addressed through improved validation of AtomicBufferedFile descriptors.", "id": "CVE-2015-6983", "impact": "A malicious application may be able to overwrite arbitrary files", "links": [ "https://support.apple.com/en-us/HT205370", "https://support.apple.com/en-us/HT205375" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11" ], "credit": "Christopher Crone of Infinit, Jonathan Schleifer", "description": "An issue existed within the path validation logic for symlinks. This issue was addressed through improved path sanitization.", "id": "CVE-2015-6984", "impact": "A malicious application may be able to overwrite arbitrary files", "links": [ "https://support.apple.com/en-us/HT205375" ], "module": "libarchive", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11" ], "credit": "John Villamil (@day6reak), Yahoo Pentest Team", "description": "A memory corruption issue existed in ATS. This issue was addressed through improved memory handling.", "id": "CVE-2015-6985", "impact": "Visiting a maliciously crafted webpage may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205375" ], "module": "ATS", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Proteas of Qihoo 360 Nirvan Team", "description": "A type confusion issue existed in AppleVXD393. This issue was addressed through improved memory handling.", "id": "CVE-2015-6986", "impact": "Executing a malicious application may result in arbitrary code execution within the kernel", "links": [ "https://support.apple.com/en-us/HT205370" ], "module": "Graphics Driver", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan 10.11" ], "credit": "Luca Todesco (@qwertyoruiop)", "description": "An input validation issue existed in parsing bookmark metadata. This issue was addressed through improved validation checks.", "id": "CVE-2015-6987", "impact": "Browsing to a folder with malformed bookmarks may cause unexpected application termination", "links": [ "https://support.apple.com/en-us/HT205375" ], "module": "File Bookmark", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan 10.11", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "The Brainy Code Scanner (m00nbsd)", "description": "An uninitialized memory issue existed in the kernel. This issue was addressed through improved memory initialization.", "id": "CVE-2015-6988", "impact": "An attacker with a privileged network position may be able to execute arbitrary code", "links": [ "https://support.apple.com/en-us/HT205370", "https://support.apple.com/en-us/HT205375" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Yosemite v10.10.5 and OS X El Capitan 10.11", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "A memory corruption issue existed in the handling of dispatch calls. This issue was addressed through improved memory handling.", "id": "CVE-2015-6989", "impact": "Processing a maliciously crafted package may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205370", "https://support.apple.com/en-us/HT205375", "https://support.apple.com/en-us/HT205378" ], "module": "Grand Central Dispatch", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan 10.11", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "John Villamil (@day6reak), Yahoo Pentest Team", "description": "Multiple memory corruption issues existed in the handling of font files. These issues were addressed through improved bounds checking.", "id": "CVE-2015-6990", "impact": "Processing a maliciously crafted font file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205370", "https://support.apple.com/en-us/HT205375" ], "module": "FontParser", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "John Villamil (@day6reak), Yahoo Pentest Team", "description": "Multiple memory corruption issues existed in the handling of font files. These issues were addressed through improved bounds checking.", "id": "CVE-2015-6991", "impact": "Processing a maliciously crafted font file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205370", "https://support.apple.com/en-us/HT205375" ], "module": "FontParser", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "John Villamil (@day6reak), Yahoo Pentest Team", "description": "Multiple memory corruption issues existed in the processing of text files. These issues were addressed through improved memory handling.", "id": "CVE-2015-6992", "impact": "Applications that use CoreText may be vulnerable to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205370", "https://support.apple.com/en-us/HT205372", "https://support.apple.com/en-us/HT205375" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "John Villamil (@day6reak), Yahoo Pentest Team", "description": "Multiple memory corruption issues existed in the handling of font files. These issues were addressed through improved bounds checking.", "id": "CVE-2015-6993", "impact": "Processing a maliciously crafted font file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205370", "https://support.apple.com/en-us/HT205375" ], "module": "FontParser", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan 10.11", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Mark Mentovai of Google Inc.", "description": "An issue existed when reusing virtual memory. This issue was addressed through improved validation.", "id": "CVE-2015-6994", "impact": "A local application may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT205370", "https://support.apple.com/en-us/HT205375" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan 10.11", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Ian Beer of Google Project Zero", "description": "A memory corruption issue existed in the parsing of disk images. This issue was addressed through improved memory handling.", "id": "CVE-2015-6995", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT205370", "https://support.apple.com/en-us/HT205375" ], "module": "Disk Images", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Ian Beer of Google Project Zero", "description": "A memory corruption issue existed in IOAcceleratorFamily. This issue was addressed through improved memory handling.", "id": "CVE-2015-6996", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT205370", "https://support.apple.com/en-us/HT205375", "https://support.apple.com/en-us/HT205378" ], "module": "IOAcceleratorFamily", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "The kSecRevocationRequirePositiveResponse flag was specified but not implemented. This issue was addressed by implementing the flag.", "id": "CVE-2015-6997", "impact": "A trust evaluation configured to require revocation checking may succeed even if revocation checking fails", "links": [ "https://support.apple.com/en-us/HT205370", "https://support.apple.com/en-us/HT205641" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "A validation issue existed in the OCSP client. This issue was addressed by checking the OCSP certificate's expiration time.", "id": "CVE-2015-6999", "impact": "An attacker may be able to make a revoked certificate appear valid", "links": [ "https://support.apple.com/en-us/HT205370" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "William Redwood of Hampton School", "description": "When \"Show on Lock Screen\" was turned off for Phone or Messages, configuration changes were not immediately applied. This issue was addressed through improved state management.", "id": "CVE-2015-7000", "impact": "Phone and Messages notifications may appear on the lock screen even when disabled", "links": [ "https://support.apple.com/en-us/HT205370" ], "module": "Notification Center", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 and v10.11.1", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Razvan Deaconescu and Mihai Bucicoiu of University POLITEHNICA of Bucharest; Luke Deshotels and William Enck of North Carolina State University; Lucas Vincenzo Davi and Ahmad-Reza Sadeghi of TU Darmstadt", "description": "An issue existed in the sandbox's handling of hard links. This issue was addressed through improved hardening of the app sandbox.", "id": "CVE-2015-7001", "impact": "A malicious application may maintain access to Contacts after having access revoked", "links": [ "https://support.apple.com/en-us/HT205635", "https://support.apple.com/en-us/HT205637", "https://support.apple.com/en-us/HT205641" ], "module": "AppSandbox", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.1", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-7002", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may result in unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205370", "https://support.apple.com/en-us/HT205372", "https://support.apple.com/en-us/HT205377" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan 10.11" ], "credit": "Mark Brand of Google Project Zero", "description": "An uninitialized memory issue existed in coreaudiod. This issue was addressed through improved memory initialization.", "id": "CVE-2015-7003", "impact": "A malicious application may be able to execute arbitrary code", "links": [ "https://support.apple.com/en-us/HT205375" ], "module": "Audio", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Sergi Alvarez (pancake) of NowSecure Research Team", "description": "An input validation issue existed in the kernel. This issue was addressed through improved input validation.", "id": "CVE-2015-7004", "impact": "A local application may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT205370" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-7005", "impact": "Visiting a maliciously crafted website may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205370" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan 10.11", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Mark Dowd of Azimuth Security", "description": "A file traversal vulnerability existed in the handling of CPIO archives. This issue was addressed through improved validation of metadata.", "id": "CVE-2015-7006", "impact": "Unpacking a maliciously crafted archive may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205370", "https://support.apple.com/en-us/HT205375", "https://support.apple.com/en-us/HT205378" ], "module": "Bom", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan 10.11" ], "credit": "Joe Vennix", "description": "In some circumstances, Script Editor did not ask for user confirmation before executing AppleScripts. This issue was addressed by prompting for user confirmation before executing AppleScripts.", "id": "CVE-2015-7007", "impact": "An attacker may trick a user into running arbitrary AppleScript", "links": [ "https://support.apple.com/en-us/HT205375" ], "module": "Script Editor", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan 10.11", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "John Villamil (@day6reak), Yahoo Pentest Team", "description": "Multiple memory corruption issues existed in the handling of font files. These issues were addressed through improved bounds checking.", "id": "CVE-2015-7008", "impact": "Processing a maliciously crafted font file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205370", "https://support.apple.com/en-us/HT205375" ], "module": "FontParser", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "John Villamil (@day6reak), Yahoo Pentest Team", "description": "Multiple memory corruption issues existed in the handling of font files. These issues were addressed through improved bounds checking.", "id": "CVE-2015-7009", "impact": "Processing a maliciously crafted font file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205370", "https://support.apple.com/en-us/HT205375" ], "module": "FontParser", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "John Villamil (@day6reak), Yahoo Pentest Team", "description": "Multiple memory corruption issues existed in the handling of font files. These issues were addressed through improved bounds checking.", "id": "CVE-2015-7010", "impact": "Processing a maliciously crafted font file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205370", "https://support.apple.com/en-us/HT205375" ], "module": "FontParser", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.1", "Windows 7 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-7011", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may result in unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205372", "https://support.apple.com/en-us/HT205377" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.1", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-7012", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may result in unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205370", "https://support.apple.com/en-us/HT205372", "https://support.apple.com/en-us/HT205377" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.1", "Windows 7 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-7013", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may result in unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205372", "https://support.apple.com/en-us/HT205377" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.1", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-7014", "impact": "A man-in-the-middle attack while browsing the iTunes Store via iTunes may result in unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205370", "https://support.apple.com/en-us/HT205372", "https://support.apple.com/en-us/HT205377" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan 10.11", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "PanguTeam", "description": "A heap based buffer overflow issue existed in the DNS client library. A malicious application with the ability to spoof responses from the local configd service may have been able to cause arbitrary code execution in DNS clients.", "id": "CVE-2015-7015", "impact": "A malicious application may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/HT205370", "https://support.apple.com/en-us/HT205375", "https://support.apple.com/en-us/HT205378" ], "module": "configd", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.5 and OS X El Capitan 10.11" ], "credit": "Apple", "description": "An entitlement validation issue existed in Managed Configuration. A developer-signed app could bypass restrictions on use of restricted entitlements and elevate privileges. This issue was addressed through improved provisioning profile validation.", "id": "CVE-2015-7016", "impact": "A developer-signed executable may acquire restricted entitlements", "links": [ "https://support.apple.com/en-us/HT205375" ], "module": "MCX Application Restrictions", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan 10.11", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "John Villamil (@day6reak), Yahoo Pentest Team", "description": "Multiple memory corruption issues existed in the processing of text files. These issues were addressed through improved memory handling.", "id": "CVE-2015-7017", "impact": "Applications that use CoreText may be vulnerable to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205370", "https://support.apple.com/en-us/HT205372", "https://support.apple.com/en-us/HT205375" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "John Villamil (@day6reak), Yahoo Pentest Team", "description": "Multiple memory corruption issues existed in the handling of font files. These issues were addressed through improved bounds checking.", "id": "CVE-2015-7018", "impact": "Processing a maliciously crafted font file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205370", "https://support.apple.com/en-us/HT205375" ], "module": "FontParser", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan 10.11" ], "credit": "Ian Beer of Google Project Zero", "description": "Multiple out of bounds read issues existed in the NVIDIA graphics driver. These issues were addressed through improved bounds checking.", "id": "CVE-2015-7019", "impact": "A local user may be able to cause unexpected system termination or read kernel memory", "links": [ "https://support.apple.com/en-us/HT205375" ], "module": "Graphics Drivers", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan 10.11" ], "credit": "Moony Li of Trend Micro", "description": "Multiple out of bounds read issues existed in the NVIDIA graphics driver. These issues were addressed through improved bounds checking.", "id": "CVE-2015-7020", "impact": "A local user may be able to cause unexpected system termination or read kernel memory", "links": [ "https://support.apple.com/en-us/HT205375" ], "module": "Graphics Drivers", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan 10.11" ], "credit": "Moony Li of Trend Micro", "description": "A memory corruption issue existed in the kernel. This issue was addressed through improved memory handling.", "id": "CVE-2015-7021", "impact": "A local user may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT205375" ], "module": "Graphics Drivers", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Andreas Kurtz of NESO Security Labs", "description": "An issue existed in the authorization checks for querying phone call status. This issue was addressed through additional authorization state queries.", "id": "CVE-2015-7022", "impact": "A malicious application may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT205370" ], "module": "Telephony", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan 10.11", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Marvin Scholz and Michael Lutonsky; Xiaofeng Zheng and Jinjin Liang of Tsinghua University, Jian Jiang of University of California, Berkeley, Haixin Duan of Tsinghua University and International Computer Science Institute, Shuo Chen of Microsoft Research Redmond, Tao Wan of Huawei Canada, Nicholas Weaver of International Computer Science Institute and University of California, Berkeley, coordinated via CERT/CC", "description": "A parsing issue existed when handling cookies with different letter casing. This issue was addressed through improved parsing.", "id": "CVE-2015-7023", "impact": "Visiting a maliciously crafted website may lead to cookies being overwritten", "links": [ "https://support.apple.com/en-us/HT205370", "https://support.apple.com/en-us/HT205375" ], "module": "CFNetwork", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11" ], "credit": "Patrick Wardle of Synack", "description": "Certain Apple-signed executables loaded applications from relative locations. This was addressed through additional checks in Gatekeeper.", "id": "CVE-2015-7024", "impact": "An Apple-signed binary could be used to load arbitrary files", "links": [ "https://support.apple.com/en-us/HT205375" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.5 or later" ], "credit": "an anonymous researcher", "description": "A type conversion issue existed that could lead to conversions returning unexpected values. This issue was addressed through improved type checking.", "id": "CVE-2015-7030", "impact": "Swift programs performing certain type conversions may receive unexpected values", "links": [ "https://support.apple.com/en-us/HT205379" ], "module": "Swift", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite 10.10.5, OS X El Capitan 10.11.1 or later" ], "credit": "an anonymous researcher", "description": "An HTTP header field reference was missing from the configuration files. This issue was addressed by adding the HTTP header field reference to the configuration file.", "id": "CVE-2015-7031", "impact": "A remote attacker may be able to bypass access restrictions", "links": [ "https://support.apple.com/en-us/HT205376" ], "module": "Web Service", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.4 or later, iOS 8.4 or later" ], "credit": "Behrouz Sadeghipour (@Nahamsec) and Patrik Fehrenbach (@ITSecurityguard)", "description": "Multiple input validation issues existed in parsing a maliciously crafted document. These issues were addressed through improved input validation.", "id": "CVE-2015-7032", "impact": "Opening a maliciously crafted document may lead to compromise of user information", "links": [ "https://support.apple.com/en-us/HT205373" ], "module": "Keynote, Pages, and Numbers", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.4 or later, iOS 8.4 or later" ], "credit": "Felix Groebert of the Google Security Team", "description": "A memory corruption issue existed in parsing a maliciously crafted document. This issue was addressed through improved memory handling.", "id": "CVE-2015-7033", "impact": "Opening a maliciously crafted document may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205373" ], "module": "Keynote, Pages, and Numbers", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.4 or later, iOS 8.4 or later" ], "credit": "Felix Groebert of the Google Security Team", "description": "A memory corruption issue existed in parsing a maliciously crafted Pages document. This issue was addressed through improved memory handling.", "id": "CVE-2015-7034", "impact": "Opening a maliciously crafted Pages document may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205373" ], "module": "Pages", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 to v10.10.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Peter Rutenbar working with HP's Zero Day Initiative", "description": "An API issue existed in SQLite functionality. This was addressed through improved restrictions.", "id": "CVE-2015-7036", "impact": "A maliciously crafted SQL command may allow unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT204941", "https://support.apple.com/en-us/HT204942" ], "module": "SQLite", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "PanguTeam", "description": "A path validation issue existed in Mobile Backup. This was addressed through improved environment sanitization.", "id": "CVE-2015-7037", "impact": "An attacker may be able to use the backup system to access restricted areas of the file system", "links": [ "https://support.apple.com/en-us/HT205635" ], "module": "Photos", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 and v10.11.1", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Brian D. Wells of E. W. Scripps, Narayan Subramanian of Symantec Corporation/Veritas LLC", "description": "Multiple buffer overflows existed in the C standard library. These issues were addressed through improved bounds checking.", "id": "CVE-2015-7038", "impact": "Processing a maliciously crafted package may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205635", "https://support.apple.com/en-us/HT205637", "https://support.apple.com/en-us/HT205640", "https://support.apple.com/en-us/HT205641" ], "module": "libc", "rsr": "", "update": "March 3, 2017" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 and v10.11.1", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Maksymilian Arciemowicz (CXSECURITY.COM)", "description": "Multiple buffer overflows existed in the C standard library. These issues were addressed through improved bounds checking.", "id": "CVE-2015-7039", "impact": "Processing a maliciously crafted package may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205635", "https://support.apple.com/en-us/HT205637", "https://support.apple.com/en-us/HT205640", "https://support.apple.com/en-us/HT205641" ], "module": "libc", "rsr": "", "update": "March 3, 2017" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 and v10.11.1", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Lufeng Li of Qihoo 360 Vulcan Team", "description": "Multiple denial of service issues were addressed through improved memory handling.", "id": "CVE-2015-7040", "impact": "A local application may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT205635", "https://support.apple.com/en-us/HT205637", "https://support.apple.com/en-us/HT205640", "https://support.apple.com/en-us/HT205641" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 and v10.11.1", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Lufeng Li of Qihoo 360 Vulcan Team", "description": "Multiple denial of service issues were addressed through improved memory handling.", "id": "CVE-2015-7041", "impact": "A local application may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT205635", "https://support.apple.com/en-us/HT205637", "https://support.apple.com/en-us/HT205640", "https://support.apple.com/en-us/HT205641" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 and v10.11.1", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Lufeng Li of Qihoo 360 Vulcan Team", "description": "Multiple denial of service issues were addressed through improved memory handling.", "id": "CVE-2015-7042", "impact": "A local application may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT205635", "https://support.apple.com/en-us/HT205637", "https://support.apple.com/en-us/HT205640", "https://support.apple.com/en-us/HT205641" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 and v10.11.1", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Tarjei Mandt (@kernelpool)", "description": "Multiple denial of service issues were addressed through improved memory handling.", "id": "CVE-2015-7043", "impact": "A local application may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT205635", "https://support.apple.com/en-us/HT205637", "https://support.apple.com/en-us/HT205640", "https://support.apple.com/en-us/HT205641" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and v10.11.1" ], "credit": "MacDefender", "description": "A privilege issue existed in handling union mounts. This issue was addressed by improved authorization checks.", "id": "CVE-2015-7044", "impact": "A malicious application with root privileges may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT205637" ], "module": "System Integrity Protection", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and v10.11.1" ], "credit": "Luyi Xing and XiaoFeng Wang of Indiana University Bloomington, Xiaolong Bai of Indiana University Bloomington and Tsinghua University, Tongxin Li of Peking University, Kai Chen of Indiana University Bloomington and Institute of Information Engineering, Xiaojing Liao of Georgia Institute of Technology, Shi-Min Hu of Tsinghua University, and Xinhui Han of Peking University", "description": "An issue existed in how Keychain Access interacted with Keychain Agent. This issue was resolved by removing legacy functionality.", "id": "CVE-2015-7045", "impact": "A malicious application may be able to masquerade as the Keychain Server.", "links": [ "https://support.apple.com/en-us/HT205637" ], "module": "Keychain Access", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 and v10.11.1", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "An insufficient privilege separation issue existed in xnu. This issue was addressed by improved authorization checks.", "id": "CVE-2015-7046", "impact": "A malicious application with root privileges may be able to bypass kernel address space layout randomization", "links": [ "https://support.apple.com/en-us/HT205635", "https://support.apple.com/en-us/HT205637", "https://support.apple.com/en-us/HT205641" ], "module": "Sandbox", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 and v10.11.1", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Ian Beer of Google Project Zero", "description": "An issue existed in the parsing of mach messages. This issue was addressed through improved validation of mach messages.", "id": "CVE-2015-7047", "impact": "A local user may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT205635", "https://support.apple.com/en-us/HT205637", "https://support.apple.com/en-us/HT205640", "https://support.apple.com/en-us/HT205641" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.2", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-7048", "impact": "Visiting a maliciously crafted website may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205635", "https://support.apple.com/en-us/HT205636", "https://support.apple.com/en-us/HT205639", "https://support.apple.com/en-us/HT205640" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.5 or later" ], "credit": "Proteas of Qihoo 360 Nirvan Team", "description": "Multiple memory corruption issues existed in the processing of mach-o files. These issues were addressed through improved memory handling.", "id": "CVE-2015-7049", "impact": "A local attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205642" ], "module": "otools", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.2", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Luke Li and Jonathan Metzman", "description": "An insufficient input validation issue existed in content blocking. This issue was addressed through improved content extension parsing.", "id": "CVE-2015-7050", "impact": "Visiting a maliciously crafted website may reveal a user's browsing history", "links": [ "https://support.apple.com/en-us/HT205635", "https://support.apple.com/en-us/HT205636", "https://support.apple.com/en-us/HT205639" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "PanguTeam", "description": "A timing issue existed in loading of the trust cache. This issue was addressed by validating the system environment before loading the trust cache.", "id": "CVE-2015-7051", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT205635", "https://support.apple.com/en-us/HT205640" ], "module": "MobileStorageMounter", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and v10.11.1" ], "credit": "Apple", "description": "A validation issue existed during the loading of kernel extensions. This issue was addressed through additional verification.", "id": "CVE-2015-7052", "impact": "A local user may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT205637" ], "module": "kext tools", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "A memory corruption issue existed in ImageIO. This issue was addressed through improved memory handling.", "id": "CVE-2015-7053", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205635", "https://support.apple.com/en-us/HT205637", "https://support.apple.com/en-us/HT205640", "https://support.apple.com/en-us/HT205641" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 and v10.11.1", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "j00ru", "description": "An uninitialized memory access issue existed in zlib. This issue was addressed through improved memory initialization and additional validation of zlib streams.", "id": "CVE-2015-7054", "impact": "Visiting a maliciously crafted website may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205635", "https://support.apple.com/en-us/HT205637", "https://support.apple.com/en-us/HT205640", "https://support.apple.com/en-us/HT205641" ], "module": "Compression", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "An access control issue was addressed by preventing modification of access control structures.", "id": "CVE-2015-7055", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT205635", "https://support.apple.com/en-us/HT205640" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.5 or later" ], "credit": "Stephen Lardieri", "description": "Xcode did not honor the .gitignore directive. This issue was addressed by adding support to honor .gitignore file.", "id": "CVE-2015-7056", "impact": "Intentionally untracked files may be uploaded to repositories", "links": [ "https://support.apple.com/en-us/HT205642" ], "module": "IDE SCM", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.5 or later" ], "credit": "Proteas of Qihoo 360 Nirvan Team", "description": "Multiple memory corruption issues existed in the processing of mach-o files. These issues were addressed through improved memory handling.", "id": "CVE-2015-7057", "impact": "A local attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205642" ], "module": "otools", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "", "description": "An issue existed in the validation of access control lists for keychain items. This issue was addressed through improved access control list checks.", "id": "CVE-2015-7058", "impact": "A malicious application may gain access to a user's Keychain items", "links": [ "https://support.apple.com/en-us/HT205635", "https://support.apple.com/en-us/HT205637", "https://support.apple.com/en-us/HT205640" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan 10.11", "OS X Mavericks v10.9.5 and OS X Yosemite v10.10.5", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "David Keeler of Mozilla", "description": "Multiple memory corruption issues existed in the ASN.1 decoder. These issues were addressed through improved input validation", "id": "CVE-2015-7059", "impact": "Processing a maliciously crafted certificate may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205370", "https://support.apple.com/en-us/HT205375", "https://support.apple.com/en-us/HT205637", "https://support.apple.com/en-us/HT205640", "https://support.apple.com/en-us/HT205641" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan 10.11", "OS X Mavericks v10.9.5 and OS X Yosemite v10.10.5", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Tyson Smith of Mozilla", "description": "Multiple memory corruption issues existed in the ASN.1 decoder. These issues were addressed through improved input validation", "id": "CVE-2015-7060", "impact": "Processing a maliciously crafted certificate may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205370", "https://support.apple.com/en-us/HT205375", "https://support.apple.com/en-us/HT205637", "https://support.apple.com/en-us/HT205640", "https://support.apple.com/en-us/HT205641" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan 10.11", "OS X Mavericks v10.9.5 and OS X Yosemite v10.10.5", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Ryan Sleevi of Google", "description": "Multiple memory corruption issues existed in the ASN.1 decoder. These issues were addressed through improved input validation", "id": "CVE-2015-7061", "impact": "Processing a maliciously crafted certificate may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205370", "https://support.apple.com/en-us/HT205375", "https://support.apple.com/en-us/HT205637", "https://support.apple.com/en-us/HT205640", "https://support.apple.com/en-us/HT205641" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and v10.11.1" ], "credit": "David Mulder of Dell Software", "description": "An issue existed when installing configuration profiles. This issue was addressed through improved authorization checks.", "id": "CVE-2015-7062", "impact": "A local attacker may be able to install a configuration profile without admin privileges", "links": [ "https://support.apple.com/en-us/HT205637" ], "module": "Configuration Profiles", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and v10.11.1" ], "credit": "Apple", "description": "A path validation issue existed in the kernel loader. This was addressed through improved environment sanitization.", "id": "CVE-2015-7063", "impact": "A local user may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT205637" ], "module": "EFI", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in OpenGL. These issues were addressed through improved memory handling.", "id": "CVE-2015-7064", "impact": "Visiting a maliciously crafted website may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205635", "https://support.apple.com/en-us/HT205637", "https://support.apple.com/en-us/HT205640", "https://support.apple.com/en-us/HT205641" ], "module": "OpenGL", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in OpenGL. These issues were addressed through improved memory handling.", "id": "CVE-2015-7065", "impact": "Visiting a maliciously crafted website may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205635", "https://support.apple.com/en-us/HT205637", "https://support.apple.com/en-us/HT205640" ], "module": "OpenGL", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Tongbo Luo and Bo Qu of Palo Alto Networks", "description": "Multiple memory corruption issues existed in OpenGL. These issues were addressed through improved memory handling.", "id": "CVE-2015-7066", "impact": "Visiting a maliciously crafted website may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205635", "https://support.apple.com/en-us/HT205637", "https://support.apple.com/en-us/HT205640", "https://support.apple.com/en-us/HT205641" ], "module": "OpenGL", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and v10.11.1" ], "credit": "Juwei Lin of TrendMicro", "description": "A null pointer dereference existed in IOThunderboltFamily's handling of certain userclient types. This issue was addressed through improved validation of IOThunderboltFamily contexts.", "id": "CVE-2015-7067", "impact": "A local user may be able to cause a system denial of service", "links": [ "https://support.apple.com/en-us/HT205637" ], "module": "IOThunderboltFamily", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 and v10.11.1", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Ian Beer of Google Project Zero", "description": "A null pointer dereference existed in the handling of a certain userclient type. This issue was addressed through improved validation.", "id": "CVE-2015-7068", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT205635", "https://support.apple.com/en-us/HT205637", "https://support.apple.com/en-us/HT205640", "https://support.apple.com/en-us/HT205641" ], "module": "IOKit SCSI", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Luca Todesco (@qwertyoruiop)", "description": "Multiple path validation issues existed in Mobile Replayer. These were addressed through improved environment sanitization.", "id": "CVE-2015-7069", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT205635" ], "module": "GPUTools Framework", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Luca Todesco (@qwertyoruiop)", "description": "Multiple path validation issues existed in Mobile Replayer. These were addressed through improved environment sanitization.", "id": "CVE-2015-7070", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT205635" ], "module": "GPUTools Framework", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and v10.11.1" ], "credit": "Apple", "description": "A path validation issue existed in app scoped bookmarks. This was addressed through improved environment sanitization.", "id": "CVE-2015-7071", "impact": "A sandboxed process may be able to circumvent sandbox restrictions", "links": [ "https://support.apple.com/en-us/HT205637" ], "module": "File Bookmark", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "A segment validation issue existed in dyld. This was addressed through improved environment sanitization.", "id": "CVE-2015-7072", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT205635", "https://support.apple.com/en-us/HT205640", "https://support.apple.com/en-us/HT205641" ], "module": "dyld", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 and v10.11.1", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Benoit Foucher of ZeroC, Inc.", "description": "A memory corruption issue existed in handling SSL handshakes. This issue was addressed through improved memory handling.", "id": "CVE-2015-7073", "impact": "A remote attacker may cause an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205635", "https://support.apple.com/en-us/HT205637", "https://support.apple.com/en-us/HT205640", "https://support.apple.com/en-us/HT205641" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in the processing of malformed media files. These issues were addressed through improved memory handling.", "id": "CVE-2015-7074", "impact": "Visiting a maliciously crafted website may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205635", "https://support.apple.com/en-us/HT205637", "https://support.apple.com/en-us/HT205640" ], "module": "CoreMedia Playback", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "", "description": "A memory corruption issue existed in the processing of malformed media files. This issue was addressed through improved memory handling.", "id": "CVE-2015-7075", "impact": "Visiting a maliciously crafted website may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205635", "https://support.apple.com/en-us/HT205637", "https://support.apple.com/en-us/HT205640", "https://support.apple.com/en-us/HT205641" ], "module": "CoreMedia Playback", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and v10.11.1" ], "credit": "Juwei Lin of TrendMicro, beist and ABH of BoB, and JeongHoon Shin@A.D.D", "description": "A null pointer dereference issue was addressed through improved input validation.", "id": "CVE-2015-7076", "impact": "A local user may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT205637" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and v10.11.1" ], "credit": "Ian Beer of Google Project Zero", "description": "An out of bounds memory access issue existed in the Intel Graphics Driver. This issue was addressed through improved memory handling.", "id": "CVE-2015-7077", "impact": "A local user may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT205637" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and v10.11.1" ], "credit": "Ian Beer of Google Project Zero", "description": "A use after free issue existed in the handling of VM objects. This issue was addressed through improved memory management.", "id": "CVE-2015-7078", "impact": "A local user may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT205637" ], "module": "Hypervisor", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "PanguTeam", "description": "Multiple segment validation issues existed in dyld. These were addressed through improved environment sanitization.", "id": "CVE-2015-7079", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT205635", "https://support.apple.com/en-us/HT205640" ], "module": "dyld", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Or Safran (www.linkedin.com/profile/view?id=33912591)", "description": "When a request was made to Siri, client side restrictions were not being checked by the server. This issue was addressed through improved restriction checking.", "id": "CVE-2015-7080", "impact": "A person with physical access to an iOS device may be able to use Siri to read notifications of content that is set not to be displayed at the lock screen", "links": [ "https://support.apple.com/en-us/HT205635" ], "module": "Siri", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and v10.11.1", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Behrouz Sadeghipour (@Nahamsec) and Patrik Fehrenbach (@ITSecurityguard)", "description": "An XML external entity reference issue existed with iBook parsing. This issue was addressed through improved parsing.", "id": "CVE-2015-7081", "impact": "Parsing a maliciously crafted iBooks file may lead to disclosure of user information", "links": [ "https://support.apple.com/en-us/HT205635", "https://support.apple.com/en-us/HT205637" ], "module": "iBooks", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.5 or later" ], "credit": "", "description": "Multiple vulnerabilities existed in Git versions prior to 2.5.4. These were addressed by updating Git to version 2.5.4.", "id": "CVE-2015-7082", "impact": "Multiple vulnerabilities existed in Git", "links": [ "https://support.apple.com/en-us/HT205642" ], "module": "Git", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 and v10.11.1", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Ian Beer of Google Project Zero", "description": "Multiple memory corruption issues existed in the kernel. These issues were addressed through improved memory handling.", "id": "CVE-2015-7083", "impact": "A local user may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT205635", "https://support.apple.com/en-us/HT205637", "https://support.apple.com/en-us/HT205640", "https://support.apple.com/en-us/HT205641" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 and v10.11.1", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Ian Beer of Google Project Zero", "description": "Multiple memory corruption issues existed in the kernel. These issues were addressed through improved memory handling.", "id": "CVE-2015-7084", "impact": "A local user may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT205635", "https://support.apple.com/en-us/HT205637", "https://support.apple.com/en-us/HT205640", "https://support.apple.com/en-us/HT205641" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "xisigr of Tencent's Xuanwu LAB (www.tencent.com)", "description": "An issue may have allowed a website to display content with a URL from a different website. This issue was addressed through improved URL handling.", "id": "CVE-2015-7093", "impact": "Visiting a malicious website may lead to user interface spoofing", "links": [ "https://support.apple.com/en-us/HT205635" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and v10.11.1", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Tsubasa Iinuma (@llamakko_cafe) of Gehirn Inc. and Muneaki Nishimura (nishimunea)", "description": "An input validation issue existed within URL processing. This issue was addressed through improved URL validation.", "id": "CVE-2015-7094", "impact": "An attacker with a privileged network position may be able to bypass HSTS", "links": [ "https://support.apple.com/en-us/HT205635", "https://support.apple.com/en-us/HT205637" ], "module": "CFNetwork HTTPProtocol", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.2", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-7095", "impact": "Visiting a maliciously crafted website may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205635", "https://support.apple.com/en-us/HT205636", "https://support.apple.com/en-us/HT205639", "https://support.apple.com/en-us/HT205640" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.2", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-7096", "impact": "Visiting a maliciously crafted website may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205635", "https://support.apple.com/en-us/HT205636", "https://support.apple.com/en-us/HT205639", "https://support.apple.com/en-us/HT205640" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.2", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-7097", "impact": "Visiting a maliciously crafted website may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205635", "https://support.apple.com/en-us/HT205636", "https://support.apple.com/en-us/HT205639", "https://support.apple.com/en-us/HT205640" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.2", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-7098", "impact": "Visiting a maliciously crafted website may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205635", "https://support.apple.com/en-us/HT205636", "https://support.apple.com/en-us/HT205639", "https://support.apple.com/en-us/HT205640" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.2", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-7099", "impact": "Visiting a maliciously crafted website may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205635", "https://support.apple.com/en-us/HT205636", "https://support.apple.com/en-us/HT205639", "https://support.apple.com/en-us/HT205640" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.2", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-7100", "impact": "Visiting a maliciously crafted website may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205635", "https://support.apple.com/en-us/HT205636", "https://support.apple.com/en-us/HT205639", "https://support.apple.com/en-us/HT205640" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.2", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-7101", "impact": "Visiting a maliciously crafted website may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205635", "https://support.apple.com/en-us/HT205636", "https://support.apple.com/en-us/HT205639", "https://support.apple.com/en-us/HT205640" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.2", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-7102", "impact": "Visiting a maliciously crafted website may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205635", "https://support.apple.com/en-us/HT205636", "https://support.apple.com/en-us/HT205639", "https://support.apple.com/en-us/HT205640" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.2", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-7103", "impact": "Visiting a maliciously crafted website may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205635", "https://support.apple.com/en-us/HT205636", "https://support.apple.com/en-us/HT205639", "https://support.apple.com/en-us/HT205640" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.2", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-7104", "impact": "Visiting a maliciously crafted website may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205370", "https://support.apple.com/en-us/HT205636", "https://support.apple.com/en-us/HT205639", "https://support.apple.com/en-us/HT205640" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "John Villamil (@day6reak), Yahoo Pentest Team", "description": "A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation.", "id": "CVE-2015-7105", "impact": "Processing a maliciously crafted font file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205635", "https://support.apple.com/en-us/HT205637", "https://support.apple.com/en-us/HT205640", "https://support.apple.com/en-us/HT205641" ], "module": "CoreGraphics", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and v10.11.1" ], "credit": "Ian Beer of Google Project Zero, Juwei Lin of TrendMicro, beist and ABH of BoB, and JeongHoon Shin@A.D.D", "description": "A memory corruption issue existed in the Intel Graphics Driver. This issue was addressed through improved memory handling.", "id": "CVE-2015-7106", "impact": "A local user may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT205637" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "", "description": "A memory corruption issue existed in the handling of iWork files. This issue was addressed through improved memory handling.", "id": "CVE-2015-7107", "impact": "Opening a maliciously crafted iWork file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205635", "https://support.apple.com/en-us/HT205637" ], "module": "QuickLook", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and v10.11.1" ], "credit": "Ian Beer of Google Project Zero", "description": "A memory corruption issue existed in the Bluetooth HCI interface. This issue was addressed through improved memory handling.", "id": "CVE-2015-7108", "impact": "A local user may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT205637" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X El Capitan v10.11 and v10.11.1" ], "credit": "Juwei Lin of TrendMicro", "description": "A memory corruption issue existed in IOAcceleratorFamily. This issue was addressed through improved memory handling.", "id": "CVE-2015-7109", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT205637", "https://support.apple.com/en-us/HT205640" ], "module": "IOAcceleratorFamily", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X El Capitan v10.11 and v10.11.1" ], "credit": "Ian Beer of Google Project Zero", "description": "A memory corruption issue existed in the parsing of disk images. This issue was addressed through improved memory handling.", "id": "CVE-2015-7110", "impact": "A local user may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT205637", "https://support.apple.com/en-us/HT205640" ], "module": "Disk Images", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 and v10.11.1", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "beist and ABH of BoB", "description": "Multiple memory corruption issues existed in IOHIDFamily. These issues were addressed through improved memory handling.", "id": "CVE-2015-7111", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT205635", "https://support.apple.com/en-us/HT205637", "https://support.apple.com/en-us/HT205640", "https://support.apple.com/en-us/HT205641" ], "module": "IOHIDFamily", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 and v10.11.1", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Ian Beer of Google Project Zero", "description": "Multiple memory corruption issues existed in IOHIDFamily. These issues were addressed through improved memory handling.", "id": "CVE-2015-7112", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT205635", "https://support.apple.com/en-us/HT205637", "https://support.apple.com/en-us/HT205640", "https://support.apple.com/en-us/HT205641" ], "module": "IOHIDFamily", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Olivier Goguel of Free Tools Association", "description": "A memory corruption issue existed in the processing of malformed plists. This issue was addressed through improved memory handling.", "id": "CVE-2015-7113", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT205635", "https://support.apple.com/en-us/HT205641" ], "module": "LaunchServices", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Wei Lei and Liu Yang of Nanyang Technological University", "description": "A memory corruption issue existed in the parsing of XML files. This issue was addressed through improved memory handling.", "id": "CVE-2015-7115", "impact": "Parsing a maliciously crafted XML document may lead to disclosure of user information", "links": [ "https://support.apple.com/en-us/HT205635", "https://support.apple.com/en-us/HT205637", "https://support.apple.com/en-us/HT205640" ], "module": "libxml2", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Wei Lei and Liu Yang of Nanyang Technological University", "description": "A memory corruption issue existed in the parsing of XML files. This issue was addressed through improved memory handling.", "id": "CVE-2015-7116", "impact": "Parsing a maliciously crafted XML document may lead to disclosure of user information", "links": [ "https://support.apple.com/en-us/HT205635", "https://support.apple.com/en-us/HT205637", "https://support.apple.com/en-us/HT205640" ], "module": "libxml2", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Jonathan Zdziarski", "description": "Safari bookmark data was encrypted with a key protected only by the hardware UID. This issue was addressed by encrypting the Safari bookmark data with a key protected by the hardware UID and the user's passcode.", "id": "CVE-2015-7118", "impact": "A local user may be able to read Safari bookmarks on a locked iOS device without a passcode", "links": [ "https://support.apple.com/en-us/HT205212" ], "module": "Safari", "rsr": "", "update": "December 21, 2016" }, { "available": [ "OS X El Capitan v10.11 and v10.11.1" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.5.29, the most serious of which may have led to remote code execution. These were addressed by updating PHP to version 5.5.30.", "id": "CVE-2015-7803", "impact": "Multiple vulnerabilities in PHP", "links": [ "https://support.apple.com/en-us/HT205637" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and v10.11.1" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.5.29, the most serious of which may have led to remote code execution. These were addressed by updating PHP to version 5.5.30.", "id": "CVE-2015-7804", "impact": "Multiple vulnerabilities in PHP", "links": [ "https://support.apple.com/en-us/HT205637" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Alexandre Helie", "description": "Multiple memory corruption issues existed in DNS data parsing. These issues were addressed through improved bounds checking.", "id": "CVE-2015-7987", "impact": "A remote attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205370", "https://support.apple.com/en-us/HT205375", "https://support.apple.com/en-us/HT205378" ], "module": "mDNSResponder", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Alexandre Helie", "description": "A null pointer dereference issue was addressed through improved memory handling.", "id": "CVE-2015-7988", "impact": "A local application may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT205370", "https://support.apple.com/en-us/HT205375", "https://support.apple.com/en-us/HT205641" ], "module": "mDNSResponder", "rsr": "", "update": "" } ] ================================================ FILE: 2015/README.md ================================================ # Apple CVE 2015 * data source: https://support.apple.com/en-us/HT201222 * [2015.json](2015.json) ## Modules | Index | Module Name | CVE Count | |:-----:|:------------------ |:---------:| | 1 | WebKit | 109 | | 2 | Kernel | 49 | | 3 | iTunes | 41 | | 4 | apache_mod_php | 34 | | 5 | PHP | 21 | | 6 | FontParser | 19 | | 7 | Security | 18 | | 8 | OpenSSL | 17 | | 9 | IOHIDFamily | 16 | | 10 | Intel Graphics Driver | 16 | | 11 | apache | 15 | | 12 | ImageIO | 15 | | 13 | Safari | 14 | | 14 | curl | 10 | | 15 | Bluetooth | 10 | | 16 | ATS | 10 | | 17 | QuickTime | 10 | | 18 | PostgreSQL | 9 | | 19 | IOAcceleratorFamily | 9 | | 20 | QT Media Foundation | 9 | | 21 | CoreGraphics | 8 | | 22 | IDE Xcode Server | 7 | | 23 | EFI | 7 | | 24 | IOGraphics | 7 | | 25 | sudo | 6 | | 26 | subversion | 6 | | 27 | python | 5 | | 28 | libxml2 | 5 | | 29 | OpenSSH | 5 | | 30 | IOKit | 5 | | 31 | BIND | 5 | | 32 | SQLite | 5 | | 33 | dyld | 4 | | 34 | LaunchServices | 4 | | 35 | SceneKit | 4 | | 36 | CFNetwork | 4 | | 37 | Telephony | 4 | | 38 | Admin Framework | 4 | | 39 | CoreText | 4 | | 40 | Install Framework Legacy | 4 | | 41 | IOFireWireFamily | 4 | | 42 | Code Signing | 4 | | 43 | CoreMedia Playback | 4 | | 44 | CFNetwork HTTPProtocol | 4 | | 45 | Audio | 4 | | 46 | OpenGL | 4 | | 47 | libexpat | 3 | | 48 | MobileInstallation | 3 | | 49 | bash | 3 | | 50 | Ruby | 3 | | 51 | zip | 3 | | 52 | ICU | 3 | | 53 | libc | 3 | | 54 | tcpdump | 3 | | 55 | Sandbox | 3 | | 56 | Spotlight | 3 | | 57 | ntp | 3 | | 58 | Lock Screen | 3 | | 59 | Graphics Driver | 3 | | 60 | OpenLDAP | 3 | | 61 | kext tools | 3 | | 62 | Mail | 3 | | 63 | Keynote, Pages, and Numbers | 3 | | 64 | Libc | 3 | | 65 | Disk Images | 3 | | 66 | GasGauge | 3 | | 67 | Graphics Drivers | 3 | | 68 | groff | 2 | | 69 | libarchive | 2 | | 70 | Net-SNMP | 2 | | 71 | AppleFileConduit | 2 | | 72 | Foundation | 2 | | 73 | libnetcore | 2 | | 74 | Springboard | 2 | | 75 | iTunes Store | 2 | | 76 | Git | 2 | | 77 | MobileStorageMounter | 2 | | 78 | Secure Transport | 2 | | 79 | AppleKeyStore | 2 | | 80 | Backup | 2 | | 81 | NetworkExtension | 2 | | 82 | Sandbox Profiles | 2 | | 83 | CoreAnimation | 2 | | 84 | Hypervisor | 2 | | 85 | Security - Code Signing | 2 | | 86 | Swift | 2 | | 87 | Wiki Server | 2 | | 88 | CUPS | 2 | | 89 | WebKit Page Loading | 2 | | 90 | AppleGraphicsControl | 2 | | 91 | DiskImages | 2 | | 92 | ntfs | 2 | | 93 | Application Store | 2 | | 94 | QuickTime 7 | 2 | | 95 | libxpc | 2 | | 96 | tidy | 2 | | 97 | Data Detectors Engine | 2 | | 98 | libpthread | 2 | | 99 | SpringBoard | 2 | | 100 | Dev Tools | 2 | | 101 | Notes | 2 | | 102 | SMB | 2 | | 103 | Siri | 2 | | 104 | File Bookmark | 2 | | 105 | otools | 2 | | 106 | GPUTools Framework | 2 | | 107 | mDNSResponder | 2 | | 108 | perl | 1 | | 109 | procmail | 1 | | 110 | AFP Server | 1 | | 111 | CFNetwork Cache | 1 | | 112 | CPU Software | 1 | | 113 | CommerceKit Framework | 1 | | 114 | Kerberos | 1 | | 115 | mail_cmds | 1 | | 116 | lukemftp | 1 | | 117 | CoreSymbolication | 1 | | 118 | IOUSBFamily | 1 | | 119 | LoginWindow | 1 | | 120 | security_taskgate | 1 | | 121 | SpotlightIndex | 1 | | 122 | UserAccountUpdater | 1 | | 123 | sysmond | 1 | | 124 | ntpd | 1 | | 125 | IOSurface | 1 | | 126 | CoreTelephony | 1 | | 127 | iCloud Keychain | 1 | | 128 | Audio Drivers | 1 | | 129 | CFURL | 1 | | 130 | CFNetwork Session | 1 | | 131 | IOMobileFramebuffer | 1 | | 132 | iWork Viewer | 1 | | 133 | Keyboards | 1 | | 134 | Podcasts | 1 | | 135 | UIKit View | 1 | | 136 | UniformTypeIdentifiers | 1 | | 137 | Open Directory Client | 1 | | 138 | Screen Sharing | 1 | | 139 | Firewall | 1 | | 140 | WebKit Storage | 1 | | 141 | WebKit PDF | 1 | | 142 | afpserver | 1 | | 143 | AppleFSCompression | 1 | | 144 | AppleThunderboltEDMService | 1 | | 145 | CFNetwork HTTPAuthentication | 1 | | 146 | Display Drivers | 1 | | 147 | System Stats | 1 | | 148 | TrueTypeScaler | 1 | | 149 | Wi-Fi Connectivity | 1 | | 150 | Web | 1 | | 151 | Certificate UI | 1 | | 152 | Date & Time pref pane | 1 | | 153 | UIKit WebView | 1 | | 154 | Location Framework | 1 | | 155 | Text Formats | 1 | | 156 | Notification Center OSX | 1 | | 157 | udf | 1 | | 158 | SMBClient | 1 | | 159 | Dictionary Application | 1 | | 160 | bootp | 1 | | 161 | Quick Look | 1 | | 162 | CloudKit | 1 | | 163 | CFPreferences | 1 | | 164 | Speech UI | 1 | | 165 | Apple ID OD Plug-in | 1 | | 166 | coreTLS | 1 | | 167 | Sandbox_profiles | 1 | | 168 | Air Traffic | 1 | | 169 | MSVDX Driver | 1 | | 170 | Quartz Composer Framework | 1 | | 171 | QL Office | 1 | | 172 | Libinfo | 1 | | 173 | Safari Extensions | 1 | | 174 | CFNetwork SSL | 1 | | 175 | WebKit CSS | 1 | | 176 | WebKit JavaScript Bindings | 1 | | 177 | WebKit Plug-ins | 1 | | 178 | Login Window | 1 | | 179 | Apple Online Store Kit | 1 | | 180 | PluginKit | 1 | | 181 | removefile | 1 | | 182 | CFNetwork Proxies | 1 | | 183 | IOMobileFrameBuffer | 1 | | 184 | AppleEvents | 1 | | 185 | Multipeer Connectivity | 1 | | 186 | AirScan | 1 | | 187 | Time Machine | 1 | | 188 | Game Center | 1 | | 189 | IOStorageFamily | 1 | | 190 | IOAudioFamily | 1 | | 191 | Terminal | 1 | | 192 | CFNetwork Cookies | 1 | | 193 | remote_cmds | 1 | | 194 | Address Book | 1 | | 195 | Finder | 1 | | 196 | CFNetwork FTPProtocol | 1 | | 197 | Heimdal | 1 | | 198 | Apple Pay | 1 | | 199 | lukemftpd | 1 | | 200 | Accelerate Framework | 1 | | 201 | SecurityAgent | 1 | | 202 | Directory Utility | 1 | | 203 | Grand Central Dispatch | 1 | | 204 | Notification Center | 1 | | 205 | AppSandbox | 1 | | 206 | Bom | 1 | | 207 | Script Editor | 1 | | 208 | configd | 1 | | 209 | MCX Application Restrictions | 1 | | 210 | Web Service | 1 | | 211 | Pages | 1 | | 212 | Photos | 1 | | 213 | System Integrity Protection | 1 | | 214 | Keychain Access | 1 | | 215 | Compression | 1 | | 216 | AppleMobileFileIntegrity | 1 | | 217 | IDE SCM | 1 | | 218 | Configuration Profiles | 1 | | 219 | IOThunderboltFamily | 1 | | 220 | IOKit SCSI | 1 | | 221 | iBooks | 1 | | 222 | QuickLook | 1 | ================================================ FILE: 2016/2016.json ================================================ [ { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.4" ], "credit": "Alexios Fakos of n.runs AG", "description": "An issue existed where the text of a dialog included page-supplied text. This issue was addressed by no longer including that text.", "id": "CVE-2009-2197", "impact": "Visiting a malicious website may lead to user interface spoofing", "links": [ "https://support.apple.com/en-us/HT206171" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "Felix Groebert of Google", "description": "Multiple vulnerabilities existed in libxml2 versions prior to 2.9.2. These were addressed by updating libxml2 to version 2.9.2.", "id": "CVE-2012-6685", "impact": "Multiple vulnerabilities existed in libxml2 versions prior to 2.9.2, the most serious of which may allow a remote attacker to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "libxml2", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.5 and OS X El Capitan v10.11 and later" ], "credit": "", "description": "Multiple issues existed in PHP versions prior to 5.5.36. These were addressed by updating PHP to version 5.5.36.", "id": "CVE-2013-7456", "impact": "A remote attacker may be able to execute arbitrary code", "links": [ "https://support.apple.com/en-us/HT206903" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "Felix Groebert of Google", "description": "Multiple vulnerabilities existed in libxml2 versions prior to 2.9.2. These were addressed by updating libxml2 to version 2.9.2.", "id": "CVE-2014-0191", "impact": "Multiple vulnerabilities existed in libxml2 versions prior to 2.9.2, the most serious of which may allow a remote attacker to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "libxml2", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "Felix Groebert of Google", "description": "Multiple vulnerabilities existed in libxml2 versions prior to 2.9.2. These were addressed by updating libxml2 to version 2.9.2.", "id": "CVE-2014-3660", "impact": "Multiple vulnerabilities existed in libxml2 versions prior to 2.9.2, the most serious of which may allow a remote attacker to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "libxml2", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 to v10.11.3" ], "credit": "", "description": "Multiple vulnerabilities existed in libpng versions prior to 1.6.20. These were addressed by updating libpng to version 1.6.20.", "id": "CVE-2014-9495", "impact": "Processing a maliciously crafted .png file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206167" ], "module": "Python", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "an anonymous researcher", "description": "An integer overflow existed in bspatch. This issue was addressed through improved bounds checking.", "id": "CVE-2014-9862", "impact": "A local attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206903" ], "module": "bsdiff", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 to v10.11.3" ], "credit": "", "description": "Multiple vulnerabilities existed in libpng versions prior to 1.6.20. These were addressed by updating libpng to version 1.6.20.", "id": "CVE-2015-0973", "impact": "Processing a maliciously crafted .png file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206167" ], "module": "Python", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 to v10.11.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2015-1819", "impact": "Processing maliciously crafted XML may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206166", "https://support.apple.com/en-us/HT206167", "https://support.apple.com/en-us/HT206168", "https://support.apple.com/en-us/HT206169" ], "module": "libxml2", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "C. Michael Pilato, CollabNet", "description": "Multiple vulnerabilities existed in subversion versions prior to 1.7.21, the most serious of which may have led to remote code execution. These were addressed by updating subversion to version 1.7.22.", "id": "CVE-2015-3184", "impact": "A malicious server may be able to execute arbitrary code", "links": [ "https://support.apple.com/en-us/HT206172" ], "module": "subversion", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "C. Michael Pilato, CollabNet", "description": "Multiple vulnerabilities existed in subversion versions prior to 1.7.21, the most serious of which may have led to remote code execution. These were addressed by updating subversion to version 1.7.22.", "id": "CVE-2015-3187", "impact": "A malicious server may be able to execute arbitrary code", "links": [ "https://support.apple.com/en-us/HT206172" ], "module": "subversion", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11.5 and later" ], "credit": "", "description": "Multiple issues existed in Node.js in Xcode Server. These issues were addressed by updating to Node.js version 4.5.0.", "id": "CVE-2015-3193", "impact": "A remote attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207268" ], "module": "IDE Xcode Server", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11.5 and later" ], "credit": "", "description": "Multiple issues existed in Node.js in Xcode Server. These issues were addressed by updating to Node.js version 4.5.0.", "id": "CVE-2015-3194", "impact": "A remote attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207268" ], "module": "IDE Xcode Server", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 to v10.11.3" ], "credit": "", "description": "A memory leak existed in OpenSSL versions prior to 0.9.8zh. This issue was addressed by updating OpenSSL to version 0.9.8zh.", "id": "CVE-2015-3195", "impact": "A remote attacker may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT206167" ], "module": "OpenSSL", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-3730", "impact": "Processing maliciously crafted web content may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-3731", "impact": "Processing maliciously crafted web content may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-3732", "impact": "Processing maliciously crafted web content may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-3733", "impact": "Processing maliciously crafted web content may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-3734", "impact": "Processing maliciously crafted web content may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-3735", "impact": "Processing maliciously crafted web content may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-3736", "impact": "Processing maliciously crafted web content may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-3737", "impact": "Processing maliciously crafted web content may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-3738", "impact": "Processing maliciously crafted web content may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-3739", "impact": "Processing maliciously crafted web content may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-3740", "impact": "Processing maliciously crafted web content may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-3741", "impact": "Processing maliciously crafted web content may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-3742", "impact": "Processing maliciously crafted web content may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-3743", "impact": "Processing maliciously crafted web content may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-3744", "impact": "Processing maliciously crafted web content may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-3745", "impact": "Processing maliciously crafted web content may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-3746", "impact": "Processing maliciously crafted web content may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-3747", "impact": "Processing maliciously crafted web content may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-3748", "impact": "Processing maliciously crafted web content may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "Apple", "description": "Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.", "id": "CVE-2015-3749", "impact": "Processing maliciously crafted web content may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "Muneaki Nishimura (nishimunea)", "description": "An issue existed where Content Security Policy report requests would not honor HTTP Strict Transport Security (HSTS). The issue was addressed by applying HSTS to CSP.", "id": "CVE-2015-3750", "impact": "Maliciously crafted web content may trigger plaintext requests to an origin under HTTP Strict Transport Security", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "Muneaki Nishimura (nishimunea)", "description": "An issue existed where processing web content with video controls would load images nested in object elements in violation of the website's Content Security Policy directive. This issue was addressed through improved Content Security Policy enforcement.", "id": "CVE-2015-3751", "impact": "Image loading may violate a website's Content Security Policy directive", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "Muneaki Nishimura (nishimunea)", "description": "Two issues existed in how cookies were added to Content Security Policy report requests. Cookies were sent in cross-origin report requests in violation of the standard. Cookies set during regular browsing were sent in private browsing. These issues were addressed through improved cookie handling.", "id": "CVE-2015-3752", "impact": "Content Security Policy report requests may leak cookies", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "Antonio Sanso and Damien Antipa of Adobe", "description": "Images fetched through URLs that redirected to a data:image resource could have been exfiltrated cross-origin. This issue was addressed through improved canvas taint tracking.", "id": "CVE-2015-3753", "impact": "Maliciously crafted web content may exfiltrate image data cross-origin", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "Cererdlong of Alibaba Mobile Security Team", "description": "A symbolic link issue was addressed through improved path validation.", "id": "CVE-2015-3759", "impact": "A local user may be able to modify protected parts of the filesystem", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "Location Framework", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "Cererdlong of Alibaba Mobile Security Team, @PanguTeam", "description": "An issue existed in the mach_port_space_info interface, which could have led to the disclosure of kernel memory layout. This was addressed by disabling the mach_port_space_info interface.", "id": "CVE-2015-3766", "impact": "A malicious application may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "Ilja van Sprundel", "description": "An integer overflow existed in the handling of IOKit functions. This issue was addressed through improved validation of IOKit API arguments.", "id": "CVE-2015-3768", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "Teddy Reed of Facebook Security, Patrick Stein (@jollyjinx) of Jinx Germany", "description": "A memory corruption existed in processing of malformed plists. This issue was addressed through improved memory handling.", "id": "CVE-2015-3776", "impact": "Parsing a maliciously crafted plist may lead to an unexpected application termination or arbitrary code execution with system privileges", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "IOKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "Piers O'Hanlon of Oxford Internet Institute, University of Oxford (on the EPSRC Being There project)", "description": "Upon connecting to a Wi-Fi network, iOS may have broadcast MAC addresses of previously accessed networks via the DNAv4 protocol. This issue was addressed through disabling DNAv4 on unencrypted Wi-Fi networks.", "id": "CVE-2015-3778", "impact": "A malicious Wi-Fi network may be able to determine networks a device has previously accessed", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "bootp", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "Deepkanwal Plaha of University of Toronto", "description": "A state inconsistency existed in CloudKit when signing out users. This issue was addressed through improved state handling.", "id": "CVE-2015-3782", "impact": "A malicious application may be able to access the iCloud user record of a previously signed in user", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "CloudKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "Bruno Morisson of INTEGRITY S.A.", "description": "An external entity reference issue existed in XML parsing. This issue was addressed through improved parsing.", "id": "CVE-2015-3784", "impact": "Parsing maliciously crafted XML may lead to disclosure of user information", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "Office Viewer", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "Andreas Weinlein of the Appthority Mobility Threat Team", "description": "An issue existed in the third-party app sandbox. This issue was addressed by improving the third-party sandbox profile.", "id": "CVE-2015-3793", "impact": "A malicious app may be able to read other apps' managed preferences", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "CFPreferences", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "Mathew Rowley", "description": "A memory corruption issue existed in handling of malformed XPC messages. This issue was improved through improved bounds checking.", "id": "CVE-2015-3795", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "libxpc", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "Ian Beer of Google Project Zero", "description": "A memory corruption issue existed in the TRE library. This issue was addressed through improved memory handling.", "id": "CVE-2015-3796", "impact": "Processing a maliciously crafted regular expression may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "Libc", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "Ian Beer of Google Project Zero", "description": "A memory corruption issue existed in the TRE library. This issue was addressed through improved memory handling.", "id": "CVE-2015-3797", "impact": "Processing a maliciously crafted regular expression may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "Libc", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "Ian Beer of Google Project Zero", "description": "A memory corruption issue existed in the TRE library. This issue was addressed through improved memory handling.", "id": "CVE-2015-3798", "impact": "Processing a maliciously crafted regular expression may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "Libc", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "Frank Graziano of the Yahoo Pentest Team", "description": "A memory corruption issue existed in parsing of malformed DMG images. This issue was addressed through improved memory handling.", "id": "CVE-2015-3800", "impact": "Processing a maliciously crafted DMG file may lead to an unexpected application termination or arbitrary code execution with system privileges", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "DiskImages", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "TaiG Jailbreak Team", "description": "A validation issue existed in the handling of Mach-O files. This was addressed by adding additional checks.", "id": "CVE-2015-3802", "impact": "A local user may be able to execute unsigned code", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "Code Signing", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "TaiG Jailbreak Team", "description": "An issue existed in the way multi-architecture executable files were evaluated that could have allowed unsigned code to be executed. This issue was addressed through improved validation of executable files.", "id": "CVE-2015-3803", "impact": "A specially crafted executable file could allow unsigned, malicious code to execute", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "Code Signing", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "Apple", "description": "A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation.", "id": "CVE-2015-3804", "impact": "Processing a maliciously crafted font file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "FontParser", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "TaiG Jailbreak Team", "description": "A validation issue existed in the handling of Mach-O files. This was addressed by adding additional checks.", "id": "CVE-2015-3805", "impact": "A local user may be able to execute unsigned code", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "Code Signing", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "TaiG Jailbreak Team", "description": "An issue existed that allowed unsigned code to be appended to signed code in a specially crafted executable file. This issue was addressed through improved code signature validation.", "id": "CVE-2015-3806", "impact": "A malicious application may be able to execute unsigned code", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "Code Signing", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "Michal Zalewski", "description": "A memory corruption issue existed in parsing of XML files. This issue was addressed through improved memory handling.", "id": "CVE-2015-3807", "impact": "Parsing a maliciously crafted XML document may lead to disclosure of user information", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "libxml2", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 to v10.11.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "David Drysdale of Google", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2015-5312", "impact": "Processing maliciously crafted XML may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206166", "https://support.apple.com/en-us/HT206167", "https://support.apple.com/en-us/HT206168", "https://support.apple.com/en-us/HT206169" ], "module": "libxml2", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5 and OS X Yosemite v10.10.5" ], "credit": "Qualys", "description": "Multiple vulnerabilities existed in LibreSSL versions prior to 2.1.8. These were addressed by updating LibreSSL to version 2.1.8.", "id": "CVE-2015-5333", "impact": "Multiple vulnerabilities in LibreSSL", "links": [ "https://support.apple.com/en-us/HT206167" ], "module": "OpenSSH", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5 and OS X Yosemite v10.10.5" ], "credit": "Qualys", "description": "Multiple vulnerabilities existed in LibreSSL versions prior to 2.1.8. These were addressed by updating LibreSSL to version 2.1.8.", "id": "CVE-2015-5334", "impact": "Multiple vulnerabilities in LibreSSL", "links": [ "https://support.apple.com/en-us/HT206167" ], "module": "OpenSSH", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "Andreas Weinlein of the Appthority Mobility Threat Team", "description": "An issue existed in the third-party app sandbox. This issue was addressed by improving the third-party sandbox profile.", "id": "CVE-2015-5749", "impact": "An malicious app may be able to read other apps' managed preferences", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "Sandbox_profiles", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "John Villamil (@day6reak), Yahoo Pentest Team", "description": "A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation.", "id": "CVE-2015-5755", "impact": "Processing a maliciously crafted font file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "CoreText", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "John Villamil (@day6reak), Yahoo Pentest Team", "description": "A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation.", "id": "CVE-2015-5756", "impact": "Processing a maliciously crafted font file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "FontParser", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "Lufeng Li of Qihoo 360", "description": "A memory corruption issue existed in handling syscalls. This issue was addressed through improved lock state checking.", "id": "CVE-2015-5757", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "libpthread", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "Apple", "description": "A memory corruption issue existed in the processing of .tiff files. This issue was addressed through improved bounds checking.", "id": "CVE-2015-5758", "impact": "Processing a maliciously crafted .tiff file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "John Villamil (@day6reak), Yahoo Pentest Team", "description": "A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation.", "id": "CVE-2015-5761", "impact": "Processing a maliciously crafted font file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "CoreText", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "Apple", "description": "A memory corruption issue existed in parsing of office documents. This issue was addressed through improved memory handling.", "id": "CVE-2015-5773", "impact": "Parsing a maliciously crafted office document may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "QL Office", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "TaiG Jailbreak Team", "description": "A buffer overflow issue existed in IOHIDFamily. This issue was addressed through improved memory handling.", "id": "CVE-2015-5774", "impact": "A local user may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "IOHIDFamily", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "Apple", "description": "A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation.", "id": "CVE-2015-5775", "impact": "Processing a maliciously crafted font file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "FontParser", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "Apple", "description": "A memory corruption issue existed in handling AF_INET6 sockets. This issue was addressed by improved memory handling.", "id": "CVE-2015-5776", "impact": "A remote attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "Libinfo", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "Apple", "description": "A memory corruption issue existed in CoreMedia Playback. This issue was addressed through improved memory handling.", "id": "CVE-2015-5777", "impact": "Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "CoreMedia Playback", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "Apple", "description": "A memory corruption issue existed in CoreMedia Playback. This issue was addressed through improved memory handling.", "id": "CVE-2015-5778", "impact": "Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "CoreMedia Playback", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "Michal Zalewski", "description": "An uninitialized memory access issue existed in ImageIO's handling of PNG images. This issue was addressed through improved memory initialization and additional validation of PNG images.", "id": "CVE-2015-5781", "impact": "Parsing maliciously crafted web content may result in the disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "Michal Zalewski", "description": "An uninitialized memory access issue existed in ImageIO's handling of TIFF images. This issue is addressed through improved memory initialization and additional validation of TIFF images.", "id": "CVE-2015-5782", "impact": "Parsing maliciously crafted web content may result in the disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT205795" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11.5 and later" ], "credit": "", "description": "Multiple issues existed in Node.js in Xcode Server. These issues were addressed by updating to Node.js version 4.5.0.", "id": "CVE-2015-6764", "impact": "A remote attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207268" ], "module": "IDE Xcode Server", "rsr": "", "update": "" }, { "available": [ "AirPort Express, AirPort Extreme, and AirPort Time Capsule base stations with 802.11n; AirPort Extreme and AirPort Time Capsule base stations with 802.11ac" ], "credit": "Alexandre Helie", "description": "A memory corruption issue existed in DNS data parsing. This issue was addressed through improved bounds checking.", "id": "CVE-2015-7029", "impact": "A remote attacker may be able to cause arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206849" ], "module": "AirPort Base Station Firmware", "rsr": "", "update": "" }, { "available": [ "Windows 7 and Windows Vista" ], "credit": "an anonymous researcher", "description": "Multiple memory corruption issues existed in QuickTime. These issues were addressed through improved memory handling.", "id": "CVE-2015-7085", "impact": "Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205638" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Windows 7 and Windows Vista" ], "credit": "an anonymous researcher", "description": "Multiple memory corruption issues existed in QuickTime. These issues were addressed through improved memory handling.", "id": "CVE-2015-7086", "impact": "Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205638" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Windows 7 and Windows Vista" ], "credit": "Ryan Pentney and Richard Johnson of Cisco Talos", "description": "Multiple memory corruption issues existed in QuickTime. These issues were addressed through improved memory handling.", "id": "CVE-2015-7087", "impact": "Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205638" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Windows 7 and Windows Vista" ], "credit": "Ryan Pentney and Richard Johnson of Cisco Talos", "description": "Multiple memory corruption issues existed in QuickTime. These issues were addressed through improved memory handling.", "id": "CVE-2015-7088", "impact": "Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205638" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Windows 7 and Windows Vista" ], "credit": "Ryan Pentney and Richard Johnson of Cisco Talos", "description": "Multiple memory corruption issues existed in QuickTime. These issues were addressed through improved memory handling.", "id": "CVE-2015-7089", "impact": "Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205638" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Windows 7 and Windows Vista" ], "credit": "Ryan Pentney and Richard Johnson of Cisco Talos", "description": "Multiple memory corruption issues existed in QuickTime. These issues were addressed through improved memory handling.", "id": "CVE-2015-7090", "impact": "Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205638" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Windows 7 and Windows Vista" ], "credit": "Pedro Ribeiro (pedrib@gmail.com) of Agile Information Security", "description": "Multiple memory corruption issues existed in QuickTime. These issues were addressed through improved memory handling.", "id": "CVE-2015-7091", "impact": "Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205638" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Windows 7 and Windows Vista" ], "credit": "Jaanus Kp Clarified Security working with HP's Zero Day Initiative", "description": "Multiple memory corruption issues existed in QuickTime. These issues were addressed through improved memory handling.", "id": "CVE-2015-7092", "impact": "Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205638" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Windows 7 and Windows Vista" ], "credit": "Ryan Pentney and Richard Johnson of Cisco Talos", "description": "Multiple memory corruption issues existed in QuickTime. These issues were addressed through improved memory handling.", "id": "CVE-2015-7117", "impact": "Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205638" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 to v10.11.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2015-7499", "impact": "Processing maliciously crafted XML may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206166", "https://support.apple.com/en-us/HT206167", "https://support.apple.com/en-us/HT206168", "https://support.apple.com/en-us/HT206169" ], "module": "libxml2", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 to v10.11.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Kostya Serebryany of Google", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2015-7500", "impact": "Processing maliciously crafted XML may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206166", "https://support.apple.com/en-us/HT206167", "https://support.apple.com/en-us/HT206168", "https://support.apple.com/en-us/HT206169" ], "module": "libxml2", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 to v10.11.3" ], "credit": "", "description": "An unsafe tainted string usage vulnerability existed in versions prior to 2.0.0-p648. This issue was addressed by updating to version 2.0.0-p648.", "id": "CVE-2015-7551", "impact": "A local attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206167" ], "module": "Ruby", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 to v10.11.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Kostya Serebryany of Google", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2015-7942", "impact": "Processing maliciously crafted XML may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206166", "https://support.apple.com/en-us/HT206167", "https://support.apple.com/en-us/HT206168", "https://support.apple.com/en-us/HT206169" ], "module": "libxml2", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)", "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 to v10.11.2", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "puzzor", "description": "A type confusion issue was addressed through improved memory handling.", "id": "CVE-2015-7995", "impact": "Processing maliciously crafted XML may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205729", "https://support.apple.com/en-us/HT205731", "https://support.apple.com/en-us/HT205732", "https://support.apple.com/en-us/HT205795", "https://support.apple.com/en-us/HT206168" ], "module": "libxslt", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11.5 and later" ], "credit": "", "description": "Multiple issues existed in Node.js in Xcode Server. These issues were addressed by updating to Node.js version 4.5.0.", "id": "CVE-2015-8027", "impact": "A remote attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207268" ], "module": "IDE Xcode Server", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 to v10.11.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "gustavo.grieco", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2015-8035", "impact": "Processing maliciously crafted XML may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206166", "https://support.apple.com/en-us/HT206167", "https://support.apple.com/en-us/HT206168", "https://support.apple.com/en-us/HT206169" ], "module": "libxml2", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 to v10.11.3", "OS X Yosemite v10.10.5 and OS X El Capitan v10.11 to v10.11.3" ], "credit": "Adam Mari\u0161", "description": "Multiple vulnerabilities existed in libpng versions prior to 1.6.20. These were addressed by updating libpng to version 1.6.20.", "id": "CVE-2015-8126", "impact": "Processing a maliciously crafted .png file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206167" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 to v10.11.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Hugh Davenport", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2015-8242", "impact": "Processing maliciously crafted XML may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206166", "https://support.apple.com/en-us/HT206167", "https://support.apple.com/en-us/HT206168", "https://support.apple.com/en-us/HT206169" ], "module": "libxml2", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Hanno Boeck", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2015-8317", "impact": "Multiple vulnerabilities in libxml2", "links": [ "https://support.apple.com/en-us/HT206899", "https://support.apple.com/en-us/HT206901", "https://support.apple.com/en-us/HT206902", "https://support.apple.com/en-us/HT206903", "https://support.apple.com/en-us/HT206904", "https://support.apple.com/en-us/HT206905" ], "module": "libxml2", "rsr": "", "update": "June 4, 2017" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 to v10.11.3" ], "credit": "Adam Mari\u0161", "description": "Multiple vulnerabilities existed in libpng versions prior to 1.6.20. These were addressed by updating libpng to version 1.6.20.", "id": "CVE-2015-8472", "impact": "Processing a maliciously crafted .png file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206167" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 to v10.11.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "", "description": "Multiple vulnerabilities existed in nghttp2 versions prior to 1.6.0, the most serious of which may have led to remote code execution. These were addressed by updating nghttp2 to version 1.6.0.", "id": "CVE-2015-8659", "impact": "A remote attacker may be able to execute arbitrary code", "links": [ "https://support.apple.com/en-us/HT206166", "https://support.apple.com/en-us/HT206167", "https://support.apple.com/en-us/HT206168", "https://support.apple.com/en-us/HT206169" ], "module": "HTTPProtocol", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.5.34. These were addressed by updating PHP to version 5.5.34.", "id": "CVE-2015-8865", "impact": "Multiple vulnerabilities in PHP", "links": [ "https://support.apple.com/en-us/HT206567" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11.5 and later" ], "credit": "", "description": "Multiple issues existed in Node.js in Xcode Server. These issues were addressed by updating to Node.js version 4.5.0.", "id": "CVE-2016-0702", "impact": "A remote attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207268" ], "module": "IDE Xcode Server", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11.5 and later" ], "credit": "", "description": "Multiple issues existed in Node.js in Xcode Server. These issues were addressed by updating to Node.js version 4.5.0.", "id": "CVE-2016-0705", "impact": "A remote attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207268" ], "module": "IDE Xcode Server", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "Gustavo Grieco", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-0718", "impact": "Processing maliciously crafted XML may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206903" ], "module": "libexpat", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5 and later" ], "credit": "Isaac Boukris", "description": "Multiple security issues existed in curl prior to version 7.49.1. These issues were addressed by updating curl to version 7.49.1.", "id": "CVE-2016-0755", "impact": "Multiple issues in curl", "links": [ "https://support.apple.com/en-us/HT207170" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 to v10.11.3" ], "credit": "Qualys", "description": "Roaming, which was on by default in the OpenSSH client, exposed an information leak and a buffer overflow. These issues were addressed by disabling roaming in the client.", "id": "CVE-2016-0777", "impact": "Connecting to a server may leak sensitive user information, such as a client's private keys", "links": [ "https://support.apple.com/en-us/HT206167" ], "module": "OpenSSH", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 to v10.11.3" ], "credit": "Qualys", "description": "Roaming, which was on by default in the OpenSSH client, exposed an information leak and a buffer overflow. These issues were addressed by disabling roaming in the client.", "id": "CVE-2016-0778", "impact": "Connecting to a server may leak sensitive user information, such as a client's private keys", "links": [ "https://support.apple.com/en-us/HT206167" ], "module": "OpenSSH", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11.5 and later" ], "credit": "", "description": "Multiple issues existed in Node.js in Xcode Server. These issues were addressed by updating to Node.js version 4.5.0.", "id": "CVE-2016-0797", "impact": "A remote attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207268" ], "module": "IDE Xcode Server", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 to v10.11.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "an anonymous researcher", "description": "A frame validation and memory corruption issue existed for a given ethertype. This issue was addressed through additional ethertype validation and improved memory handling.", "id": "CVE-2016-0801", "impact": "An attacker with a privileged network position may be able to execute arbitrary code", "links": [ "https://support.apple.com/en-us/HT206166", "https://support.apple.com/en-us/HT206167", "https://support.apple.com/en-us/HT206168", "https://support.apple.com/en-us/HT206169" ], "module": "Wi-Fi", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 to v10.11.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "an anonymous researcher", "description": "A frame validation and memory corruption issue existed for a given ethertype. This issue was addressed through additional ethertype validation and improved memory handling.", "id": "CVE-2016-0802", "impact": "An attacker with a privileged network position may be able to execute arbitrary code", "links": [ "https://support.apple.com/en-us/HT206166", "https://support.apple.com/en-us/HT206167", "https://support.apple.com/en-us/HT206168", "https://support.apple.com/en-us/HT206169" ], "module": "Wi-Fi", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11.5 and later" ], "credit": "", "description": "Multiple issues existed in Node.js in Xcode Server. These issues were addressed by updating to Node.js version 4.5.0.", "id": "CVE-2016-1669", "impact": "A remote attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207268" ], "module": "IDE Xcode Server", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Nicolas Gr\u00e9goire", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-1683", "impact": "Multiple vulnerabilities in libxslt", "links": [ "https://support.apple.com/en-us/HT206899", "https://support.apple.com/en-us/HT206901", "https://support.apple.com/en-us/HT206902", "https://support.apple.com/en-us/HT206903", "https://support.apple.com/en-us/HT206904", "https://support.apple.com/en-us/HT206905" ], "module": "libxslt", "rsr": "", "update": "April 11, 2017" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Nicolas Gr\u00e9goire", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-1684", "impact": "Multiple vulnerabilities in libxslt", "links": [ "https://support.apple.com/en-us/HT206899", "https://support.apple.com/en-us/HT206901", "https://support.apple.com/en-us/HT206902", "https://support.apple.com/en-us/HT206903", "https://support.apple.com/en-us/HT206904", "https://support.apple.com/en-us/HT206905" ], "module": "libxslt", "rsr": "", "update": "April 11, 2017" }, { "available": [ "OS X El Capitan v10.11 to v10.11.2" ], "credit": "moony li of Trend Micro and Liang Chen and Sen Nie of KeenLab, Tencent", "description": "A memory corruption issue was addressed through improved memory handling.", "id": "CVE-2016-1716", "impact": "A local user may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT205731" ], "module": "AppleGraphicsPowerManagement", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 to v10.11.2", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Frank Graziano of Yahoo! Pentest Team", "description": "A memory corruption issue existed in the parsing of disk images. This issue was addressed through improved memory handling.", "id": "CVE-2016-1717", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT205729", "https://support.apple.com/en-us/HT205731", "https://support.apple.com/en-us/HT205732", "https://support.apple.com/en-us/HT206168" ], "module": "Disk Images", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11.0 to v10.11.2" ], "credit": "Juwei Lin Trend Micro working with HP's Zero Day Initiative", "description": "A memory corruption issue was addressed through improved memory handling.", "id": "CVE-2016-1718", "impact": "A local user may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT205731" ], "module": "IOAcceleratorFamily", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 to v10.11.2", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Ian Beer of Google Project Zero", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-1719", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT205729", "https://support.apple.com/en-us/HT205731", "https://support.apple.com/en-us/HT205732", "https://support.apple.com/en-us/HT206168" ], "module": "IOHIDFamily", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 to v10.11.2", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Ian Beer of Google Project Zero", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-1720", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT205729", "https://support.apple.com/en-us/HT205731", "https://support.apple.com/en-us/HT205732", "https://support.apple.com/en-us/HT206168" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 to v10.11.2", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Ian Beer of Google Project Zero and Ju Zhu of Trend Micro", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-1721", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT205729", "https://support.apple.com/en-us/HT205731", "https://support.apple.com/en-us/HT205732", "https://support.apple.com/en-us/HT206168" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 to v10.11.2", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Joshua J. Drake and Nikias Bassen of Zimperium zLabs", "description": "A memory corruption issue was addressed through improved memory handling.", "id": "CVE-2016-1722", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT205729", "https://support.apple.com/en-us/HT205731", "https://support.apple.com/en-us/HT205732", "https://support.apple.com/en-us/HT206168" ], "module": "syslog", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-1723", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205730", "https://support.apple.com/en-us/HT205732", "https://support.apple.com/en-us/HT206168" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-1724", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205729", "https://support.apple.com/en-us/HT205730", "https://support.apple.com/en-us/HT205732", "https://support.apple.com/en-us/HT206168" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-1725", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205730", "https://support.apple.com/en-us/HT205732", "https://support.apple.com/en-us/HT206168" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-1726", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205730", "https://support.apple.com/en-us/HT205732", "https://support.apple.com/en-us/HT206168" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-1727", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT205729", "https://support.apple.com/en-us/HT205730", "https://support.apple.com/en-us/HT205732", "https://support.apple.com/en-us/HT206168" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "an anonymous researcher coordinated via Joe Vennix", "description": "A privacy issue existed in the handling of the \"a:visited button\" CSS selector when evaluating the containing element's height. This was addressed through improved validation.", "id": "CVE-2016-1728", "impact": "Websites may know if the user has visited a given link", "links": [ "https://support.apple.com/en-us/HT205730", "https://support.apple.com/en-us/HT205732" ], "module": "WebKit CSS", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 to v10.11.2" ], "credit": "an anonymous researcher", "description": "An issue existed when searching for scripting libraries. This issue was addressed through improved search order and quarantine checks.", "id": "CVE-2016-1729", "impact": "A quarantined application may be able to override OSA script libraries installed by the user", "links": [ "https://support.apple.com/en-us/HT205731" ], "module": "OSA Scripts", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Adi Sharabani and Yair Amit of Skycure", "description": "An issue existed that allowed some captive portals to read or write cookies. The issue was addressed through an isolated cookie store for all captive portals.", "id": "CVE-2016-1730", "impact": "A malicious captive portal may be able to access the user's cookies", "links": [ "https://support.apple.com/en-us/HT205732" ], "module": "WebSheet", "rsr": "", "update": "" }, { "available": [ "Windows 7 and later" ], "credit": "", "description": "The contents of the updates window were retrieved from the network using an unprotected HTTP connection. This issue was addressed by using an encrypted HTTPS connection to retrieve the contents.", "id": "CVE-2016-1731", "impact": "An attacker in a privileged network position may be able to control the contents of the updates window", "links": [ "https://support.apple.com/en-us/HT206091" ], "module": "Apple Software Update", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 to v10.11.3" ], "credit": "Proteas of Qihoo 360 Nirvan Team", "description": "An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed through improved input validation.", "id": "CVE-2016-1732", "impact": "A local user may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT206167" ], "module": "AppleRAID", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 to v10.11.3" ], "credit": "Proteas of Qihoo 360 Nirvan Team", "description": "A memory corruption issue was addressed through improved input validation.", "id": "CVE-2016-1733", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206167" ], "module": "AppleRAID", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 to v10.11.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Andrea Barisani and Andrej Rosano of Inverse Path", "description": "An error handling issue existed in packet validation. This issue was addressed through improved error handling.", "id": "CVE-2016-1734", "impact": "A USB device may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT206166", "https://support.apple.com/en-us/HT206167" ], "module": "AppleUSBNetworking", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 to v10.11.3" ], "credit": "Jeonghoon Shin@A.D.D", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-1735", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206167" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 to v10.11.3" ], "credit": "beist and ABH of BoB", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-1736", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206167" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 to v10.11.3" ], "credit": "HappilyCoded (ant4g0nist &r3dsm0k3)", "description": "Multiple memory corruption issues existed in the handling of font files. These issues were addressed through improved bounds checking.", "id": "CVE-2016-1737", "impact": "Processing a maliciously crafted .dfont file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206167" ], "module": "Carbon", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 to v10.11.3" ], "credit": "beist and ABH of BoB", "description": "A code signing verification issue existed in dyld. This issue was addressed with improved validation.", "id": "CVE-2016-1738", "impact": "An attacker may tamper with code-signed applications to execute arbitrary code in the application's context", "links": [ "https://support.apple.com/en-us/HT206167" ], "module": "dyld", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 to v10.11.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "HappilyCoded (ant4g0nist and r3dsm0k3) working with Trend Micro's Zero Day Initiative (ZDI)", "description": "A memory corruption issue was addressed through improved memory handling.", "id": "CVE-2016-1740", "impact": "Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206166", "https://support.apple.com/en-us/HT206167", "https://support.apple.com/en-us/HT206168", "https://support.apple.com/en-us/HT206169" ], "module": "FontParser", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 to v10.11.3" ], "credit": "Ian Beer of Google Project Zero", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-1741", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206167" ], "module": "NVIDIA Graphics Drivers", "rsr": "", "update": "" }, { "available": [ "Windows 7 and later" ], "credit": "Stefan Kanthak and YoKo Kho (yokoacc) of MII - Consulting & Advisory Svc. Dept.", "description": "A dynamic library loading issue existed in iTunes setup. This was addressed through improved path searching.", "id": "CVE-2016-1742", "impact": "Running the iTunes installer in an untrusted directory may result in arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206379" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 to v10.11.3" ], "credit": "Piotr Bania of Cisco Talos", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-1743", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206167" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 to v10.11.3" ], "credit": "Ian Beer of Google Project Zero", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-1744", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206167" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 to v10.11.3" ], "credit": "sweetchip of Grayhash", "description": "A null pointer dereference was addressed through improved validation.", "id": "CVE-2016-1745", "impact": "A local user may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT206167" ], "module": "IOFireWireFamily", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 to v10.11.3" ], "credit": "Peter Pi of Trend Micro working with Trend Micro's Zero Day Initiative (ZDI)", "description": "A memory corruption issue was addressed through improved input validation.", "id": "CVE-2016-1746", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206167" ], "module": "IOGraphics", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 to v10.11.3" ], "credit": "Juwei Lin of Trend Micro working with Trend Micro's Zero Day Initiative (ZDI)", "description": "A memory corruption issue was addressed through improved input validation.", "id": "CVE-2016-1747", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206167" ], "module": "IOGraphics", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 to v10.11.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Brandon Azad", "description": "A memory corruption issue was addressed through improved memory handling.", "id": "CVE-2016-1748", "impact": "An application may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT206166", "https://support.apple.com/en-us/HT206167", "https://support.apple.com/en-us/HT206168", "https://support.apple.com/en-us/HT206169" ], "module": "IOHIDFamily", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 to v10.11.3" ], "credit": "Ian Beer of Google Project Zero and Juwei Lin of Trend Micro working with Trend Micro's Zero Day Initiative (ZDI)", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-1749", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206167" ], "module": "IOUSBFamily", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 to v10.11.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "CESG", "description": "A use after free issue was addressed through improved memory management.", "id": "CVE-2016-1750", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206166", "https://support.apple.com/en-us/HT206167", "https://support.apple.com/en-us/HT206168", "https://support.apple.com/en-us/HT206169" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Eric Monti of Square Mobile Security", "description": "A permissions issue existed in which execute permission was incorrectly granted. This issue was addressed through improved permission validation.", "id": "CVE-2016-1751", "impact": "An application may be able to bypass code signing", "links": [ "https://support.apple.com/en-us/HT206166", "https://support.apple.com/en-us/HT206168", "https://support.apple.com/en-us/HT206169" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 to v10.11.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "CESG", "description": "A denial of service issue was addressed through improved validation.", "id": "CVE-2016-1752", "impact": "An application may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT206166", "https://support.apple.com/en-us/HT206167", "https://support.apple.com/en-us/HT206168", "https://support.apple.com/en-us/HT206169" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 to v10.11.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Juwei Lin Trend Micro working with Trend Micro's Zero Day Initiative (ZDI)", "description": "Multiple integer overflows were addressed through improved input validation.", "id": "CVE-2016-1753", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206166", "https://support.apple.com/en-us/HT206167", "https://support.apple.com/en-us/HT206168", "https://support.apple.com/en-us/HT206169" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 to v10.11.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Lufeng Li of Qihoo 360 Vulcan Team", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-1754", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206166", "https://support.apple.com/en-us/HT206167", "https://support.apple.com/en-us/HT206168", "https://support.apple.com/en-us/HT206169" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 to v10.11.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Ian Beer of Google Project Zero", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-1755", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206166", "https://support.apple.com/en-us/HT206167", "https://support.apple.com/en-us/HT206168", "https://support.apple.com/en-us/HT206169" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 to v10.11.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Lufeng Li of Qihoo 360 Vulcan Team", "description": "A null pointer dereference was addressed through improved input validation.", "id": "CVE-2016-1756", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206166", "https://support.apple.com/en-us/HT206167" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 to v10.11.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Ian Beer of Google Project Zero and Pedro Vila\u00e7a", "description": "A race condition existed during the creation of new processes. This was addressed through improved state handling.", "id": "CVE-2016-1757", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206166", "https://support.apple.com/en-us/HT206167" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 to v10.11.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Brandon Azad", "description": "An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed through improved input validation.", "id": "CVE-2016-1758", "impact": "An application may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT206166", "https://support.apple.com/en-us/HT206167" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 to v10.11.3" ], "credit": "lokihardt", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-1759", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206167" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Proteas of Qihoo 360 Nirvan Team", "description": "An event handler validation issue existed in the XPC Services API. This issue was addressed through improved message validation.", "id": "CVE-2016-1760", "impact": "An application may be able to modify events from other applications", "links": [ "https://support.apple.com/en-us/HT206166" ], "module": "LaunchServices", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 to v10.11.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "wol0xff working with Trend Micro's Zero Day Initiative (ZDI)", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-1761", "impact": "Processing maliciously crafted XML may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206166", "https://support.apple.com/en-us/HT206167", "https://support.apple.com/en-us/HT206168" ], "module": "libxml2", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 to v10.11.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-1762", "impact": "Processing maliciously crafted XML may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206166", "https://support.apple.com/en-us/HT206167", "https://support.apple.com/en-us/HT206168", "https://support.apple.com/en-us/HT206169" ], "module": "libxml2", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "CityTog", "description": "An issue existed in the parsing of SMS URLs. This issue was addressed through improved URL validation.", "id": "CVE-2016-1763", "impact": "Visiting a maliciously crafted website may auto-fill text into other Message threads", "links": [ "https://support.apple.com/en-us/HT206166" ], "module": "Messages", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 to v10.11.3" ], "credit": "Matthew Bryant of the Uber Security Team (formerly of Bishop Fox), Joe DeMesy and Shubham Shah of Bishop Fox", "description": "An issue existed in the processing of JavaScript links. This issue was addressed through improved content security policy checks.", "id": "CVE-2016-1764", "impact": "Clicking a JavaScript link can reveal sensitive user information", "links": [ "https://support.apple.com/en-us/HT206167" ], "module": "Messages", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "Proteas of Qihoo 360 Nirvan Team and Will Estes (@squiffy)", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-1765", "impact": "A local attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206172" ], "module": "otool", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Taylor Boyko working with Trend Micro's Zero Day Initiative (ZDI)", "description": "A certificate validation issue existed in MDM profiles. This was addressed through additional checks.", "id": "CVE-2016-1766", "impact": "An untrusted MDM profile may be incorrectly displayed as verified", "links": [ "https://support.apple.com/en-us/HT206166" ], "module": "Profiles", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 to v10.11.3" ], "credit": "Francis Provencher from COSIG", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-1767", "impact": "Processing a maliciously crafted FlashPix Bitmap Image may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206167" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 to v10.11.3" ], "credit": "Francis Provencher from COSIG", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-1768", "impact": "Processing a maliciously crafted FlashPix Bitmap Image may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206167" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 to v10.11.3" ], "credit": "Francis Provencher from COSIG", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-1769", "impact": "Processing a maliciously crafted Photoshop document may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206167" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 to v10.11.3" ], "credit": "Guillaume Ross of Rapid7 and Laurent Chouinard of Laurent.ca", "description": "A user was not prompted before invoking a call. This was addressed through improved entitlement checks.", "id": "CVE-2016-1770", "impact": "Clicking a tel link can make a call without prompting the user", "links": [ "https://support.apple.com/en-us/HT206167" ], "module": "Reminders", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.4" ], "credit": "Russ Cox", "description": "An insufficient input validation issue existed in the handling of certain files. This was addressed through additional checks during file expansion.", "id": "CVE-2016-1771", "impact": "Visiting a maliciously crafted webpage may lead to a system denial of service", "links": [ "https://support.apple.com/en-us/HT206171" ], "module": "Safari Downloads", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.4" ], "credit": "WoofWagly", "description": "A cookie storage issue existed in the Top Sites page. This issue was addressed through improved state management.", "id": "CVE-2016-1772", "impact": "A website may be able to track sensitive user information", "links": [ "https://support.apple.com/en-us/HT206171" ], "module": "Safari Top Sites", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 to v10.11.3" ], "credit": "Mark Mentovai of Google Inc.", "description": "A permissions issue existed in code signing tools. This was addressed though additional ownership checks.", "id": "CVE-2016-1773", "impact": "A local user may be able to check for the existence of arbitrary files", "links": [ "https://support.apple.com/en-us/HT206167" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11.4" ], "credit": "CJKApps", "description": "An issue in Time Machine server did not properly warn administrators if permissions were ignored when performing a server backup. This issue was addressed through improved warnings.", "id": "CVE-2016-1774", "impact": "An administrator may unknowingly store backups on a volume without permissions enabled", "links": [ "https://support.apple.com/en-us/HT206173" ], "module": "Server App", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 to v10.11.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "0x1byte working with Trend Micro's Zero Day Initiative (ZDI)", "description": "A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation.", "id": "CVE-2016-1775", "impact": "Processing a maliciously crafted font file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206166", "https://support.apple.com/en-us/HT206167", "https://support.apple.com/en-us/HT206168", "https://support.apple.com/en-us/HT206169" ], "module": "TrueTypeScaler", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11.4" ], "credit": "Shawn Pullum of University of California, Irvine", "description": "A file access issue existed in Apache with .DS_Store and .htaccess files. This issue was addressed through improved access restrictions.", "id": "CVE-2016-1776", "impact": "A remote user may be able to view sensitive configuration information", "links": [ "https://support.apple.com/en-us/HT206173" ], "module": "Web Server", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11.4", "macOS Sierra 10.12.1" ], "credit": "Pepi Zawodsky", "description": "RC4 was removed as a default cipher.", "id": "CVE-2016-1777", "impact": "An attacker may be able to exploit weaknesses in the RC4 cryptographic algorithm", "links": [ "https://support.apple.com/en-us/HT206173", "https://support.apple.com/en-us/HT207423" ], "module": "OpenLDAP", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.4", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "0x1byte working with Trend Micro's Zero Day Initiative (ZDI) and Yang Zhao of CM Security", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-1778", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206166", "https://support.apple.com/en-us/HT206171" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.4", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "xisigr of Tencent's Xuanwu Lab (www.tencent.com)", "description": "An issue existed in the parsing of geolocation requests. This was addressed through improved validation of the security origin for geolocation requests.", "id": "CVE-2016-1779", "impact": "Visiting a maliciously crafted website may reveal a user's current location", "links": [ "https://support.apple.com/en-us/HT206166", "https://support.apple.com/en-us/HT206171" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Maryam Mehrnezhad, Ehsan Toreini, Siamak F. Shahandashti, and Feng Hao of the School of Computing Science, Newcastle University, UK", "description": "A hidden web page may be able to access device-orientation and device-motion data. This issue was addressed by suspending the availability of this data when the web view is hidden.", "id": "CVE-2016-1780", "impact": "A website may be able to track sensitive user information", "links": [ "https://support.apple.com/en-us/HT206166" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.4", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Devdatta Akhawe of Dropbox, Inc.", "description": "An issue existed in the handling of attachment URLs. This issue was addressed through improved URL handling.", "id": "CVE-2016-1781", "impact": "A website may be able to track sensitive user information", "links": [ "https://support.apple.com/en-us/HT206166", "https://support.apple.com/en-us/HT206171" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.4", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Muneaki Nishimura (nishimunea) of Recruit Technologies Co.,Ltd.", "description": "A port redirection issue was addressed through additional port validation.", "id": "CVE-2016-1782", "impact": "A malicious website may be able to access restricted ports on arbitrary servers", "links": [ "https://support.apple.com/en-us/HT206166", "https://support.apple.com/en-us/HT206171" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.4", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Mihai Parparita of Google", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-1783", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206166", "https://support.apple.com/en-us/HT206169", "https://support.apple.com/en-us/HT206171" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.4", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Moony Li and Jack Tang of TrendMicro and \u674e\u666e\u541b of \u65e0\u58f0\u4fe1\u606f\u6280\u672fPKAV Team (PKAV.net)", "description": "A resource exhaustion issue was addressed through improved input validation.", "id": "CVE-2016-1784", "impact": "Processing maliciously crafted web content may lead to an unexpected Safari crash", "links": [ "https://support.apple.com/en-us/HT206166", "https://support.apple.com/en-us/HT206169", "https://support.apple.com/en-us/HT206171" ], "module": "WebKit History", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.4", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "an anonymous researcher", "description": "A caching issue existed with character encoding. This was addressed through additional request checking.", "id": "CVE-2016-1785", "impact": "A malicious website may exfiltrate data cross-origin", "links": [ "https://support.apple.com/en-us/HT206166", "https://support.apple.com/en-us/HT206171" ], "module": "WebKit Page Loading", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.4", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "ma.la of LINE Corporation", "description": "Redirect responses may have allowed a malicious website to display an arbitrary URL and read cached contents of the destination origin. This issue was addressed through improved URL display logic.", "id": "CVE-2016-1786", "impact": "Visiting a malicious website may lead to user interface spoofing", "links": [ "https://support.apple.com/en-us/HT206166", "https://support.apple.com/en-us/HT206171" ], "module": "WebKit Page Loading", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11.4" ], "credit": "an anonymous researcher", "description": "An access issue existed in some Wiki pages. This issue was addressed through improved access restrictions.", "id": "CVE-2016-1787", "impact": "An attacker in a privileged network position may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT206173" ], "module": "Wiki Server", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 to v10.11.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Christina Garman, Matthew Green, Gabriel Kaptchuk, Ian Miers, and Michael Rushanan of Johns Hopkins University", "description": "A cryptographic issue was addressed by rejecting duplicate messages on the client.", "id": "CVE-2016-1788", "impact": "An attacker who is able to bypass Apple's certificate pinning, intercept TLS connections, inject messages, and record encrypted attachment-type messages may be able to read attachments", "links": [ "https://support.apple.com/en-us/HT206166", "https://support.apple.com/en-us/HT206167", "https://support.apple.com/en-us/HT206168" ], "module": "Messages", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10 or later" ], "credit": "Behrouz Sadeghipour (@Nahamsec) and Patrik Fehrenbach (@ITSecurityguard)", "description": "An XML external entity reference issue existed with iBook Author parsing. This issue was addressed through improved parsing.", "id": "CVE-2016-1789", "impact": "Parsing a maliciously crafted iBooks Author file may lead to disclosure of user information", "links": [ "https://support.apple.com/en-us/HT206224" ], "module": "iBooks Author", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Rapelly Akhil", "description": "An out-of-bounds read issue was addressed through improved input validation.", "id": "CVE-2016-1790", "impact": "A malicious application may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT206568" ], "module": "Accessibility", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later" ], "credit": "daybreaker of Minionz", "description": "An issue existed that led to the disclosure of kernel memory content. This issue was addressed through improved bounds checking.", "id": "CVE-2016-1791", "impact": "An application may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT206567" ], "module": "AMD", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "beist and ABH of BoB", "description": "A memory corruption issue was addressed through improved memory handling.", "id": "CVE-2016-1792", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206567" ], "module": "AMD", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "Ian Beer of Google Project Zero", "description": "A null pointer dereference was addressed through improved validation.", "id": "CVE-2016-1793", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206567" ], "module": "AppleGraphicsControl", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "Ian Beer of Google Project Zero", "description": "A null pointer dereference was addressed through improved validation.", "id": "CVE-2016-1794", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206567" ], "module": "AppleGraphicsControl", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "Moony Li (@Flyic) and Jack Tang (@jacktang310) of Trend Micro", "description": "A memory corruption issue was addressed through improved memory handling.", "id": "CVE-2016-1795", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206567" ], "module": "AppleGraphicsPowerManagement", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "lokihardt working with Trend Micro's Zero Day Initiative", "description": "An out of bounds memory access issue was addressed through improved memory handling.", "id": "CVE-2016-1796", "impact": "A local user may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT206567" ], "module": "ATS", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "lokihardt working with Trend Micro's Zero Day Initiative", "description": "An issue existed in the sandbox policy. This was addressed by sandboxing FontValidator.", "id": "CVE-2016-1797", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT206567" ], "module": "ATS", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.5 and OS X El Capitan v10.11 and later" ], "credit": "Juwei Lin of TrendMicro", "description": "A null pointer dereference was addressed through improved validation.", "id": "CVE-2016-1798", "impact": "An application may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT206567" ], "module": "Audio", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "Juwei Lin of TrendMicro", "description": "A memory corruption issue was addressed through improved input validation.", "id": "CVE-2016-1799", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206567" ], "module": "Audio", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later" ], "credit": "Apple", "description": "A custom URL scheme handling issue was addressed through improved input validation.", "id": "CVE-2016-1800", "impact": "An attacker in a privileged network position may be able to execute arbitrary code with user assistance", "links": [ "https://support.apple.com/en-us/HT206567" ], "module": "Captive Network Assistant", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X El Capitan v10.11 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Alex Chapman and Paul Stone of Context Information Security", "description": "An information leak existed in the handling of HTTP and HTTPS requests. This issue was addressed through improved URL handling.", "id": "CVE-2016-1801", "impact": "An attacker in a privileged network position may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT206564", "https://support.apple.com/en-us/HT206567", "https://support.apple.com/en-us/HT206568" ], "module": "CFNetwork Proxies", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Klaus Rodewig", "description": "An issue existed in the handling of return values in CCCrypt. This issue was addressed through improved key length management.", "id": "CVE-2016-1802", "impact": "A malicious application may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT206564", "https://support.apple.com/en-us/HT206566", "https://support.apple.com/en-us/HT206567", "https://support.apple.com/en-us/HT206568" ], "module": "CommonCrypto", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Ian Beer of Google Project Zero, daybreaker working with Trend Micro\u2019s Zero Day Initiative", "description": "A null pointer dereference was addressed through improved validation.", "id": "CVE-2016-1803", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206564", "https://support.apple.com/en-us/HT206566", "https://support.apple.com/en-us/HT206567", "https://support.apple.com/en-us/HT206568" ], "module": "CoreCapture", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "Liang Chen, Yubin Fu, Marco Grassi of KeenLab, Tencent of Trend Micro's Zero Day Initiative", "description": "A memory corruption issue was addressed through improved memory handling.", "id": "CVE-2016-1804", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT206567" ], "module": "Multi-Touch", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "Stefan Esser", "description": "A configuration issue was addressed through additional restrictions.", "id": "CVE-2016-1805", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206567" ], "module": "CoreStorage", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "lokihardt working with Trend Micro's Zero Day Initiative", "description": "A configuration issue was addressed through additional restrictions.", "id": "CVE-2016-1806", "impact": "An application may be able to execute arbitrary code with root privileges", "links": [ "https://support.apple.com/en-us/HT206567" ], "module": "Crash Reporter", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Ian Beer of Google Project Zero", "description": "A race condition was addressed through improved locking.", "id": "CVE-2016-1807", "impact": "A local attacker may be able to read kernel memory", "links": [ "https://support.apple.com/en-us/HT206564", "https://support.apple.com/en-us/HT206566", "https://support.apple.com/en-us/HT206567", "https://support.apple.com/en-us/HT206568" ], "module": "Disk Images", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Moony Li (@Flyic) and Jack Tang (@jacktang310) of Trend Micro", "description": "A memory corruption issue existed in the parsing of disk images. This issue was addressed through improved memory handling.", "id": "CVE-2016-1808", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206564", "https://support.apple.com/en-us/HT206566", "https://support.apple.com/en-us/HT206567", "https://support.apple.com/en-us/HT206568" ], "module": "Disk Images", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "Ast A. Moore (@astamoore) and David Foster of TechSmartKids", "description": "Incorrect keys were being used to encrypt disk images. This issue was addressed by updating the encryption keys.", "id": "CVE-2016-1809", "impact": "Disk Utility failed to compress and encrypt disk images", "links": [ "https://support.apple.com/en-us/HT206567" ], "module": "Disk Utility", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "Moony Li (@Flyic) and Jack Tang (@jacktang310) of Trend Micro", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-1810", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206567" ], "module": "Graphics Drivers", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Lander Brandt (@landaire)", "description": "A null pointer dereference was addressed through improved validation.", "id": "CVE-2016-1811", "impact": "Processing a maliciously crafted image may lead to a denial of service", "links": [ "https://support.apple.com/en-us/HT206564", "https://support.apple.com/en-us/HT206566", "https://support.apple.com/en-us/HT206567", "https://support.apple.com/en-us/HT206568" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "Juwei Lin of TrendMicro", "description": "A buffer overflow was addressed through improved bounds checking.", "id": "CVE-2016-1812", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206567" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Ian Beer of Google Project Zero", "description": "A null pointer dereference was addressed through improved validation.", "id": "CVE-2016-1813", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206564", "https://support.apple.com/en-us/HT206566", "https://support.apple.com/en-us/HT206567", "https://support.apple.com/en-us/HT206568" ], "module": "IOAcceleratorFamily", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X El Capitan v10.11 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Juwei Lin of TrendMicro", "description": "A null pointer dereference was addressed through improved locking.", "id": "CVE-2016-1814", "impact": "An application may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT206564", "https://support.apple.com/en-us/HT206567", "https://support.apple.com/en-us/HT206568" ], "module": "IOAcceleratorFamily", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "Liang Chen, Qidan He of KeenLab, Tencent working with Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-1815", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206567" ], "module": "IOAcceleratorFamily", "rsr": "", "update": "December 13, 2016" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "Peter Pi (@heisecode) of Trend Micro and Juwei Lin of Trend Micro", "description": "A null pointer dereference was addressed through improved validation.", "id": "CVE-2016-1816", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206567" ], "module": "IOAcceleratorFamily", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Moony Li (@Flyic) and Jack Tang (@jacktang310) of Trend Micro working with Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-1817", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206564", "https://support.apple.com/en-us/HT206566", "https://support.apple.com/en-us/HT206567", "https://support.apple.com/en-us/HT206568" ], "module": "IOAcceleratorFamily", "rsr": "", "update": "December 13, 2016" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Juwei Lin of TrendMicro, sweetchip@GRAYHASH working with Trend Micro\u2019s Zero Day Initiative", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-1818", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206564", "https://support.apple.com/en-us/HT206566", "https://support.apple.com/en-us/HT206567", "https://support.apple.com/en-us/HT206568" ], "module": "IOAcceleratorFamily", "rsr": "", "update": "December 13, 2016" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Ian Beer of Google Project Zero", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-1819", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206564", "https://support.apple.com/en-us/HT206566", "https://support.apple.com/en-us/HT206567", "https://support.apple.com/en-us/HT206568" ], "module": "IOAcceleratorFamily", "rsr": "", "update": "December 13, 2016" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "Moony Li (@Flyic) and Jack Tang (@jacktang310) of Trend Micro working with Trend Micro\u2019s Zero Day Initiative", "description": "A buffer overflow was addressed with improved bounds checking.", "id": "CVE-2016-1820", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206567" ], "module": "IOAudioFamily", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "Ian Beer of Google Project Zero", "description": "A null pointer dereference was addressed through improved validation.", "id": "CVE-2016-1821", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206567" ], "module": "IOAudioFamily", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "CESG", "description": "A memory corruption issue was addressed through improved memory handling.", "id": "CVE-2016-1822", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206567" ], "module": "IOFireWireFamily", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Ian Beer of Google Project Zero", "description": "A memory corruption issue was addressed through improved memory handling.", "id": "CVE-2016-1823", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206564", "https://support.apple.com/en-us/HT206566", "https://support.apple.com/en-us/HT206567", "https://support.apple.com/en-us/HT206568" ], "module": "IOHIDFamily", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Marco Grassi (@marcograss) of KeenLab (@keen_lab), Tencent", "description": "A memory corruption issue was addressed through improved memory handling.", "id": "CVE-2016-1824", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206564", "https://support.apple.com/en-us/HT206566", "https://support.apple.com/en-us/HT206567", "https://support.apple.com/en-us/HT206568" ], "module": "IOHIDFamily", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "Brandon Azad", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-1825", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206567" ], "module": "IOHIDFamily", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "Ben Murphy working with Trend Micro\u2019s Zero Day Initiative", "description": "An integer overflow existed in dtrace. This issue was addressed through improved bounds checking.", "id": "CVE-2016-1826", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206567" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Brandon Azad", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-1827", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206564", "https://support.apple.com/en-us/HT206566", "https://support.apple.com/en-us/HT206567", "https://support.apple.com/en-us/HT206568" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Brandon Azad", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-1828", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206564", "https://support.apple.com/en-us/HT206566", "https://support.apple.com/en-us/HT206567", "https://support.apple.com/en-us/HT206568" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "CESG", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-1829", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206564", "https://support.apple.com/en-us/HT206566", "https://support.apple.com/en-us/HT206567", "https://support.apple.com/en-us/HT206568" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Brandon Azad", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-1830", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206564", "https://support.apple.com/en-us/HT206566", "https://support.apple.com/en-us/HT206567", "https://support.apple.com/en-us/HT206568" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Brandon Azad", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-1831", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206567", "https://support.apple.com/en-us/HT206568" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Karl Williamson", "description": "A memory corruption issue was addressed through improved input validation.", "id": "CVE-2016-1832", "impact": "A local attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206564", "https://support.apple.com/en-us/HT206566", "https://support.apple.com/en-us/HT206567", "https://support.apple.com/en-us/HT206568" ], "module": "libc", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Mateusz Jurczyk", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-1833", "impact": "Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206564", "https://support.apple.com/en-us/HT206566", "https://support.apple.com/en-us/HT206567", "https://support.apple.com/en-us/HT206568" ], "module": "libxml2", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-1834", "impact": "Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206564", "https://support.apple.com/en-us/HT206566", "https://support.apple.com/en-us/HT206567", "https://support.apple.com/en-us/HT206568" ], "module": "libxml2", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Wei Lei and Liu Yang of Nanyang Technological University", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-1835", "impact": "Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206567", "https://support.apple.com/en-us/HT206568" ], "module": "libxml2", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Wei Lei and Liu Yang of Nanyang Technological University", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-1836", "impact": "Multiple vulnerabilities in libxml2", "links": [ "https://support.apple.com/en-us/HT206564", "https://support.apple.com/en-us/HT206566", "https://support.apple.com/en-us/HT206567", "https://support.apple.com/en-us/HT206568", "https://support.apple.com/en-us/HT206899", "https://support.apple.com/en-us/HT206901", "https://support.apple.com/en-us/HT206902", "https://support.apple.com/en-us/HT206903", "https://support.apple.com/en-us/HT206904", "https://support.apple.com/en-us/HT206905" ], "module": "libxml2", "rsr": "", "update": "June 4, 2017" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Wei Lei and Liu Yang of Nanyang Technological University", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-1837", "impact": "Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206564", "https://support.apple.com/en-us/HT206566", "https://support.apple.com/en-us/HT206567", "https://support.apple.com/en-us/HT206568" ], "module": "libxml2", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Mateusz Jurczyk", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-1838", "impact": "Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206564", "https://support.apple.com/en-us/HT206566", "https://support.apple.com/en-us/HT206567", "https://support.apple.com/en-us/HT206568" ], "module": "libxml2", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Mateusz Jurczyk", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-1839", "impact": "Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206564", "https://support.apple.com/en-us/HT206566", "https://support.apple.com/en-us/HT206567", "https://support.apple.com/en-us/HT206568" ], "module": "libxml2", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Kostya Serebryany", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-1840", "impact": "Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206564", "https://support.apple.com/en-us/HT206566", "https://support.apple.com/en-us/HT206567", "https://support.apple.com/en-us/HT206568" ], "module": "libxml2", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Sebastian Apelt", "description": "A memory corruption issue was addressed through improved memory handling.", "id": "CVE-2016-1841", "impact": "Visiting a maliciously crafted website may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206564", "https://support.apple.com/en-us/HT206566", "https://support.apple.com/en-us/HT206567", "https://support.apple.com/en-us/HT206568" ], "module": "libxslt", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Richard Shupak (https://www.linkedin.com/in/rshupak)", "description": "Shared links were sent with HTTP rather than HTTPS. This was addressed by enabling HTTPS for shared links.", "id": "CVE-2016-1842", "impact": "An attacker in a privileged network position may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT206566", "https://support.apple.com/en-us/HT206567", "https://support.apple.com/en-us/HT206568" ], "module": "MapKit", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "Heige (a.k.a. SuperHei) of Knownsec 404 Security Team [http://www.knownsec.com]", "description": "An encoding issue existed in filename parsing. This issue was addressed through improved filename encoding.", "id": "CVE-2016-1843", "impact": "A remote attacker may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT206567" ], "module": "Messages", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "Thijs Alkemade of Computest", "description": "A validation issue existed in roster changes. This issue was addressed through improved validation of roster sets.", "id": "CVE-2016-1844", "impact": "A malicious server or user may be able to modify another user's contact list", "links": [ "https://support.apple.com/en-us/HT206567" ], "module": "Messages", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "Ian Beer of Google Project Zero", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-1846", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206567" ], "module": "NVIDIA Graphics Drivers", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Tongbo Luo and Bo Qu of Palo Alto Networks", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-1847", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206564", "https://support.apple.com/en-us/HT206566", "https://support.apple.com/en-us/HT206567", "https://support.apple.com/en-us/HT206568" ], "module": "OpenGL", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "Francis Provencher from COSIG", "description": "A memory corruption issue was addressed through improved memory handling.", "id": "CVE-2016-1848", "impact": "Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206567" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.5", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "an anonymous researcher", "description": "\"Clear History and Website Data\" did not clear the history. The issue was addressed through improved data deletion.", "id": "CVE-2016-1849", "impact": "A user may be unable to fully delete browsing history", "links": [ "https://support.apple.com/en-us/HT206565", "https://support.apple.com/en-us/HT206568" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "Tyler Bohan of Cisco Talos", "description": "A memory corruption issue was addressed through improved memory handling.", "id": "CVE-2016-1850", "impact": "Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206567" ], "module": "SceneKit", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "an anonymous researcher", "description": "An issue existed in the management of password profiles. This issue was addressed through improved password reset handling.", "id": "CVE-2016-1851", "impact": "A person with physical access to a computer may be able to reset an expired password from the lock screen", "links": [ "https://support.apple.com/en-us/HT206567" ], "module": "Screen Lock", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "videosdebarraquito", "description": "A state management issue existed when accessing Siri results on the lock screen. This issue was addressed by disabling data detectors in Twitter results when the device is locked.", "id": "CVE-2016-1852", "impact": "A person with physical access to an iOS device may be able to use Siri to access contacts and photos from the the lock screen", "links": [ "https://support.apple.com/en-us/HT206568" ], "module": "Siri", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "researchers at Tel Aviv University, M\u00fcnster University of Applied Sciences, Ruhr University Bochum, the University of Pennsylvania, the Hashcat project, the University of Michigan, Two Sigma, Google, and the OpenSSL project: Nimrod Aviram, Sebastian Schinzel, Juraj Somorovsky, Nadia Heninger, Maik Dankel, Jens Steube, Luke Valenta, David Adrian, J. Alex Halderman, Viktor Dukhovni, Emilia K\u00e4sper, Shaanan Cohney, Susanne Engels, Christof Paar, and Yuval Shavitt", "description": "A protocol security issue was addressed by disabling SSLv2.", "id": "CVE-2016-1853", "impact": "An attacker in a privileged network position may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT206567" ], "module": "Tcl", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.5", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Anonymous working with Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-1854", "impact": "Visiting a maliciously crafted website may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206564", "https://support.apple.com/en-us/HT206565", "https://support.apple.com/en-us/HT206568" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.5", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Tongbo Luo and Bo Qu of Palo Alto Networks", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-1855", "impact": "Visiting a maliciously crafted website may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206564", "https://support.apple.com/en-us/HT206565", "https://support.apple.com/en-us/HT206568" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.5", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "lokihardt working with Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-1856", "impact": "Visiting a maliciously crafted website may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206564", "https://support.apple.com/en-us/HT206565", "https://support.apple.com/en-us/HT206568" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.5", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Jeonghoon Shin@A.D.D and Liang Chen, Zhen Feng, wushi of KeenLab, Tencent working with Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-1857", "impact": "Visiting a maliciously crafted website may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206564", "https://support.apple.com/en-us/HT206565", "https://support.apple.com/en-us/HT206568" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.5", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "an anonymous researcher", "description": "An insufficient taint tracking issue in the parsing of svg images was addressed through improved taint tracking.", "id": "CVE-2016-1858", "impact": "Visiting a malicious website may disclose data from another website", "links": [ "https://support.apple.com/en-us/HT206564", "https://support.apple.com/en-us/HT206565", "https://support.apple.com/en-us/HT206568" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.5", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Liang Chen, wushi of KeenLab, Tencent working with Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-1859", "impact": "Visiting a maliciously crafted website may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206564", "https://support.apple.com/en-us/HT206565", "https://support.apple.com/en-us/HT206568" ], "module": "WebKit Canvas", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "Brandon Azad and Qidan He (@flanker_hqd) from KeenLab, Tencent", "description": "Multiple access issues were addressed through additional restrictions.", "id": "CVE-2016-1860", "impact": "An application may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT206567" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "Ian Beer of Google Project Zero", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-1861", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206567" ], "module": "NVIDIA Graphics Drivers", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "Marco Grassi (@marcograss) of KeenLab (@keen_lab), Tencent", "description": "Multiple access issues were addressed through additional restrictions.", "id": "CVE-2016-1862", "impact": "An application may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT206567" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Ian Beer of Google Project Zero", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-1863", "impact": "A local user may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206902", "https://support.apple.com/en-us/HT206903", "https://support.apple.com/en-us/HT206904", "https://support.apple.com/en-us/HT206905" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.4", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Takeshi Terada of Mitsui Bussan Secure Directions, Inc.", "description": "An issue existed in URL redirection when XSS auditor was used in block mode. This issue was addressed through improved URL navigation.", "id": "CVE-2016-1864", "impact": "Opening a maliciously crafted URL may lead to the disclosure of sensitive user information", "links": [ "https://support.apple.com/en-us/HT206166", "https://support.apple.com/en-us/HT206171" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "CESG, Marco Grassi (@marcograss) of KeenLab(@keen_lab), Tencent", "description": "A null pointer dereference was addressed through improved input validation.", "id": "CVE-2016-1865", "impact": "A local user may be able to cause a system denial of service", "links": [ "https://support.apple.com/en-us/HT206902", "https://support.apple.com/en-us/HT206903", "https://support.apple.com/en-us/HT206904", "https://support.apple.com/en-us/HT206905" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 to v10.11.3", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Francis Gabriel of Quarkslab", "description": "A memory corruption issue existed in the ASN.1 decoder. This issue was addressed through improved input validation.", "id": "CVE-2016-1950", "impact": "Processing a maliciously crafted certificate may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206166", "https://support.apple.com/en-us/HT206167", "https://support.apple.com/en-us/HT206168", "https://support.apple.com/en-us/HT206169" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11.5 and later" ], "credit": "", "description": "Multiple issues existed in Node.js in Xcode Server. These issues were addressed by updating to Node.js version 4.5.0.", "id": "CVE-2016-2086", "impact": "A remote attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207268" ], "module": "IDE Xcode Server", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "Guido Vranken", "description": "Multiple issues existed in OpenSSL. These issues were resolved by backporting the fixes from OpenSSL 1.0.2h/1.0.1 to OpenSSL 0.9.8.", "id": "CVE-2016-2105", "impact": "A remote attacker may be able to execute arbitrary code", "links": [ "https://support.apple.com/en-us/HT206903" ], "module": "OpenSSL", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "Guido Vranken", "description": "Multiple issues existed in OpenSSL. These issues were resolved by backporting the fixes from OpenSSL 1.0.2h/1.0.1 to OpenSSL 0.9.8.", "id": "CVE-2016-2106", "impact": "A remote attacker may be able to execute arbitrary code", "links": [ "https://support.apple.com/en-us/HT206903" ], "module": "OpenSSL", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "Juraj Somorovsky", "description": "Multiple issues existed in OpenSSL. These issues were resolved by backporting the fixes from OpenSSL 1.0.2h/1.0.1 to OpenSSL 0.9.8.", "id": "CVE-2016-2107", "impact": "A remote attacker may be able to execute arbitrary code", "links": [ "https://support.apple.com/en-us/HT206903" ], "module": "OpenSSL", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "Huzaifa Sidhpurwala (Red Hat), Hanno B\u00f6ck, David Benjamin (Google), Mark Brand and Ian Beer of Google Project Zero", "description": "Multiple issues existed in LibreSSL before 2.2.7. These were addressed by updating LibreSSL to version 2.2.7.", "id": "CVE-2016-2108", "impact": "A remote attacker may be able to execute arbitrary code", "links": [ "https://support.apple.com/en-us/HT206903" ], "module": "LibreSSL", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "Brian Carpenter", "description": "Multiple issues existed in LibreSSL before 2.2.7. These were addressed by updating LibreSSL to version 2.2.7.", "id": "CVE-2016-2109", "impact": "A remote attacker may be able to execute arbitrary code", "links": [ "https://support.apple.com/en-us/HT206903" ], "module": "LibreSSL", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "Guido Vranken", "description": "Multiple issues existed in OpenSSL. These issues were resolved by backporting the fixes from OpenSSL 1.0.2h/1.0.1 to OpenSSL 0.9.8.", "id": "CVE-2016-2176", "impact": "A remote attacker may be able to execute arbitrary code", "links": [ "https://support.apple.com/en-us/HT206903" ], "module": "OpenSSL", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11.5 and later" ], "credit": "", "description": "Multiple issues existed in Node.js in Xcode Server. These issues were addressed by updating to Node.js version 4.5.0.", "id": "CVE-2016-2216", "impact": "A remote attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207268" ], "module": "IDE Xcode Server", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "", "description": "A heap-based buffer overflow issue existed in the handling of filenames. This issue was addressed by updating git to version 2.7.4.", "id": "CVE-2016-2315", "impact": "A remote attacker may be able to execute arbitrary code", "links": [ "https://support.apple.com/en-us/HT206338" ], "module": "Git", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "", "description": "A heap-based buffer overflow issue existed in the handling of filenames. This issue was addressed by updating git to version 2.7.4.", "id": "CVE-2016-2324", "impact": "A remote attacker may be able to execute arbitrary code", "links": [ "https://support.apple.com/en-us/HT206338" ], "module": "Git", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.5.34. These were addressed by updating PHP to version 5.5.34.", "id": "CVE-2016-3141", "impact": "Multiple vulnerabilities in PHP", "links": [ "https://support.apple.com/en-us/HT206567" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.5.34. These were addressed by updating PHP to version 5.5.34.", "id": "CVE-2016-3142", "impact": "Multiple vulnerabilities in PHP", "links": [ "https://support.apple.com/en-us/HT206567" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.5.34. These were addressed by updating PHP to version 5.5.34.", "id": "CVE-2016-4070", "impact": "Multiple vulnerabilities in PHP", "links": [ "https://support.apple.com/en-us/HT206567" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.5.34. These were addressed by updating PHP to version 5.5.34.", "id": "CVE-2016-4071", "impact": "Multiple vulnerabilities in PHP", "links": [ "https://support.apple.com/en-us/HT206567" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.5.34. These were addressed by updating PHP to version 5.5.34.", "id": "CVE-2016-4072", "impact": "Multiple vulnerabilities in PHP", "links": [ "https://support.apple.com/en-us/HT206567" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "", "description": "Multiple vulnerabilities existed in PHP versions prior to 5.5.34. These were addressed by updating PHP to version 5.5.34.", "id": "CVE-2016-4073", "impact": "Multiple vulnerabilities in PHP", "links": [ "https://support.apple.com/en-us/HT206567" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Wei Lei and Liu Yang of Nanyang Technological University", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-4447", "impact": "Multiple vulnerabilities in libxml2", "links": [ "https://support.apple.com/en-us/HT206899", "https://support.apple.com/en-us/HT206901", "https://support.apple.com/en-us/HT206902", "https://support.apple.com/en-us/HT206903", "https://support.apple.com/en-us/HT206904", "https://support.apple.com/en-us/HT206905" ], "module": "libxml2", "rsr": "", "update": "June 4, 2017" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-4448", "impact": "Multiple vulnerabilities in libxml2", "links": [ "https://support.apple.com/en-us/HT206899", "https://support.apple.com/en-us/HT206901", "https://support.apple.com/en-us/HT206902", "https://support.apple.com/en-us/HT206903", "https://support.apple.com/en-us/HT206904", "https://support.apple.com/en-us/HT206905" ], "module": "libxml2", "rsr": "", "update": "June 4, 2017" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Kostya Serebryany", "description": "An access issue existed in the parsing of maliciously crafted XML files. This issue was addressed through improved input validation.", "id": "CVE-2016-4449", "impact": "Parsing a maliciously crafted XML document may lead to disclosure of user information", "links": [ "https://support.apple.com/en-us/HT206899", "https://support.apple.com/en-us/HT206901", "https://support.apple.com/en-us/HT206902", "https://support.apple.com/en-us/HT206903", "https://support.apple.com/en-us/HT206904", "https://support.apple.com/en-us/HT206905" ], "module": "libxml2", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Gustavo Grieco", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-4483", "impact": "Multiple vulnerabilities in libxml2", "links": [ "https://support.apple.com/en-us/HT206899", "https://support.apple.com/en-us/HT206901", "https://support.apple.com/en-us/HT206902", "https://support.apple.com/en-us/HT206903", "https://support.apple.com/en-us/HT206904", "https://support.apple.com/en-us/HT206905" ], "module": "libxml2", "rsr": "", "update": "June 4, 2017" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Shrek_wzw and Proteas of Qihoo 360 Nirvan Team", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-4582", "impact": "A local user may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206902", "https://support.apple.com/en-us/HT206903", "https://support.apple.com/en-us/HT206904", "https://support.apple.com/en-us/HT206905" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.6", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Roeland Krak", "description": "A timing issue existed in the processing of SVG. This issue was addressed through improved validation.", "id": "CVE-2016-4583", "impact": "Visiting a malicious website may disclose image data from another website", "links": [ "https://support.apple.com/en-us/HT206900", "https://support.apple.com/en-us/HT206902", "https://support.apple.com/en-us/HT206905" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.6", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Chris Vienneau", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-4584", "impact": "Visiting a maliciously crafted website may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206900", "https://support.apple.com/en-us/HT206902", "https://support.apple.com/en-us/HT206905" ], "module": "WebKit Page Loading", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.6", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Takeshi Terada of Mitsui Bussan Secure Directions, Inc. (www.mbsd.jp)", "description": "A cross-site scripting issue existed in Safari URL redirection. This issue was addressed through improved URL validation on redirection.", "id": "CVE-2016-4585", "impact": "A malicious website may exfiltrate data cross-origin", "links": [ "https://support.apple.com/en-us/HT206900", "https://support.apple.com/en-us/HT206902", "https://support.apple.com/en-us/HT206905" ], "module": "WebKit Page Loading", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.6" ], "credit": "Apple", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-4586", "impact": "Visiting a maliciously crafted website may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206900", "https://support.apple.com/en-us/HT206905" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "A memory initialization issue was addressed through improved memory handling.", "id": "CVE-2016-4587", "impact": "Processing maliciously crafted web content may result in the disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT206902", "https://support.apple.com/en-us/HT206905" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)" ], "credit": "Apple", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-4588", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206905" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.6", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Tongbo Luo and Bo Qu of Palo Alto Networks", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-4589", "impact": "Visiting a maliciously crafted website may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206900", "https://support.apple.com/en-us/HT206902", "https://support.apple.com/en-us/HT206905" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.6", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "xisigr of Tencent's Xuanwu Lab (www.tencent.com)", "description": "An origin inheritance issue existed in parsing of about: URLs. This was addressed through improved validation of security origins.", "id": "CVE-2016-4590", "impact": "Visiting a malicious website may lead to user interface spoofing", "links": [ "https://support.apple.com/en-us/HT206900", "https://support.apple.com/en-us/HT206902" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.6", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "ma.la of LINE Corporation", "description": "A permissions issue existed in the handling of the location variable. This was addressed though additional ownership checks.", "id": "CVE-2016-4591", "impact": "Visiting a maliciously crafted website may leak sensitive data", "links": [ "https://support.apple.com/en-us/HT206900", "https://support.apple.com/en-us/HT206902", "https://support.apple.com/en-us/HT206905" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.6", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Mikhail", "description": "A memory consumption issue was addressed through improved memory handling.", "id": "CVE-2016-4592", "impact": "Visiting a maliciously crafted webpage may lead to a system denial of service", "links": [ "https://support.apple.com/en-us/HT206900", "https://support.apple.com/en-us/HT206902", "https://support.apple.com/en-us/HT206905" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Pedro Pinheiro (facebook.com/pedro.pinheiro.1996)", "description": "A privacy issue existed in the handling of Contact cards. This was addressed through improved state management.", "id": "CVE-2016-4593", "impact": "A person with physical access to a device may be able to see private contact information", "links": [ "https://support.apple.com/en-us/HT206902" ], "module": "Siri Contacts", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Stefan Esser of SektionEins", "description": "An access issue existed with privileged API calls. This issue was addressed through additional restrictions.", "id": "CVE-2016-4594", "impact": "A local application may be able to access the process list", "links": [ "https://support.apple.com/en-us/HT206902", "https://support.apple.com/en-us/HT206903", "https://support.apple.com/en-us/HT206904", "https://support.apple.com/en-us/HT206905" ], "module": "Sandbox Profiles", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "Jonathan Lewis from DeARX Services (PTY) LTD", "description": "An issue existed in Safari's password auto-fill. This issue was addressed through improved matching of form fields.", "id": "CVE-2016-4595", "impact": "A user's password may be visible on screen", "links": [ "https://support.apple.com/en-us/HT206903" ], "module": "Safari Login AutoFill", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "Ke Liu of Tencent's Xuanwu Lab", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-4596", "impact": "Processing a maliciously crafted FlashPix Bitmap Image may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206903" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "Ke Liu of Tencent's Xuanwu Lab", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-4597", "impact": "Processing a maliciously crafted FlashPix Bitmap Image may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206903" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "Ke Liu of Tencent's Xuanwu Lab", "description": "A memory corruption issue was addressed through improved input validation.", "id": "CVE-2016-4598", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206903" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "Ke Liu of Tencent's Xuanwu Lab", "description": "A memory corruption issue was addressed through improved input validation.", "id": "CVE-2016-4599", "impact": "Processing a maliciously crafted Photoshop document may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206903" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "Ke Liu of Tencent's Xuanwu Lab", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-4600", "impact": "Processing a maliciously crafted FlashPix Bitmap Image may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206903" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "Ke Liu of Tencent's Xuanwu Lab", "description": "A memory corruption issue was addressed through improved input validation.", "id": "CVE-2016-4601", "impact": "Processing a maliciously crafted SGI file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206903" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "Ke Liu of Tencent's Xuanwu Lab", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-4602", "impact": "Processing a maliciously crafted FlashPix Bitmap Image may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206903" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Brian Porter (@portex33)", "description": "A privacy issue existed in the handling of user data by Safari View Controller. This issue was addressed through improved state management.", "id": "CVE-2016-4603", "impact": "Viewing a video in Safari's Private Browsing mode displays the URL of the video outside of Private Browsing mode", "links": [ "https://support.apple.com/en-us/HT206902" ], "module": "Web Media", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "xisigr of Tencent's Xuanwu Lab (www.tencent.com)", "description": "Redirect responses to invalid ports may have allowed a malicious website to display an arbitrary domain while displaying arbitrary content. This issue was addressed through improved URL display logic.", "id": "CVE-2016-4604", "impact": "Visiting a malicious website may lead to user interface spoofing", "links": [ "https://support.apple.com/en-us/HT206902" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Henry Feldman MD at Beth Israel Deaconess Medical Center", "description": "A null pointer dereference was addressed through improved memory handling.", "id": "CVE-2016-4605", "impact": "A maliciously crafted calendar invite may cause a device to unexpectedly restart", "links": [ "https://support.apple.com/en-us/HT206902" ], "module": "Calendar", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Nick Wellnhofer", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-4607", "impact": "Multiple vulnerabilities in libxslt", "links": [ "https://support.apple.com/en-us/HT206899", "https://support.apple.com/en-us/HT206901", "https://support.apple.com/en-us/HT206902", "https://support.apple.com/en-us/HT206903", "https://support.apple.com/en-us/HT206904", "https://support.apple.com/en-us/HT206905" ], "module": "libxslt", "rsr": "", "update": "April 11, 2017" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Nicolas Gr\u00e9goire", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-4608", "impact": "Multiple vulnerabilities in libxslt", "links": [ "https://support.apple.com/en-us/HT206899", "https://support.apple.com/en-us/HT206901", "https://support.apple.com/en-us/HT206902", "https://support.apple.com/en-us/HT206903", "https://support.apple.com/en-us/HT206904", "https://support.apple.com/en-us/HT206905" ], "module": "libxslt", "rsr": "", "update": "April 11, 2017" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Nick Wellnhofer", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-4609", "impact": "Multiple vulnerabilities in libxslt", "links": [ "https://support.apple.com/en-us/HT206899", "https://support.apple.com/en-us/HT206901", "https://support.apple.com/en-us/HT206902", "https://support.apple.com/en-us/HT206903", "https://support.apple.com/en-us/HT206904", "https://support.apple.com/en-us/HT206905" ], "module": "libxslt", "rsr": "", "update": "April 11, 2017" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Nick Wellnhofer", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-4610", "impact": "Multiple vulnerabilities in libxslt", "links": [ "https://support.apple.com/en-us/HT206899", "https://support.apple.com/en-us/HT206901", "https://support.apple.com/en-us/HT206902", "https://support.apple.com/en-us/HT206903", "https://support.apple.com/en-us/HT206904", "https://support.apple.com/en-us/HT206905" ], "module": "libxslt", "rsr": "", "update": "April 11, 2017" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Apple", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-4611", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207142", "https://support.apple.com/en-us/HT207143", "https://support.apple.com/en-us/HT207157" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12", "Windows 7 and later" ], "credit": "Chris Palmer", "description": "An input validation issue was addressed through improved state management.", "id": "CVE-2016-4613", "impact": "Processing maliciously crafted web content may result in the disclosure of user information", "links": [ "https://support.apple.com/en-us/HT207270", "https://support.apple.com/en-us/HT207272", "https://support.apple.com/en-us/HT207273", "https://support.apple.com/en-us/HT207274" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Nick Wellnhofer", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-4614", "impact": "Multiple vulnerabilities in libxml2", "links": [ "https://support.apple.com/en-us/HT206899", "https://support.apple.com/en-us/HT206901", "https://support.apple.com/en-us/HT206902", "https://support.apple.com/en-us/HT206903", "https://support.apple.com/en-us/HT206904", "https://support.apple.com/en-us/HT206905" ], "module": "libxml2", "rsr": "", "update": "June 4, 2017" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Nick Wellnhofer", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-4615", "impact": "Multiple vulnerabilities in libxml2", "links": [ "https://support.apple.com/en-us/HT206899", "https://support.apple.com/en-us/HT206901", "https://support.apple.com/en-us/HT206902", "https://support.apple.com/en-us/HT206903", "https://support.apple.com/en-us/HT206904", "https://support.apple.com/en-us/HT206905" ], "module": "libxml2", "rsr": "", "update": "June 4, 2017" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later", "Windows 7 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Michael Paddon", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-4616", "impact": "Multiple vulnerabilities in libxml2", "links": [ "https://support.apple.com/en-us/HT206899", "https://support.apple.com/en-us/HT206901", "https://support.apple.com/en-us/HT206902", "https://support.apple.com/en-us/HT206903", "https://support.apple.com/en-us/HT206904", "https://support.apple.com/en-us/HT206905" ], "module": "libxml2", "rsr": "", "update": "June 4, 2017" }, { "available": [ "OS X Lion v10.7.5 and later" ], "credit": "Gregor Kopf of Recurity Labs on behalf of BSI (German Federal Office for Information Security)", "description": "Multiple weaknesses existed with spawning new processes using launchctl. These issues were addressed through improved policy enforcement.", "id": "CVE-2016-4617", "impact": "An application may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/HT207170" ], "module": "libxpc", "rsr": "", "update": "October 24, 2016" }, { "available": [ "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Erling Ellingsen", "description": "Multiple validation issues were addressed through improved input sanitization.", "id": "CVE-2016-4618", "impact": "Enabling the Safari Reader feature on a maliciously crafted webpage may lead to universal cross site scripting", "links": [ "https://support.apple.com/en-us/HT207143", "https://support.apple.com/en-us/HT207157" ], "module": "Safari Reader", "rsr": "", "update": "September 23, 2016" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Razvan Deaconescu, Mihai Chiroiu (University POLITEHNICA of Bucharest); Luke Deshotels, William Enck (North Carolina State University); Lucas Vincenzo Davi, Ahmad-Reza Sadeghi (TU Darmstadt)", "description": "An access control issue existed in SMS draft directories. This issue was addressed by preventing apps from stat'ing the affected directories.", "id": "CVE-2016-4620", "impact": "A malicious application may be able to determine whom a user is texting", "links": [ "https://support.apple.com/en-us/HT207143" ], "module": "Sandbox Profiles", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "an anonymous researcher", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-4621", "impact": "An application may be able to execute arbitrary code with root privileges", "links": [ "https://support.apple.com/en-us/HT206903" ], "module": "libc++abi", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.6", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Samuel Gross working with Trend Micro's Zero Day", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-4622", "impact": "Visiting a maliciously crafted website may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206900", "https://support.apple.com/en-us/HT206902", "https://support.apple.com/en-us/HT206905" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.6", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-4623", "impact": "Visiting a maliciously crafted website may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206900", "https://support.apple.com/en-us/HT206902", "https://support.apple.com/en-us/HT206905" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.6", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-4624", "impact": "Visiting a maliciously crafted website may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206900", "https://support.apple.com/en-us/HT206902", "https://support.apple.com/en-us/HT206905" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "Ian Beer of Google Project Zero", "description": "A use-after-free was addressed through improved memory management.", "id": "CVE-2016-4625", "impact": "A local user may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206903" ], "module": "IOSurface", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Stefan Esser of SektionEins", "description": "A null pointer dereference was addressed through improved input validation.", "id": "CVE-2016-4626", "impact": "A local user may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206902", "https://support.apple.com/en-us/HT206903", "https://support.apple.com/en-us/HT206904", "https://support.apple.com/en-us/HT206905" ], "module": "IOHIDFamily", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Ju Zhu of Trend Micro", "description": "A null pointer dereference was addressed through improved validation.", "id": "CVE-2016-4627", "impact": "A local user may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206902", "https://support.apple.com/en-us/HT206904", "https://support.apple.com/en-us/HT206905" ], "module": "IOAcceleratorFamily", "rsr": "", "update": "" }, { "available": [ "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Ju Zhu of Trend Micro", "description": "An out-of-bounds read was addressed through improved bounds checking.", "id": "CVE-2016-4628", "impact": "A local user may be able to read kernel memory", "links": [ "https://support.apple.com/en-us/HT206902", "https://support.apple.com/en-us/HT206904" ], "module": "IOAcceleratorFamily", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later" ], "credit": "Tyler Bohan of Cisco Talos (talosintel.com/vulnerability-reports)", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-4629", "impact": "A remote attacker may be able to execute arbitrary code", "links": [ "https://support.apple.com/en-us/HT206903" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later" ], "credit": "Tyler Bohan of Cisco Talos (talosintel.com/vulnerability-reports)", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-4630", "impact": "A remote attacker may be able to execute arbitrary code", "links": [ "https://support.apple.com/en-us/HT206903" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Tyler Bohan of Cisco Talos (talosintel.com/vulnerability-reports)", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-4631", "impact": "A remote attacker may be able to execute arbitrary code", "links": [ "https://support.apple.com/en-us/HT206902", "https://support.apple.com/en-us/HT206903", "https://support.apple.com/en-us/HT206904", "https://support.apple.com/en-us/HT206905" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Evgeny Sidorov of Yandex", "description": "A memory consumption issue was addressed through improved memory handling.", "id": "CVE-2016-4632", "impact": "A remote attacker may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT206902", "https://support.apple.com/en-us/HT206903", "https://support.apple.com/en-us/HT206904", "https://support.apple.com/en-us/HT206905" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "Marco Grassi (@marcograss) of KeenLab (@keen_lab), Tencent", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-4633", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206903" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "Stefan Esser of SektionEins", "description": "A memory corruption issue was addressed through improved input validation.", "id": "CVE-2016-4634", "impact": "A local user may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206903" ], "module": "Graphics Drivers", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Martin Vigo", "description": "User interface inconsistencies existed in the handling of relayed calls. These issues were addressed through improved FaceTime display logic.", "id": "CVE-2016-4635", "impact": "An attacker in a privileged network position may be able to cause a relayed call to continue transmitting audio while appearing as if the call terminated", "links": [ "https://support.apple.com/en-us/HT206902", "https://support.apple.com/en-us/HT206903" ], "module": "FaceTime", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Tyler Bohan of Cisco Talos (talosintel.com/vulnerability-reports)", "description": "A memory corruption issue was addressed through improved memory handling.", "id": "CVE-2016-4637", "impact": "A remote attacker may be able to execute arbitrary code", "links": [ "https://support.apple.com/en-us/HT206902", "https://support.apple.com/en-us/HT206903", "https://support.apple.com/en-us/HT206904", "https://support.apple.com/en-us/HT206905" ], "module": "CoreGraphics", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "Yubin Fu of Tencent KeenLab working with TrendMicro's Zero Day Initiative", "description": "A type confusion issue was addressed through improved memory handling.", "id": "CVE-2016-4638", "impact": "A malicious application may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/HT206903" ], "module": "Login Window", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative", "description": "A memory initialization issue was addressed through improved memory handling.", "id": "CVE-2016-4639", "impact": "A local user may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT206903" ], "module": "Login Window", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "an anonymous researcher working with Trend Micro\u2019s Zero Day Initiative", "description": "A memory corruption issue was addressed through improved input validation.", "id": "CVE-2016-4640", "impact": "A malicious application may be able to execute arbitrary code leading to compromise of user information", "links": [ "https://support.apple.com/en-us/HT206903" ], "module": "Login Window", "rsr": "", "update": "November 16, 2016" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative", "description": "A type confusion issue was addressed through improved memory handling.", "id": "CVE-2016-4641", "impact": "A malicious application may be able to execute arbitrary code leading to the compromise of user information", "links": [ "https://support.apple.com/en-us/HT206903" ], "module": "Login Window", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X El Capitan v10.11 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Jerry Decime coordinated via CERT", "description": "Proxy authentication incorrectly reported HTTP proxies received credentials securely. This issue was addressed through improved warnings.", "id": "CVE-2016-4642", "impact": "An application may unknowingly send a password unencrypted over the network", "links": [ "https://support.apple.com/en-us/HT206902", "https://support.apple.com/en-us/HT206903", "https://support.apple.com/en-us/HT206905" ], "module": "CFNetwork Proxies", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X El Capitan v10.11 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Xiaofeng Zheng of Blue Lotus Team, Tsinghua University; Jerry Decime coordinated via CERT", "description": "A validation issue existed in the parsing of 407 responses. This issue was addressed through improved response validation.", "id": "CVE-2016-4643", "impact": "An attacker in a privileged network position may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT206902", "https://support.apple.com/en-us/HT206903", "https://support.apple.com/en-us/HT206905" ], "module": "CFNetwork Proxies", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X El Capitan v10.11 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Jerry Decime coordinated via CERT", "description": "A downgrade issue existed with HTTP authentication credentials saved in Keychain. This issue was addressed by storing the authentication types with the credentials.", "id": "CVE-2016-4644", "impact": "An attacker in a privileged network position may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT206902", "https://support.apple.com/en-us/HT206903", "https://support.apple.com/en-us/HT206905" ], "module": "CFNetwork Credentials", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "Abhinav Bansal of Zscaler Inc.", "description": "A permissions issue existed in the handling of web browser cookies. This issue was addressed through improved restrictions.", "id": "CVE-2016-4645", "impact": "A local user may be able to view sensitive user information", "links": [ "https://support.apple.com/en-us/HT206903" ], "module": "CFNetwork", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "Steven Seeley of Source Incite working with Trend Micro's Zero Day Initiative", "description": "An out-of-bounds read was addressed through improved bounds checking.", "id": "CVE-2016-4646", "impact": "Parsing a maliciously crafted audio file may lead to the disclosure of user information", "links": [ "https://support.apple.com/en-us/HT206903" ], "module": "Audio", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "Juwei Lin(@fuzzerDOTcn) of Trend Micro", "description": "A memory corruption issue was addressed through improved memory handling.", "id": "CVE-2016-4647", "impact": "A local user may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206903" ], "module": "Audio", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "Juwei Lin(@fuzzerDOTcn) of Trend Micro; Jack Tang and Moony Li of Trend Micro working with Trend Micro's Zero Day Initiative", "description": "An out-of-bounds read was addressed through improved input validation.", "id": "CVE-2016-4648", "impact": "A local user may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT206903" ], "module": "Audio", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "Juwei Lin(@fuzzerDOTcn) of Trend Micro", "description": "A null pointer dereference was addressed through improved input validation.", "id": "CVE-2016-4649", "impact": "A local user may be able to cause a system denial of service", "links": [ "https://support.apple.com/en-us/HT206903" ], "module": "Audio", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Peter Pi of Trend Micro working with HP's Zero Day Initiative", "description": "A memory corruption issue was addressed through improved memory handling.", "id": "CVE-2016-4650", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206564", "https://support.apple.com/en-us/HT206567", "https://support.apple.com/en-us/HT206568", "https://support.apple.com/en-us/HT206904" ], "module": "IOHIDFamily", "rsr": "", "update": "July 29, 2016" }, { "available": [ "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.6", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Obscure", "description": "A cross-protocol cross-site scripting (XPXSS) issue existed in Safari when submitting forms to non-HTTP services compatible with HTTP/0.9. This issue was addressed by disabling scripts and plugins on resources loaded over HTTP/0.9.", "id": "CVE-2016-4651", "impact": "Visiting a maliciously crafted website may lead to script execution in the context of a non-HTTP service", "links": [ "https://support.apple.com/en-us/HT206900", "https://support.apple.com/en-us/HT206902" ], "module": "WebKit JavaScript Bindings", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later" ], "credit": "Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative", "description": "An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed through improved input validation.", "id": "CVE-2016-4652", "impact": "A local user may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/HT206903" ], "module": "CoreGraphics", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Ju Zhu of Trend Micro", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-4653", "impact": "A local user may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206902", "https://support.apple.com/en-us/HT206903", "https://support.apple.com/en-us/HT206904", "https://support.apple.com/en-us/HT206905" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPad 2 and later, iPod touch (5th generation) and later" ], "credit": "Team Pangu", "description": "A memory corruption issue was addressed through improved memory handling.", "id": "CVE-2016-4654", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207026" ], "module": "IOMobileFrameBuffer", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.5 and OS X El Capitan v10.11.6", "iPhone 4s and later, iPad 2 and later, iPod touch (5th generation) and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Citizen Lab and Lookout", "description": "A validation issue was addressed through improved input sanitization.", "id": "CVE-2016-4655", "impact": "An application may be able to disclose kernel memory", "links": [ "https://support.apple.com/en-us/HT207107", "https://support.apple.com/en-us/HT207130", "https://support.apple.com/en-us/HT207145" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.5 and OS X El Capitan v10.11.6", "iPhone 4s and later, iPad 2 and later, iPod touch (5th generation) and later" ], "credit": "Citizen Lab and Lookout", "description": "A memory corruption issue was addressed through improved memory handling.", "id": "CVE-2016-4656", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207107", "https://support.apple.com/en-us/HT207130" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5 and OS X Yosemite v10.10.5", "iPhone 4s and later, iPad 2 and later, iPod touch (5th generation) and later" ], "credit": "Citizen Lab and Lookout", "description": "A memory corruption issue was addressed through improved memory handling.", "id": "CVE-2016-4657", "impact": "Visiting a maliciously crafted website may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207107", "https://support.apple.com/en-us/HT207131" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Lion v10.7.5 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Nick Wellnhofer", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-4658", "impact": "Multiple issues in libxml2, the most significant of which may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207141", "https://support.apple.com/en-us/HT207142", "https://support.apple.com/en-us/HT207143", "https://support.apple.com/en-us/HT207170" ], "module": "libxml2", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12" ], "credit": "Ke Liu of Tencent's Xuanwu Lab", "description": "An out-of-bounds read was addressed through improved bounds checking.", "id": "CVE-2016-4660", "impact": "Parsing a maliciously crafted font may disclose sensitive user information", "links": [ "https://support.apple.com/en-us/HT207269", "https://support.apple.com/en-us/HT207270", "https://support.apple.com/en-us/HT207271", "https://support.apple.com/en-us/HT207275" ], "module": "FontParser", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12" ], "credit": "Recurity Labs on behalf of BSI (German Federal Office for Information Security)", "description": "An issue existed in the parsing of disk images. This issue was addressed through improved validation.", "id": "CVE-2016-4661", "impact": "An application may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT207275" ], "module": "ntfs", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.5 and OS X El Capitan v10.11.6" ], "credit": "Apple", "description": "A memory corruption issue was addressed through improved lock state checking.", "id": "CVE-2016-4662", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207275" ], "module": "AppleGraphicsControl", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.5 and OS X El Capitan v10.11.6" ], "credit": "Apple", "description": "A memory corruption issue was addressed through improved input validation.", "id": "CVE-2016-4663", "impact": "An application may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT207275" ], "module": "NVIDIA Graphics Drivers", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Razvan Deaconescu, Mihai Chiroiu (University POLITEHNICA of Bucharest); Luke Deshotels, William Enck (North Carolina State University); Lucas Vincenzo Davi, Ahmad-Reza Sadeghi (TU Darmstadt)", "description": "An access issue was addressed through additional sandbox restrictions on third party applications.", "id": "CVE-2016-4664", "impact": "An application may be able to retrieve metadata of photo directories", "links": [ "https://support.apple.com/en-us/HT207269", "https://support.apple.com/en-us/HT207270", "https://support.apple.com/en-us/HT207271" ], "module": "Sandbox Profiles", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Razvan Deaconescu, Mihai Chiroiu (University POLITEHNICA of Bucharest); Luke Deshotels, William Enck (North Carolina State University); Lucas Vincenzo Davi, Ahmad-Reza Sadeghi (TU Darmstadt)", "description": "An access issue was addressed through additional sandbox restrictions on third party applications.", "id": "CVE-2016-4665", "impact": "An application may be able to retrieve metadata of audio recording directories", "links": [ "https://support.apple.com/en-us/HT207269", "https://support.apple.com/en-us/HT207270", "https://support.apple.com/en-us/HT207271" ], "module": "Sandbox Profiles", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Apple", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-4666", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207270", "https://support.apple.com/en-us/HT207271", "https://support.apple.com/en-us/HT207272" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12" ], "credit": "Simon Huang of alipay, Thelongestusernameofall@gmail.com, Moony Li of TrendMicro, @Flyic", "description": "A memory corruption issue was addressed through improved memory handling.", "id": "CVE-2016-4667", "impact": "Processing a maliciously crafted font file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207275" ], "module": "ATS", "rsr": "", "update": "October 27, 2016" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Ian Beer of Google Project Zero", "description": "Multiple input validation issues existed in MIG generated code. These issues were addressed through improved validation.", "id": "CVE-2016-4669", "impact": "A local user may be able to cause an unexpected system termination or arbitrary code execution in the kernel", "links": [ "https://support.apple.com/en-us/HT207269", "https://support.apple.com/en-us/HT207270", "https://support.apple.com/en-us/HT207271", "https://support.apple.com/en-us/HT207275" ], "module": "Kernel", "rsr": "", "update": "November 2, 2016" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12" ], "credit": "Daniel Jalkut of Red Sweater Software", "description": "A logging issue existed in the handling of passwords. This issue was addressed by removing password length logging.", "id": "CVE-2016-4670", "impact": "A local attacker can observe the length of a login password when a user logs in", "links": [ "https://support.apple.com/en-us/HT207271", "https://support.apple.com/en-us/HT207275" ], "module": "Security", "rsr": "", "update": "October 25, 2016" }, { "available": [ "OS X El Capitan v10.11.6" ], "credit": "Ke Liu of Tencent's Xuanwu Lab, Juwei Lin (@fuzzerDOTcn)", "description": "An out-of-bounds write was addressed through improved bounds checking.", "id": "CVE-2016-4671", "impact": "Parsing a maliciously crafted PDF may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207275" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12" ], "credit": "Marco Grassi (@marcograss) of KeenLab (@keen_lab), Tencent", "description": "A memory corruption issue was addressed through improved memory handling.", "id": "CVE-2016-4673", "impact": "Viewing a maliciously crafted JPEG file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207269", "https://support.apple.com/en-us/HT207270", "https://support.apple.com/en-us/HT207271", "https://support.apple.com/en-us/HT207275" ], "module": "CoreGraphics", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12" ], "credit": "Shrek_wzw of Qihoo 360 Nirvan Team", "description": "A memory corruption issue was addressed through improved memory handling.", "id": "CVE-2016-4674", "impact": "A local user may be able to execute arbitrary code with additional privileges", "links": [ "https://support.apple.com/en-us/HT207275" ], "module": "ATS", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12" ], "credit": "Ian Beer of Google Project Zero", "description": "A logic issue was addressed through additional restrictions.", "id": "CVE-2016-4675", "impact": "An application may be able to execute arbitrary code with root privileges", "links": [ "https://support.apple.com/en-us/HT207269", "https://support.apple.com/en-us/HT207270", "https://support.apple.com/en-us/HT207271", "https://support.apple.com/en-us/HT207275" ], "module": "libxpc", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "An anonymous researcher working with Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-4677", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207270", "https://support.apple.com/en-us/HT207271", "https://support.apple.com/en-us/HT207272" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12" ], "credit": "daybreaker@Minionz working with Trend Micro's Zero Day Initiative", "description": "A null pointer dereference was addressed through improved locking.", "id": "CVE-2016-4678", "impact": "A local user may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/HT207275" ], "module": "AppleSMC", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12" ], "credit": "Omer Medan of enSilo Ltd", "description": "An issue existed within the path validation logic for symlinks. This issue was addressed through improved path sanitization.", "id": "CVE-2016-4679", "impact": "A malicious archive may be able to overwrite arbitrary files", "links": [ "https://support.apple.com/en-us/HT207269", "https://support.apple.com/en-us/HT207270", "https://support.apple.com/en-us/HT207271", "https://support.apple.com/en-us/HT207275" ], "module": "libarchive", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Max Bazaliy of Lookout and in7egral", "description": "A validation issue was addressed through improved input sanitization.", "id": "CVE-2016-4680", "impact": "An application may be able to disclose kernel memory", "links": [ "https://support.apple.com/en-us/HT207269", "https://support.apple.com/en-us/HT207270", "https://support.apple.com/en-us/HT207271" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11.6" ], "credit": "Ke Liu of Tencent's Xuanwu Lab", "description": "A memory corruption issue was addressed through improved input validation.", "id": "CVE-2016-4681", "impact": "Viewing a maliciously crafted JPEG file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207275" ], "module": "Core Image", "rsr": "", "update": "October 25, 2016" }, { "available": [ "OS X Lion v10.7.5 and later", "OS X Yosemite v10.10.5 and OS X El Capitan v10.11.6" ], "credit": "Ke Liu of Tencent's Xuanwu Lab", "description": "An out-of-bounds read issue existed in the SGI image parsing. This issue was addressed through improved bounds checking.", "id": "CVE-2016-4682", "impact": "Processing a maliciously crafted image may result in the disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT207170", "https://support.apple.com/en-us/HT207275" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11.6" ], "credit": "Ke Liu of Tencent\u2019s Xuanwu Lab", "description": "Multiple out-of-bounds read and write issues exited in SGI parsing. These issues was addressed through improved input validation.", "id": "CVE-2016-4683", "impact": "A remote attacker may be able to execute arbitrary code", "links": [ "https://support.apple.com/en-us/HT207275" ], "module": "ImageIO", "rsr": "", "update": "October 25, 2016" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Elcomsoft", "description": "A password hashing weakness existed in the handling of encrypted iTunes backups. This issue was addressed by removing the weak hash.", "id": "CVE-2016-4685", "impact": "An attacker with access to an encrypted iTunes backup may be able to determine the backup password", "links": [ "https://support.apple.com/en-us/HT207271" ], "module": "iTunes Backup", "rsr": "", "update": "November 14, 2016" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Razvan Deaconescu, Mihai Chiroiu (University POLITEHNICA of Bucharest); Luke Deshotels, William Enck (North Carolina State University); Lucas Vincenzo Davi, Ahmad-Reza Sadeghi (TU Darmstadt)", "description": "An access control issue in the Address Book was addressed through improved file-link validation.", "id": "CVE-2016-4686", "impact": "An application may be able to maintain access to the Address Book after access is revoked in Settings", "links": [ "https://support.apple.com/en-us/HT207271" ], "module": "Contacts", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12" ], "credit": "Simon Huang of Alipay company, thelongestusernameofall@gmail.com", "description": "A buffer overflow existed in the handling of font files. This issue was addressed through improved bounds checking.", "id": "CVE-2016-4688", "impact": "Processing a maliciously crafted font file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207269", "https://support.apple.com/en-us/HT207270", "https://support.apple.com/en-us/HT207271", "https://support.apple.com/en-us/HT207275" ], "module": "FontParser", "rsr": "", "update": "November 27, 2016" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "an anonymous researcher", "description": "S/MIME policy failed to check if a certificate was valid. This issue was addressed by notifying a user if an email was signed with a revoked certificate.", "id": "CVE-2016-4689", "impact": "An email signed with a revoked certificate may appear valid", "links": [ "https://support.apple.com/en-us/HT207422" ], "module": "Mail", "rsr": "", "update": "" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Andy Davis of NCC Group", "description": "A validation issue existed in the handling of USB image devices. This issue was addressed through improved input validation.", "id": "CVE-2016-4690", "impact": "A malicious HID device may be able to cause arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207422" ], "module": "Image Capture", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.1" ], "credit": "riusksk(\u6cc9\u54e5) of Tencent Security Platform Department", "description": "Multiple memory corruption issues existed in the handling of font files. These issues were addressed through improved bounds checking.", "id": "CVE-2016-4691", "impact": "Processing a maliciously crafted font file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207422", "https://support.apple.com/en-us/HT207423", "https://support.apple.com/en-us/HT207425" ], "module": "FontParser", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.2", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Apple", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-4692", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207421", "https://support.apple.com/en-us/HT207422", "https://support.apple.com/en-us/HT207424", "https://support.apple.com/en-us/HT207425", "https://support.apple.com/en-us/HT207427" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.1" ], "credit": "Ga\u00ebtan Leurent and Karthikeyan Bhargavan from INRIA Paris", "description": "3DES was removed as a default cipher.", "id": "CVE-2016-4693", "impact": "An attacker may be able to exploit weaknesses in the 3DES cryptographic algorithm", "links": [ "https://support.apple.com/en-us/HT207422", "https://support.apple.com/en-us/HT207423", "https://support.apple.com/en-us/HT207425" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5 and later", "macOS Sierra 10.12" ], "credit": "Dominic Scheirlinck and Scott Geary of Vend", "description": "An issue existed in the handling of the HTTP_PROXY environment variable. This issue was addressed by not setting the HTTP_PROXY environment variable from CGI.", "id": "CVE-2016-4694", "impact": "A remote attacker may be able to proxy traffic through an arbitrary server", "links": [ "https://support.apple.com/en-us/HT207170", "https://support.apple.com/en-us/HT207171" ], "module": "apache", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.2", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Mark S. Miller of Google", "description": "A validation issue existed in processing JavaScript. This issue was addressed through improved validation.", "id": "CVE-2016-4695", "impact": "A script executing in a JavaScript sandbox may be able to access state outside that sandbox", "links": [ "https://support.apple.com/en-us/HT207421", "https://support.apple.com/en-us/HT207422", "https://support.apple.com/en-us/HT207425" ], "module": "JavaScriptCore", "rsr": "", "update": "August 16, 2017" }, { "available": [ "OS X Lion v10.7.5 and later" ], "credit": "Shrek_wzw of Qihoo 360 Nirvan Team", "description": "A null pointer dereference was addressed through improved input validation.", "id": "CVE-2016-4696", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207170" ], "module": "AppleEFIRuntime", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5 and later" ], "credit": "Qidan He (@flanker_hqd) from KeenLab working with Trend Micro's Zero Day Initiative", "description": "A memory corruption issue was addressed through improved memory handling.", "id": "CVE-2016-4697", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207170" ], "module": "Apple HSSPI Support", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Pedro Vila\u00e7a", "description": "A validation issue existed in the task port inheritance policy. This issue was addressed through improved validation of the process entitlement and Team ID.", "id": "CVE-2016-4698", "impact": "A local application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT207143", "https://support.apple.com/en-us/HT207170" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5 and later" ], "credit": "Jack Tang (@jacktang310) and Moony Li of Trend Micro working with Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed through improved input validation.", "id": "CVE-2016-4699", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207170" ], "module": "AppleUUC", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5 and later" ], "credit": "Jack Tang (@jacktang310) and Moony Li of Trend Micro working with Trend Micro\u2019s Zero Day Initiative", "description": "Multiple memory corruption issues were addressed through improved input validation.", "id": "CVE-2016-4700", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207170" ], "module": "AppleUUC", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5 and later" ], "credit": "Meder Kydyraliev Google Security Team", "description": "A validation issue existed in the handling of firewall prompts. This issue was addressed through improved validation of SO_EXECPATH.", "id": "CVE-2016-4701", "impact": "A local user may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT207170" ], "module": "Application Firewall", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Lion v10.7.5 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "YoungJin Yoon, MinSik Shin, HoJae Han, Sunghyun Park, and Taekyoung Kwon of Information Security Lab, Yonsei University.", "description": "A memory corruption issue was addressed through improved memory handling.", "id": "CVE-2016-4702", "impact": "A remote attacker may be able to execute arbitrary code", "links": [ "https://support.apple.com/en-us/HT207141", "https://support.apple.com/en-us/HT207142", "https://support.apple.com/en-us/HT207143", "https://support.apple.com/en-us/HT207170" ], "module": "Audio", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5 and later" ], "credit": "Juwei Lin (@fuzzerDOTcn) of Trend Micro", "description": "A memory corruption issue was addressed through improved input validation.", "id": "CVE-2016-4703", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207170" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11.5 and later" ], "credit": "Shrek_wzw of Qihoo 360 Nirvan Team", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-4704", "impact": "A local attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207140" ], "module": "otool", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11.5 and later" ], "credit": "riusksk of Tencent Security Platform Department", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-4705", "impact": "A local attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207140" ], "module": "otool", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5 and later" ], "credit": "Recurity Labs on behalf of BSI (German Federal Office for Information Security)", "description": "An input validation issue was addressed through improved memory handling.", "id": "CVE-2016-4706", "impact": "A local user may be able to cause a system denial of service", "links": [ "https://support.apple.com/en-us/HT207170" ], "module": "cd9660", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "an anonymous researcher", "description": "An issue existed in Local Storage deletion. This issue was addressed through improved Local Storage cleanup.", "id": "CVE-2016-4707", "impact": "A local user may be able to discover websites a user has visited", "links": [ "https://support.apple.com/en-us/HT207143", "https://support.apple.com/en-us/HT207170" ], "module": "CFNetwork", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Lion v10.7.5 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Dawid Czagan of Silesia Security Lab", "description": "An input validation issue existed in the parsing of the set-cookie header. This issue was addressed through improved validation checking.", "id": "CVE-2016-4708", "impact": "Processing maliciously crafted web content may compromise user information", "links": [ "https://support.apple.com/en-us/HT207141", "https://support.apple.com/en-us/HT207142", "https://support.apple.com/en-us/HT207143", "https://support.apple.com/en-us/HT207170" ], "module": "CFNetwork", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5 and later" ], "credit": "an anonymous researcher working with Trend Micro's Zero Day Initiative", "description": "A type confusion issue was addressed through improved memory handling.", "id": "CVE-2016-4709", "impact": "A local user may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/HT207170" ], "module": "WindowServer", "rsr": "", "update": "November 15, 2016" }, { "available": [ "OS X Lion v10.7.5 and later" ], "credit": "an anonymous researcher working with Trend Micro's Zero Day Initiative", "description": "A type confusion issue was addressed through improved memory handling.", "id": "CVE-2016-4710", "impact": "A local user may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/HT207170" ], "module": "WindowServer", "rsr": "", "update": "November 15, 2016" }, { "available": [ "OS X Lion v10.7.5 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Max Lohrmann", "description": "An input validation issue existed in corecrypto. This issue was addressed through improved input validation.", "id": "CVE-2016-4711", "impact": "An application using CCrypt may disclose sensitive plaintext if the output and input buffer are the same", "links": [ "https://support.apple.com/en-us/HT207143", "https://support.apple.com/en-us/HT207170" ], "module": "CommonCrypto", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Lion v10.7.5 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Gergo Koteles", "description": "An out-of-bounds write issue was addressed by removing the vulnerable code.", "id": "CVE-2016-4712", "impact": "An application may be able to execute arbitrary code", "links": [ "https://support.apple.com/en-us/HT207141", "https://support.apple.com/en-us/HT207142", "https://support.apple.com/en-us/HT207143", "https://support.apple.com/en-us/HT207170" ], "module": "CoreCrypto", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5 and later" ], "credit": "Ruggero Alberti", "description": "A session management issue existed in the handling of screen sharing sessions. This issue was addressed through improved session tracking.", "id": "CVE-2016-4713", "impact": "A user with screen sharing access may be able to view another user's screen", "links": [ "https://support.apple.com/en-us/HT207170" ], "module": "CoreDisplay", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5 and later" ], "credit": "Taiki (@Taiki__San) at ESIEA (Paris)", "description": "An issue existed in the handling of the .GlobalPreferences file. This was addressed though improved validation.", "id": "CVE-2016-4715", "impact": "A malicious application may be able to determine a user's current location", "links": [ "https://support.apple.com/en-us/HT207170" ], "module": "Date & Time Pref Pane", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5 and later" ], "credit": "Alexander Allen of The North Carolina School of Science and Mathematics", "description": "An access issue existed in diskutil. This issue was addressed through improved permissions checking.", "id": "CVE-2016-4716", "impact": "A local user may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT207170" ], "module": "DiskArbitration", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5 and later" ], "credit": "Tom Bradley of 71Squared Ltd", "description": "A resource management issue existed in the handling of scoped bookmarks. This issue was addressed through improved file descriptor handling.", "id": "CVE-2016-4717", "impact": "A local application may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT207170" ], "module": "File Bookmark", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Lion v10.7.5 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Apple", "description": "A buffer overflow existed in the handling of font files. This issue was addressed through improved bounds checking.", "id": "CVE-2016-4718", "impact": "Processing a maliciously crafted font may result in the disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT207141", "https://support.apple.com/en-us/HT207142", "https://support.apple.com/en-us/HT207143", "https://support.apple.com/en-us/HT207170" ], "module": "FontParser", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Razvan Deaconescu, Mihai Chiroiu (University POLITEHNICA of Bucharest); Luke Deshotels, William Enck (North Carolina State University); Lucas Vincenzo Davi, Ahmad-Reza Sadeghi (TU Darmstadt)", "description": "A permissions issue existed in PlaceData. This issue was addressed through improved permission validation.", "id": "CVE-2016-4719", "impact": "An application may be able to read sensitive location information", "links": [ "https://support.apple.com/en-us/HT207141", "https://support.apple.com/en-us/HT207143" ], "module": "GeoServices", "rsr": "", "update": "" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12" ], "credit": "Martin Vigo (@martin_vigo) of salesforce.com", "description": "An impersonation issue existed in the handling of call switching. This issue was addressed through improved handling of \"switch caller\" notifications.", "id": "CVE-2016-4721", "impact": "An attacker in a privileged network position may be able to trick a user on a multi-party call into believing they are talking to the other party", "links": [ "https://support.apple.com/en-us/HT207271", "https://support.apple.com/en-us/HT207275" ], "module": "IDS - Connectivity", "rsr": "", "update": "October 27, 2016" }, { "available": [ "OS X Lion v10.7.5 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Martin Vigo (@martin_vigo) of salesforce.com", "description": "A spoofing issue existed in the handling of Call Relay. This issue was addressed through improved input validation.", "id": "CVE-2016-4722", "impact": "An attacker in a privileged network position may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT207143", "https://support.apple.com/en-us/HT207170" ], "module": "IDS - Connectivity", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5 and later" ], "credit": "daybreaker of Minionz", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-4723", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207170" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Cererdlong, Eakerqiu of Team OverSky", "description": "A null pointer dereference was addressed through improved input validation.", "id": "CVE-2016-4724", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207143", "https://support.apple.com/en-us/HT207170" ], "module": "IOAcceleratorFamily", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Lion v10.7.5 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Rodger Combs of Plex, Inc", "description": "A memory corruption issue was addressed through improved input validation.", "id": "CVE-2016-4725", "impact": "Processing maliciously crafted web content may result in the disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT207141", "https://support.apple.com/en-us/HT207142", "https://support.apple.com/en-us/HT207143", "https://support.apple.com/en-us/HT207170" ], "module": "IOAcceleratorFamily", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Lion v10.7.5 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "an anonymous researcher", "description": "A memory corruption issue was addressed through improved memory handling.", "id": "CVE-2016-4726", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207141", "https://support.apple.com/en-us/HT207142", "https://support.apple.com/en-us/HT207143", "https://support.apple.com/en-us/HT207170" ], "module": "IOAcceleratorFamily", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5 and later" ], "credit": "wmin working with Trend Micros Zero Day Initiative", "description": "A memory corruption issue was addressed through improved memory handling.", "id": "CVE-2016-4727", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207170" ], "module": "IOThunderboltFamily", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Daniel Divricean", "description": "A parsing issue existed in the handling of error prototypes. This was addressed through improved validation.", "id": "CVE-2016-4728", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207142", "https://support.apple.com/en-us/HT207143", "https://support.apple.com/en-us/HT207157", "https://support.apple.com/en-us/HT207158" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Apple", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-4729", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207143", "https://support.apple.com/en-us/HT207157" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Apple", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-4730", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207142", "https://support.apple.com/en-us/HT207143", "https://support.apple.com/en-us/HT207157" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Apple", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-4731", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207143", "https://support.apple.com/en-us/HT207157" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "natashenka of Google Project Zero", "description": "Multiple memory corruption issues were addressed through improved state management.", "id": "CVE-2016-4733", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207142", "https://support.apple.com/en-us/HT207143", "https://support.apple.com/en-us/HT207157" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "natashenka of Google Project Zero", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-4734", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207142", "https://support.apple.com/en-us/HT207143", "https://support.apple.com/en-us/HT207157" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Andr\u00e9 Bargull", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-4735", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207142", "https://support.apple.com/en-us/HT207143", "https://support.apple.com/en-us/HT207157" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5 and later" ], "credit": "Proteas of Qihoo 360 Nirvan Team", "description": "Multiple memory corruption issues existed in libarchive. These issues were addressed through improved input validation.", "id": "CVE-2016-4736", "impact": "Multiple issues in libarchive", "links": [ "https://support.apple.com/en-us/HT207170" ], "module": "libarchive", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Apple", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-4737", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207141", "https://support.apple.com/en-us/HT207142", "https://support.apple.com/en-us/HT207143", "https://support.apple.com/en-us/HT207157" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Lion v10.7.5 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Nick Wellnhofer", "description": "A memory corruption issue was addressed through improved memory handling.", "id": "CVE-2016-4738", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207141", "https://support.apple.com/en-us/HT207142", "https://support.apple.com/en-us/HT207143", "https://support.apple.com/en-us/HT207170" ], "module": "libxslt", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5 and later" ], "credit": "Magnus Skjegstad, David Scott and Anil Madhavapeddy from Docker, Inc.", "description": "Applications using VMnet.framework enabled a DNS proxy listening on all network interfaces. This issue was addressed by restricting DNS query responses to local interfaces.", "id": "CVE-2016-4739", "impact": "A remote attacker may be able to view sensitive information", "links": [ "https://support.apple.com/en-us/HT207170" ], "module": "mDNSResponder", "rsr": "", "update": "" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Step Wallace", "description": "An issue existed when using Handoff for Messages. This issue was resolved via better state management.", "id": "CVE-2016-4740", "impact": "Messages may be visible on a device that has not signed in to Messages", "links": [ "https://support.apple.com/en-us/HT207143" ], "module": "Messages", "rsr": "", "update": "" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Raul Siles of DinoSec", "description": "An issue existed in iOS updates, which did not properly secure user communications. This issue was addressed by using HTTPS for software updates.", "id": "CVE-2016-4741", "impact": "An attacker in a privileged network position may be able to block a device from receiving software updates", "links": [ "https://support.apple.com/en-us/HT207143" ], "module": "Assets", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5 and later" ], "credit": "Rick Fillion of AgileBits, Daniel Jalkut of Red Sweater Software", "description": "A state management issue existed in NSSecureTextField, which failed to enable Secure Input. This issue was addressed through improved window management.", "id": "CVE-2016-4742", "impact": "A malicious application may be able to leak a user's credentials", "links": [ "https://support.apple.com/en-us/HT207170" ], "module": "NSSecureTextField", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.2", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Alan Cutter", "description": "A memory corruption issue was addressed through improved input validation.", "id": "CVE-2016-4743", "impact": "Processing maliciously crafted web content may result in the disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT207421", "https://support.apple.com/en-us/HT207422", "https://support.apple.com/en-us/HT207424", "https://support.apple.com/en-us/HT207425", "https://support.apple.com/en-us/HT207427" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5 and later" ], "credit": "an anonymous researcher", "description": "A timing side channel allowed an attacker to determine the existence of user accounts on a system. This issue was addressed by introducing constant time checks.", "id": "CVE-2016-4745", "impact": "A remote attacker may determine the existence of user accounts", "links": [ "https://support.apple.com/en-us/HT207170" ], "module": "Kerberos v5 PAM module", "rsr": "", "update": "" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Antoine M of France", "description": "The iOS keyboard was inadvertently caching sensitive information. This issue was addressed through improved heuristics.", "id": "CVE-2016-4746", "impact": "Keyboard auto correct suggestions may reveal sensitive information", "links": [ "https://support.apple.com/en-us/HT207143" ], "module": "Keyboards", "rsr": "", "update": "" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Dave Aitel", "description": "An issue existed when handling untrusted certificates. This was addressed by terminating untrusted connections.", "id": "CVE-2016-4747", "impact": "An attacker with a privileged network position may be able to intercept mail credentials", "links": [ "https://support.apple.com/en-us/HT207143" ], "module": "Mail", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5 and later" ], "credit": "Stephane Chazelas", "description": "An issue existed in the parsing of environment variables. This issue was addressed through improved validation of environment variables.", "id": "CVE-2016-4748", "impact": "A local user may be able to bypass the taint protection mechanism", "links": [ "https://support.apple.com/en-us/HT207170" ], "module": "Perl", "rsr": "", "update": "" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Scott Alexander (@gooshy)", "description": "An issue existed in AirPrint preview. This was addressed through improved environment sanitization.", "id": "CVE-2016-4749", "impact": "An unencrypted document may be written to a temporary file when using AirPrint preview", "links": [ "https://support.apple.com/en-us/HT207143" ], "module": "Printing UIKit", "rsr": "", "update": "September 12, 2018" }, { "available": [ "OS X Lion v10.7.5 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Jack Tang (@jacktang310) and Moony Li of Trend Micro working with Trend Micro\u2019s Zero Day Initiative", "description": "A memory corruption issue was addressed through improved memory handling.", "id": "CVE-2016-4750", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207143", "https://support.apple.com/en-us/HT207170" ], "module": "S2 Camera", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12" ], "credit": "Daniel Chatfield of Monzo Bank", "description": "A state management issue existed in the handling of tab sessions. This issue was addressed through session state management.", "id": "CVE-2016-4751", "impact": "Visiting a malicious website may lead to address bar spoofing", "links": [ "https://support.apple.com/en-us/HT207157" ], "module": "Safari Tabs", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5 and later" ], "credit": "Mark Rogers of PowerMapper Software", "description": "A resource management issue existed in the handling of key derivation. This issue was addressed by adding CF_RETURNS_RETAINED to SecKeyDeriveFromPassword.", "id": "CVE-2016-4752", "impact": "An application using SecKeyDeriveFromPassword may leak memory", "links": [ "https://support.apple.com/en-us/HT207170" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Lion v10.7.5 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Mark Mentovai of Google Inc.", "description": "A validation issue existed in signed disk images. This issue was addressed through improved size validation.", "id": "CVE-2016-4753", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT207141", "https://support.apple.com/en-us/HT207142", "https://support.apple.com/en-us/HT207143", "https://support.apple.com/en-us/HT207170" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12" ], "credit": "Pepi Zawodsky", "description": "RC4 was removed as a supported cipher.", "id": "CVE-2016-4754", "impact": "An attacker may be able to exploit weaknesses in the RC4 cryptographic algorithm", "links": [ "https://support.apple.com/en-us/HT207171" ], "module": "ServerDocs Server", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5 and later" ], "credit": "Axel Luttgens", "description": "A permissions issue existed in .bash_history and .bash_session. This issue was addressed through improved access restrictions.", "id": "CVE-2016-4755", "impact": "A local user may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT207170" ], "module": "Terminal", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Masato Kinugawa of Cure53", "description": "A permissions issue existed in the handling of the location variable. This was addressed though additional ownership checks.", "id": "CVE-2016-4758", "impact": "Visiting a maliciously crafted website may leak sensitive data", "links": [ "https://support.apple.com/en-us/HT207143", "https://support.apple.com/en-us/HT207157", "https://support.apple.com/en-us/HT207158" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Tongbo Luo of Palo Alto Networks", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-4759", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207142", "https://support.apple.com/en-us/HT207143", "https://support.apple.com/en-us/HT207157", "https://support.apple.com/en-us/HT207158" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Jordan Milne", "description": "Safari's support of HTTP/0.9 allowed cross-protocol exploitation of non-HTTP services using DNS rebinding. The issue was addressed by restricting HTTP/0.9 responses to default ports and canceling resource loads if the document was loaded with a different HTTP protocol version.", "id": "CVE-2016-4760", "impact": "A malicious website may be able to access non-HTTP services", "links": [ "https://support.apple.com/en-us/HT207143", "https://support.apple.com/en-us/HT207157", "https://support.apple.com/en-us/HT207158" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Zheng Huang of Baidu Security Lab", "description": "A memory corruption issue was addressed through improved memory handling.", "id": "CVE-2016-4762", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207143", "https://support.apple.com/en-us/HT207147", "https://support.apple.com/en-us/HT207157", "https://support.apple.com/en-us/HT207158" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "an anonymous researcher", "description": "A certificate validation issue existed in the handling of WKWebView. This issue was addressed through improved validation.", "id": "CVE-2016-4763", "impact": "An attacker in a privileged network position may be able to intercept and alter network traffic to applications using WKWebView with HTTPS", "links": [ "https://support.apple.com/en-us/HT207143", "https://support.apple.com/en-us/HT207157", "https://support.apple.com/en-us/HT207158" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Available for: Windows 7 and later", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Apple", "description": "Multiple memory corruption issues were addressed through improved state management.", "id": "CVE-2016-4764", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207142", "https://support.apple.com/en-us/HT207143", "https://support.apple.com/en-us/HT207157", "https://support.apple.com/en-us/HT207158" ], "module": "WebKit", "rsr": "", "update": "November 3, 2016" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Apple", "description": "Multiple memory corruption issues were addressed through improved state management.", "id": "CVE-2016-4765", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207142", "https://support.apple.com/en-us/HT207143", "https://support.apple.com/en-us/HT207157", "https://support.apple.com/en-us/HT207158" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Apple", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-4766", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207142", "https://support.apple.com/en-us/HT207143", "https://support.apple.com/en-us/HT207157", "https://support.apple.com/en-us/HT207158" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Apple", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-4767", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207142", "https://support.apple.com/en-us/HT207143", "https://support.apple.com/en-us/HT207157", "https://support.apple.com/en-us/HT207158" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Anonymous working with Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-4768", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207142", "https://support.apple.com/en-us/HT207143", "https://support.apple.com/en-us/HT207157", "https://support.apple.com/en-us/HT207158" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12", "Windows 7 and later" ], "credit": "Tongbo Luo of Palo Alto Networks", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-4769", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207157", "https://support.apple.com/en-us/HT207158" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Balazs Bucsay, Research Director of MRG Effitas", "description": "A parsing issue in the handling of directory paths was addressed through improved path validation.", "id": "CVE-2016-4771", "impact": "A local application may be able to access restricted files", "links": [ "https://support.apple.com/en-us/HT207143", "https://support.apple.com/en-us/HT207170" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Lion v10.7.5 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Marc Heuse of mh-sec", "description": "A lock handling issue was addressed through improved lock handling.", "id": "CVE-2016-4772", "impact": "A remote attacker may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT207141", "https://support.apple.com/en-us/HT207142", "https://support.apple.com/en-us/HT207143", "https://support.apple.com/en-us/HT207170" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Lion v10.7.5 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Brandon Azad", "description": "Multiple out-of-bounds read issues existed that led to the disclosure of kernel memory. These were addressed through improved input validation.", "id": "CVE-2016-4773", "impact": "An application may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT207141", "https://support.apple.com/en-us/HT207142", "https://support.apple.com/en-us/HT207143", "https://support.apple.com/en-us/HT207170" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Lion v10.7.5 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Brandon Azad", "description": "Multiple out-of-bounds read issues existed that led to the disclosure of kernel memory. These were addressed through improved input validation.", "id": "CVE-2016-4774", "impact": "An application may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT207141", "https://support.apple.com/en-us/HT207142", "https://support.apple.com/en-us/HT207143", "https://support.apple.com/en-us/HT207170" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Lion v10.7.5 and later" ], "credit": "Brandon Azad", "description": "A memory corruption issue was addressed through improved memory handling.", "id": "CVE-2016-4775", "impact": "A local user may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207141", "https://support.apple.com/en-us/HT207142", "https://support.apple.com/en-us/HT207170" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Lion v10.7.5 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Brandon Azad", "description": "Multiple out-of-bounds read issues existed that led to the disclosure of kernel memory. These were addressed through improved input validation.", "id": "CVE-2016-4776", "impact": "An application may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT207141", "https://support.apple.com/en-us/HT207142", "https://support.apple.com/en-us/HT207143", "https://support.apple.com/en-us/HT207170" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Lion v10.7.5 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Lufeng Li of Qihoo 360 Vulcan Team", "description": "An untrusted pointer dereference was addressed by removing the affected code.", "id": "CVE-2016-4777", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207141", "https://support.apple.com/en-us/HT207142", "https://support.apple.com/en-us/HT207143", "https://support.apple.com/en-us/HT207170" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Lion v10.7.5 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "CESG", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-4778", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207141", "https://support.apple.com/en-us/HT207142", "https://support.apple.com/en-us/HT207143", "https://support.apple.com/en-us/HT207170" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5 and later" ], "credit": "riusksk of Tencent Security Platform Department", "description": "A memory corruption issue was addressed through improved memory handling.", "id": "CVE-2016-4779", "impact": "Processing a maliciously crafted font file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207170" ], "module": "ATS", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12" ], "credit": "sweetchip of Grayhash", "description": "A null pointer dereference was addressed through improved input validation.", "id": "CVE-2016-4780", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207275" ], "module": "Thunderbolt", "rsr": "", "update": "November 29, 2016" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "an anonymous researcher", "description": "In some cases, a counter issue existed in the handling of passcode attempts when resetting the passcode. This was addressed through improved state management.", "id": "CVE-2016-4781", "impact": "A person with physical access to an iOS device may be able to unlock the device", "links": [ "https://support.apple.com/en-us/HT207422" ], "module": "SpringBoard", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.5 and OS X El Capitan v10.11 and later" ], "credit": "", "description": "Multiple issues existed in PHP versions prior to 5.5.36. These were addressed by updating PHP to version 5.5.36.", "id": "CVE-2016-5093", "impact": "A remote attacker may be able to execute arbitrary code", "links": [ "https://support.apple.com/en-us/HT206903" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.5 and OS X El Capitan v10.11 and later" ], "credit": "", "description": "Multiple issues existed in PHP versions prior to 5.5.36. These were addressed by updating PHP to version 5.5.36.", "id": "CVE-2016-5094", "impact": "A remote attacker may be able to execute arbitrary code", "links": [ "https://support.apple.com/en-us/HT206903" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.5 and OS X El Capitan v10.11 and later" ], "credit": "", "description": "Multiple issues existed in PHP versions prior to 5.5.36. These were addressed by updating PHP to version 5.5.36.", "id": "CVE-2016-5096", "impact": "A remote attacker may be able to execute arbitrary code", "links": [ "https://support.apple.com/en-us/HT206903" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Lion v10.7.5 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Nick Wellnhofer", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-5131", "impact": "Multiple issues in libxml2, the most significant of which may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207141", "https://support.apple.com/en-us/HT207142", "https://support.apple.com/en-us/HT207143", "https://support.apple.com/en-us/HT207170" ], "module": "libxml2", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.1" ], "credit": "", "description": "Multiple issues existed in curl. These issues were addressed by updating to curl version 7.51.0.", "id": "CVE-2016-5419", "impact": "An attacker in a privileged network position may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT207423" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.1" ], "credit": "", "description": "Multiple issues existed in curl. These issues were addressed by updating to curl version 7.51.0.", "id": "CVE-2016-5420", "impact": "An attacker in a privileged network position may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT207423" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.1" ], "credit": "", "description": "Multiple issues existed in curl. These issues were addressed by updating to curl version 7.51.0.", "id": "CVE-2016-5421", "impact": "An attacker in a privileged network position may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT207423" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5 and later" ], "credit": "", "description": "Multiple issues in PHP were addressed by updating PHP to version 5.6.24.", "id": "CVE-2016-5768", "impact": "Multiple issues in PHP, the most significant of which may lead to unexpected application termination or arbitrary code execution.", "links": [ "https://support.apple.com/en-us/HT207170" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5 and later" ], "credit": "", "description": "Multiple issues in PHP were addressed by updating PHP to version 5.6.24.", "id": "CVE-2016-5769", "impact": "Multiple issues in PHP, the most significant of which may lead to unexpected application termination or arbitrary code execution.", "links": [ "https://support.apple.com/en-us/HT207170" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5 and later" ], "credit": "", "description": "Multiple issues in PHP were addressed by updating PHP to version 5.6.24.", "id": "CVE-2016-5770", "impact": "Multiple issues in PHP, the most significant of which may lead to unexpected application termination or arbitrary code execution.", "links": [ "https://support.apple.com/en-us/HT207170" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5 and later" ], "credit": "", "description": "Multiple issues in PHP were addressed by updating PHP to version 5.6.24.", "id": "CVE-2016-5771", "impact": "Multiple issues in PHP, the most significant of which may lead to unexpected application termination or arbitrary code execution.", "links": [ "https://support.apple.com/en-us/HT207170" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5 and later" ], "credit": "", "description": "Multiple issues in PHP were addressed by updating PHP to version 5.6.24.", "id": "CVE-2016-5772", "impact": "Multiple issues in PHP, the most significant of which may lead to unexpected application termination or arbitrary code execution.", "links": [ "https://support.apple.com/en-us/HT207170" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5 and later" ], "credit": "", "description": "Multiple issues in PHP were addressed by updating PHP to version 5.6.24.", "id": "CVE-2016-5773", "impact": "Multiple issues in PHP, the most significant of which may lead to unexpected application termination or arbitrary code execution.", "links": [ "https://support.apple.com/en-us/HT207170" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5 and later" ], "credit": "", "description": "Multiple issues in PHP were addressed by updating PHP to version 5.6.24.", "id": "CVE-2016-6174", "impact": "Multiple issues in PHP, the most significant of which may lead to unexpected application termination or arbitrary code execution.", "links": [ "https://support.apple.com/en-us/HT207170" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5 and later" ], "credit": "", "description": "Multiple issues in PHP were addressed by updating PHP to version 5.6.24.", "id": "CVE-2016-6288", "impact": "Multiple issues in PHP, the most significant of which may lead to unexpected application termination or arbitrary code execution.", "links": [ "https://support.apple.com/en-us/HT207170" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5 and later" ], "credit": "", "description": "Multiple issues in PHP were addressed by updating PHP to version 5.6.24.", "id": "CVE-2016-6289", "impact": "Multiple issues in PHP, the most significant of which may lead to unexpected application termination or arbitrary code execution.", "links": [ "https://support.apple.com/en-us/HT207170" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5 and later" ], "credit": "", "description": "Multiple issues in PHP were addressed by updating PHP to version 5.6.24.", "id": "CVE-2016-6290", "impact": "Multiple issues in PHP, the most significant of which may lead to unexpected application termination or arbitrary code execution.", "links": [ "https://support.apple.com/en-us/HT207170" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5 and later" ], "credit": "", "description": "Multiple issues in PHP were addressed by updating PHP to version 5.6.24.", "id": "CVE-2016-6291", "impact": "Multiple issues in PHP, the most significant of which may lead to unexpected application termination or arbitrary code execution.", "links": [ "https://support.apple.com/en-us/HT207170" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5 and later" ], "credit": "", "description": "Multiple issues in PHP were addressed by updating PHP to version 5.6.24.", "id": "CVE-2016-6292", "impact": "Multiple issues in PHP, the most significant of which may lead to unexpected application termination or arbitrary code execution.", "links": [ "https://support.apple.com/en-us/HT207170" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5 and later" ], "credit": "", "description": "Multiple issues in PHP were addressed by updating PHP to version 5.6.24.", "id": "CVE-2016-6294", "impact": "Multiple issues in PHP, the most significant of which may lead to unexpected application termination or arbitrary code execution.", "links": [ "https://support.apple.com/en-us/HT207170" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5 and later" ], "credit": "", "description": "Multiple issues in PHP were addressed by updating PHP to version 5.6.24.", "id": "CVE-2016-6295", "impact": "Multiple issues in PHP, the most significant of which may lead to unexpected application termination or arbitrary code execution.", "links": [ "https://support.apple.com/en-us/HT207170" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5 and later" ], "credit": "", "description": "Multiple issues in PHP were addressed by updating PHP to version 5.6.24.", "id": "CVE-2016-6296", "impact": "Multiple issues in PHP, the most significant of which may lead to unexpected application termination or arbitrary code execution.", "links": [ "https://support.apple.com/en-us/HT207170" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5 and later" ], "credit": "", "description": "Multiple issues in PHP were addressed by updating PHP to version 5.6.24.", "id": "CVE-2016-6297", "impact": "Multiple issues in PHP, the most significant of which may lead to unexpected application termination or arbitrary code execution.", "links": [ "https://support.apple.com/en-us/HT207170" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.1" ], "credit": "", "description": "An overflow issue existed in MDC2_Update(). This issue was addressed through improved input validation.", "id": "CVE-2016-6303", "impact": "An application may be able to execute arbitrary code", "links": [ "https://support.apple.com/en-us/HT207423" ], "module": "OpenSSL", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.1", "macOS Sierra 10.12.1 and OS X El Capitan v10.11.6" ], "credit": "", "description": "A denial of service issue in unbounded OCSP growth was addressed through improved memory handling.", "id": "CVE-2016-6304", "impact": "An attacker with a privileged network position may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT207423" ], "module": "LibreSSL", "rsr": "", "update": "December 14, 2016" }, { "available": [ "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Apple", "description": "A buffer overflow existed within the \"link_ntoa()\" function in linkaddr.c. This issue was addressed through additional bounds checking.", "id": "CVE-2016-6559", "impact": "A remote attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206902", "https://support.apple.com/en-us/HT206903", "https://support.apple.com/en-us/HT206904" ], "module": "Libc", "rsr": "", "update": "January 10, 2017" }, { "available": [ "macOS Sierra 10.12.1" ], "credit": "", "description": "Multiple issues existed in curl. These issues were addressed by updating to curl version 7.51.0.", "id": "CVE-2016-7141", "impact": "An attacker in a privileged network position may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT207423" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.1" ], "credit": "", "description": "Multiple issues existed in curl. These issues were addressed by updating to curl version 7.51.0.", "id": "CVE-2016-7167", "impact": "An attacker in a privileged network position may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT207423" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.1" ], "credit": "", "description": "Multiple issues existed in PHP before 5.6.26. These were addressed by updating PHP to version 5.6.26.", "id": "CVE-2016-7411", "impact": "A remote attacker may cause an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207423" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.1" ], "credit": "", "description": "Multiple issues existed in PHP before 5.6.26. These were addressed by updating PHP to version 5.6.26.", "id": "CVE-2016-7412", "impact": "A remote attacker may cause an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207423" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.1" ], "credit": "", "description": "Multiple issues existed in PHP before 5.6.26. These were addressed by updating PHP to version 5.6.26.", "id": "CVE-2016-7413", "impact": "A remote attacker may cause an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207423" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.1" ], "credit": "", "description": "Multiple issues existed in PHP before 5.6.26. These were addressed by updating PHP to version 5.6.26.", "id": "CVE-2016-7414", "impact": "A remote attacker may cause an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207423" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.1" ], "credit": "", "description": "Multiple issues existed in PHP before 5.6.26. These were addressed by updating PHP to version 5.6.26.", "id": "CVE-2016-7416", "impact": "A remote attacker may cause an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207423" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.1" ], "credit": "", "description": "Multiple issues existed in PHP before 5.6.26. These were addressed by updating PHP to version 5.6.26.", "id": "CVE-2016-7417", "impact": "A remote attacker may cause an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207423" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.1" ], "credit": "", "description": "Multiple issues existed in PHP before 5.6.26. These were addressed by updating PHP to version 5.6.26.", "id": "CVE-2016-7418", "impact": "A remote attacker may cause an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207423" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "qwertyoruiop", "description": "A memory corruption issue existed in the kernel. This issue was addressed through improved memory handling.", "id": "CVE-2016-7576", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT206902" ], "module": "GasGauge", "rsr": "", "update": "September 27, 2016" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12" ], "credit": "Martin Vigo (@martin_vigo) of salesforce.com", "description": "User interface inconsistencies existed in the handling of relayed calls. These issues were addressed through improved protocol logic.", "id": "CVE-2016-7577", "impact": "An attacker in a privileged network position may be able to cause a relayed call to continue transmitting audio while appearing as if the call terminated", "links": [ "https://support.apple.com/en-us/HT207271", "https://support.apple.com/en-us/HT207275" ], "module": "FaceTime", "rsr": "", "update": "October 27, 2016" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Apple", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-7578", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207270", "https://support.apple.com/en-us/HT207271", "https://support.apple.com/en-us/HT207272", "https://support.apple.com/en-us/HT207273", "https://support.apple.com/en-us/HT207274" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12" ], "credit": "Jerry Decime", "description": "A phishing issue existed in the handling of proxy credentials. This issue was addressed by removing unsolicited proxy password authentication prompts.", "id": "CVE-2016-7579", "impact": "An attacker in a privileged network position may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT207270", "https://support.apple.com/en-us/HT207271", "https://support.apple.com/en-us/HT207275" ], "module": "CFNetwork Proxies", "rsr": "", "update": "" }, { "available": [ "OS X Lion v10.7.5 and later" ], "credit": "Sabri Haddouche (@pwnsdx)", "description": "A denial of service issue was addressed through improved URL handling.", "id": "CVE-2016-7580", "impact": "A malicious website may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/HT207170" ], "module": "Mail", "rsr": "", "update": "December 1, 2016" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Sabri Haddouche (@pwnsdx)", "description": "A denial of service issue was addressed through improved URL handling.", "id": "CVE-2016-7581", "impact": "A malicious website may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/HT207271" ], "module": "Safari", "rsr": "", "update": "December 1, 2016" }, { "available": [ "OS X Lion v10.7.5 and later" ], "credit": "Liang Chen of Tencent KeenLab", "description": "A use after free issue was addressed through improved memory management.", "id": "CVE-2016-7582", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207170" ], "module": "Intel Graphics Driver", "rsr": "", "update": "November 14, 2016" }, { "available": [ "Windows 7 and later" ], "credit": "Nitesh Kumar Shilpkar", "description": "A dynamic library loading issue existed in iCloud setup. This was addressed through improved path searching.", "id": "CVE-2016-7583", "impact": "Running the iCloud installer in an untrusted directory may result in arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207273" ], "module": "iCloud", "rsr": "", "update": "November 27, 2016" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12" ], "credit": "Mark Mentovai and Boris Vidolov of Google Inc.", "description": "A validation issue existed in the handling of code signatures. This issue was addressed through additional validation.", "id": "CVE-2016-7584", "impact": "A signed executable may substitute code with the same team ID", "links": [ "https://support.apple.com/en-us/HT207269", "https://support.apple.com/en-us/HT207270", "https://support.apple.com/en-us/HT207271", "https://support.apple.com/en-us/HT207275" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "December 6, 2016" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.2", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Boris Zbarsky", "description": "A validation issue was addressed through improved state management.", "id": "CVE-2016-7586", "impact": "Processing maliciously crafted web content may result in the disclosure of user information", "links": [ "https://support.apple.com/en-us/HT207421", "https://support.apple.com/en-us/HT207422", "https://support.apple.com/en-us/HT207424", "https://support.apple.com/en-us/HT207425", "https://support.apple.com/en-us/HT207427" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.2", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Adam Klein", "description": "Multiple memory corruption issues were addressed through improved state management.", "id": "CVE-2016-7587", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207421", "https://support.apple.com/en-us/HT207422", "https://support.apple.com/en-us/HT207424", "https://support.apple.com/en-us/HT207425", "https://support.apple.com/en-us/HT207427" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.1" ], "credit": "dragonltx of Huawei 2012 Laboratories", "description": "A memory corruption issue was addressed through improved memory handling.", "id": "CVE-2016-7588", "impact": "Processing a maliciously crafted .mp4 file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207422", "https://support.apple.com/en-us/HT207423", "https://support.apple.com/en-us/HT207425" ], "module": "CoreMedia Playback", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.2", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Apple", "description": "A memory corruption issue was addressed through improved state management.", "id": "CVE-2016-7589", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207421", "https://support.apple.com/en-us/HT207422", "https://support.apple.com/en-us/HT207424", "https://support.apple.com/en-us/HT207425", "https://support.apple.com/en-us/HT207427" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.1" ], "credit": "daybreaker of Minionz", "description": "A use after free issue was addressed through improved memory management.", "id": "CVE-2016-7591", "impact": "A local application with system privileges may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207422", "https://support.apple.com/en-us/HT207423", "https://support.apple.com/en-us/HT207425" ], "module": "IOHIDFamily", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.2", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "xisigr of Tencent's Xuanwu Lab (tencent.com)", "description": "An issue existed in handling of JavaScript prompts. This was addressed through improved state management.", "id": "CVE-2016-7592", "impact": "Processing maliciously crafted web content may compromise user information", "links": [ "https://support.apple.com/en-us/HT207421", "https://support.apple.com/en-us/HT207422", "https://support.apple.com/en-us/HT207424", "https://support.apple.com/en-us/HT207427" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.1" ], "credit": "Andr\u00e9 Bargull", "description": "A memory corruption issue was addressed through improved memory handling.", "id": "CVE-2016-7594", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207422", "https://support.apple.com/en-us/HT207423", "https://support.apple.com/en-us/HT207425" ], "module": "ICU", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.1" ], "credit": "riusksk(\u6cc9\u54e5) of Tencent Security Platform Department", "description": "Multiple memory corruption issues existed in the handling of font files. These issues were addressed through improved bounds checking.", "id": "CVE-2016-7595", "impact": "Processing a maliciously crafted font file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207422", "https://support.apple.com/en-us/HT207423", "https://support.apple.com/en-us/HT207425" ], "module": "CoreText", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.1, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5" ], "credit": "Pekka Oikarainen, Matias Karhumaa and Marko Laakso of Synopsys Software Integrity Group", "description": "A memory corruption issue was addressed through improved memory handling.", "id": "CVE-2016-7596", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207423" ], "module": "Bluetooth", "rsr": "", "update": "December 14, 2016" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "an anonymous researcher", "description": "A cleanup issue existed in the handling of Handoff with Siri. This was addressed through improved state management.", "id": "CVE-2016-7597", "impact": "A person with physical access to an iOS device may be able to keep the device unlocked", "links": [ "https://support.apple.com/en-us/HT207422" ], "module": "SpringBoard", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.2", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Samuel Gro\u00df", "description": "An uninitialized memory access issue was addressed through improved memory initialization.", "id": "CVE-2016-7598", "impact": "Processing maliciously crafted web content may result in the disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT207421", "https://support.apple.com/en-us/HT207422", "https://support.apple.com/en-us/HT207424", "https://support.apple.com/en-us/HT207425", "https://support.apple.com/en-us/HT207427" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.2", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Muneaki Nishimura (nishimunea) of Recruit Technologies Co., Ltd.", "description": "An issue existed in the handling of HTTP redirects. This issue was addressed through improved cross origin validation.", "id": "CVE-2016-7599", "impact": "Processing maliciously crafted web content may result in the disclosure of user information", "links": [ "https://support.apple.com/en-us/HT207421", "https://support.apple.com/en-us/HT207422", "https://support.apple.com/en-us/HT207424", "https://support.apple.com/en-us/HT207425", "https://support.apple.com/en-us/HT207427" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.1" ], "credit": "Perette Barella of DeviousFish.com", "description": "PAM authentication within sandboxed applications failed insecurely. This was addressed with improved error handling.", "id": "CVE-2016-7600", "impact": "A local unprivileged user may gain access to privileged applications", "links": [ "https://support.apple.com/en-us/HT207423" ], "module": "OpenPAM", "rsr": "", "update": "" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "an anonymous researcher", "description": "A logic issue existed in the handling of the idle timer when the Touch ID prompt is shown. This issue was addressed through improved handling of the idle timer.", "id": "CVE-2016-7601", "impact": "The device may not lock the screen after the idle timeout", "links": [ "https://support.apple.com/en-us/HT207422" ], "module": "Local Authentication", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.1" ], "credit": "daybreaker@Minionz working with Trend Micro's Zero Day Initiative", "description": "A memory corruption issue was addressed through improved input validation.", "id": "CVE-2016-7602", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207423" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.1" ], "credit": "daybreaker@Minionz working with Trend Micro's Zero Day Initiative", "description": "A null pointer dereference was addressed through improved input validation.", "id": "CVE-2016-7603", "impact": "A local user may be able to cause a system denial of service", "links": [ "https://support.apple.com/en-us/HT207423" ], "module": "CoreStorage", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.1 and OS X El Capitan v10.11.6" ], "credit": "daybreaker of Minionz", "description": "A null pointer dereference was addressed through improved state management.", "id": "CVE-2016-7604", "impact": "A local user may be able to cause a system denial of service", "links": [ "https://support.apple.com/en-us/HT207423" ], "module": "CoreCapture", "rsr": "", "update": "December 14, 2016" }, { "available": [ "macOS Sierra 10.12.1" ], "credit": "daybreaker of Minionz", "description": "A null pointer dereference was addressed through improved input validation.", "id": "CVE-2016-7605", "impact": "An application may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT207423" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.1" ], "credit": "@cocoahuke, Chen Qin of Topsec Alpha Team (topsec.com)", "description": "Multiple memory corruption issues were addressed through improved input validation.", "id": "CVE-2016-7606", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207422", "https://support.apple.com/en-us/HT207423", "https://support.apple.com/en-us/HT207425" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.1" ], "credit": "Brandon Azad", "description": "An insufficient initialization issue was addressed by properly initializing memory returned to user space.", "id": "CVE-2016-7607", "impact": "An application may be able to read kernel memory", "links": [ "https://support.apple.com/en-us/HT207422", "https://support.apple.com/en-us/HT207423", "https://support.apple.com/en-us/HT207425" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.1" ], "credit": "Brandon Azad", "description": "A memory corruption issue was addressed through improved memory handling.", "id": "CVE-2016-7608", "impact": "A local attacker may be able to read kernel memory", "links": [ "https://support.apple.com/en-us/HT207423" ], "module": "IOFireWireFamily", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.1" ], "credit": "daybreaker@Minionz working with Trend Micro's Zero Day Initiative", "description": "A null pointer dereference was addressed through improved input validation.", "id": "CVE-2016-7609", "impact": "A local user may be able to cause a system denial of service", "links": [ "https://support.apple.com/en-us/HT207423" ], "module": "AppleGraphicsPowerManagement", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.2", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Zheng Huang of the Baidu Security Lab working with Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed through improved state management.", "id": "CVE-2016-7610", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207421", "https://support.apple.com/en-us/HT207422", "https://support.apple.com/en-us/HT207424", "https://support.apple.com/en-us/HT207425", "https://support.apple.com/en-us/HT207427" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.2", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "an anonymous researcher working with Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed through improved state management.", "id": "CVE-2016-7611", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207421", "https://support.apple.com/en-us/HT207422", "https://support.apple.com/en-us/HT207424", "https://support.apple.com/en-us/HT207425", "https://support.apple.com/en-us/HT207427" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.1" ], "credit": "Ian Beer of Google Project Zero", "description": "Multiple memory corruption issues were addressed through improved input validation.", "id": "CVE-2016-7612", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207422", "https://support.apple.com/en-us/HT207423", "https://support.apple.com/en-us/HT207425" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12" ], "credit": "Ian Beer of Google Project Zero", "description": "Multiple object lifetime issues existed when spawning new processes. These were addressed through improved validation.", "id": "CVE-2016-7613", "impact": "A local application may be able to execute arbitrary code with root privileges", "links": [ "https://support.apple.com/en-us/HT207269", "https://support.apple.com/en-us/HT207270", "https://support.apple.com/en-us/HT207271", "https://support.apple.com/en-us/HT207275" ], "module": "Kernel", "rsr": "", "update": "November 1, 2016" }, { "available": [ "Windows 7 and later" ], "credit": "Yakir Wizman", "description": "The iCloud desktop client failed to clear sensitive information in memory. This issue was addressed through improved memory handling.", "id": "CVE-2016-7614", "impact": "A local user may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT207424" ], "module": "Windows Security", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.1" ], "credit": "The UK's National Cyber Security Centre (NCSC)", "description": "A denial of service issue was addressed through improved memory handling.", "id": "CVE-2016-7615", "impact": "A local user may be able to cause a system denial of service", "links": [ "https://support.apple.com/en-us/HT207422", "https://support.apple.com/en-us/HT207423", "https://support.apple.com/en-us/HT207425" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.1" ], "credit": "daybreaker@Minionz working with Trend Micro's Zero Day Initiative", "description": "A memory corruption issue was addressed through improved input validation.", "id": "CVE-2016-7616", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207422", "https://support.apple.com/en-us/HT207423", "https://support.apple.com/en-us/HT207425" ], "module": "Disk Images", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.1" ], "credit": "Radu Motspan working with Trend Micro's Zero Day Initiative, Ian Beer of Google Project Zero", "description": "A type confusion issue was addressed through improved memory handling.", "id": "CVE-2016-7617", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT207423" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.1" ], "credit": "riusksk(\u6cc9\u54e5) of Tencent Security Platform Department", "description": "A memory corruption issue was addressed through improved input validation.", "id": "CVE-2016-7618", "impact": "Opening a maliciously crafted .gcx file may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207423" ], "module": "Foundation", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.1" ], "credit": "an anonymous researcher", "description": "A validation issue existed in the handling of symlinks. This issue was addressed through improved validation of symlinks.", "id": "CVE-2016-7619", "impact": "A local attacker may be able to overwrite existing files", "links": [ "https://support.apple.com/en-us/HT207422", "https://support.apple.com/en-us/HT207423", "https://support.apple.com/en-us/HT207425" ], "module": "libarchive", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.1" ], "credit": "Qidan He (@flanker_hqd) from KeenLab working with Trend Micro's Zero Day Initiative", "description": "A shared memory issue was addressed through improved memory handling.", "id": "CVE-2016-7620", "impact": "A local user may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT207423" ], "module": "IOSurface", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.1" ], "credit": "Ian Beer of Google Project Zero", "description": "A use after free issue was addressed through improved memory management.", "id": "CVE-2016-7621", "impact": "A local user may be able to cause an unexpected system termination or arbitrary code execution in the kernel", "links": [ "https://support.apple.com/en-us/HT207422", "https://support.apple.com/en-us/HT207423", "https://support.apple.com/en-us/HT207425" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.1" ], "credit": "riusksk(\u6cc9\u54e5) of Tencent Security Platform Department", "description": "A memory corruption issue was addressed through improved input validation.", "id": "CVE-2016-7622", "impact": "Opening a maliciously crafted .gcx file may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207423" ], "module": "Grapher", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.1", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "xisigr of Tencent's Xuanwu Lab (tencent.com)", "description": "An issue existed in the handling of blob URLs. This issue was addressed through improved URL handling.", "id": "CVE-2016-7623", "impact": "Visiting a maliciously crafted website may compromise user information", "links": [ "https://support.apple.com/en-us/HT207421", "https://support.apple.com/en-us/HT207422" ], "module": "WebKit", "rsr": "", "update": "December 14, 2016" }, { "available": [ "macOS Sierra 10.12.1" ], "credit": "Qidan He (@flanker_hqd) from KeenLab working with Trend Micro's Zero Day Initiative", "description": "A shared memory issue was addressed through improved memory handling.", "id": "CVE-2016-7624", "impact": "A local user may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT207423" ], "module": "IOAcceleratorFamily", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.1" ], "credit": "Qidan He (@flanker_hqd) from KeenLab working with Trend Micro's Zero Day Initiative", "description": "A shared memory issue was addressed through improved memory handling.", "id": "CVE-2016-7625", "impact": "A local user may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT207423" ], "module": "IOKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Maksymilian Arciemowicz (cxsecurity.com)", "description": "A memory corruption issue existed in the handling of certificate profiles. This issue was addressed through improved input validation.", "id": "CVE-2016-7626", "impact": "Opening a maliciously crafted certificate may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207422", "https://support.apple.com/en-us/HT207425" ], "module": "Profiles", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.1" ], "credit": "TRAPMINE Inc. & Meysam Firouzi @R00tkitSMM", "description": "A null pointer dereference was addressed through improved input validation.", "id": "CVE-2016-7627", "impact": "Processing a maliciously crafted font file may lead to unexpected application termination", "links": [ "https://support.apple.com/en-us/HT207422", "https://support.apple.com/en-us/HT207423", "https://support.apple.com/en-us/HT207425" ], "module": "CoreGraphics", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.1" ], "credit": "Marcel Bresink of Marcel Bresink Software-Systeme", "description": "A permissions issue existed in mobile assets. This issue was addressed through improved access restrictions.", "id": "CVE-2016-7628", "impact": "A local attacker may modify downloaded mobile assets", "links": [ "https://support.apple.com/en-us/HT207423" ], "module": "Assets", "rsr": "", "update": "December 15, 2016" }, { "available": [ "macOS Sierra 10.12.1" ], "credit": "@cocoahuke", "description": "A memory corruption issue was addressed through improved input validation.", "id": "CVE-2016-7629", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207423" ], "module": "kext tools", "rsr": "", "update": "" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Marco Grassi (@marcograss) of KeenLab (@keen_lab) Tencent working with Trend Micro's Zero Day Initiative", "description": "A sandbox escape issue was addressed through additional restrictions.", "id": "CVE-2016-7630", "impact": "A sandboxed process may be able to circumvent sandbox restrictions", "links": [ "https://support.apple.com/en-us/HT207422" ], "module": "WebSheet", "rsr": "", "update": "January 25, 2017" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.2", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Jeonghoon Shin", "description": "A memory corruption issue was addressed through improved state management.", "id": "CVE-2016-7632", "impact": "Processing maliciously crafted web content may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207421", "https://support.apple.com/en-us/HT207422", "https://support.apple.com/en-us/HT207424", "https://support.apple.com/en-us/HT207425", "https://support.apple.com/en-us/HT207427" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.1" ], "credit": "Ian Beer of Google Project Zero", "description": "A use after free issue was addressed through improved memory management.", "id": "CVE-2016-7633", "impact": "A local user may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/HT207423" ], "module": "Directory Services", "rsr": "", "update": "" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Davut Hari, Biren V. Soni, Cameron Lee", "description": "A disclosure issue existed in the handling of passwords. This issue was addressed by disabling the speaking of passwords.", "id": "CVE-2016-7634", "impact": "A nearby user may be able to overhear spoken passwords", "links": [ "https://support.apple.com/en-us/HT207422" ], "module": "Accessibility", "rsr": "", "update": "January 10, 2017" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.2", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Apple", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-7635", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207421", "https://support.apple.com/en-us/HT207422", "https://support.apple.com/en-us/HT207424", "https://support.apple.com/en-us/HT207425", "https://support.apple.com/en-us/HT207427" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.1" ], "credit": "Maksymilian Arciemowicz (cxsecurity.com)", "description": "A validation issue existed in the handling of OCSP responder URLs. This issue was addressed by verifying OCSP revocation status after CA validation and limiting the number of OCSP requests per certificate.", "id": "CVE-2016-7636", "impact": "An attacker in a privileged network position may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT207422", "https://support.apple.com/en-us/HT207423", "https://support.apple.com/en-us/HT207425" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.1" ], "credit": "Ian Beer of Google Project Zero", "description": "A memory corruption issue was addressed through improved input validation.", "id": "CVE-2016-7637", "impact": "A local user may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/HT207422", "https://support.apple.com/en-us/HT207423", "https://support.apple.com/en-us/HT207425" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "an anonymous researcher, Sezer Sakiner", "description": "A state management issue existed in the handling of authentication information. This issue was addressed through improved storage of account information.", "id": "CVE-2016-7638", "impact": "An attacker with an unlocked device may be able to disable Find My iPhone", "links": [ "https://support.apple.com/en-us/HT207422" ], "module": "Find My iPhone", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.2", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Tongbo Luo of Palo Alto Networks", "description": "Multiple memory corruption issues were addressed through improved state management.", "id": "CVE-2016-7639", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207421", "https://support.apple.com/en-us/HT207422", "https://support.apple.com/en-us/HT207424", "https://support.apple.com/en-us/HT207425", "https://support.apple.com/en-us/HT207427" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.2", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Kai Kang of Tencent's Xuanwu Lab (tencent.com)", "description": "Multiple memory corruption issues were addressed through improved state management.", "id": "CVE-2016-7640", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207421", "https://support.apple.com/en-us/HT207422", "https://support.apple.com/en-us/HT207424", "https://support.apple.com/en-us/HT207425", "https://support.apple.com/en-us/HT207427" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.2", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Kai Kang of Tencent's Xuanwu Lab (tencent.com)", "description": "Multiple memory corruption issues were addressed through improved state management.", "id": "CVE-2016-7641", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207421", "https://support.apple.com/en-us/HT207422", "https://support.apple.com/en-us/HT207424", "https://support.apple.com/en-us/HT207425", "https://support.apple.com/en-us/HT207427" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.2", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Tongbo Luo of Palo Alto Networks", "description": "Multiple memory corruption issues were addressed through improved state management.", "id": "CVE-2016-7642", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207421", "https://support.apple.com/en-us/HT207422", "https://support.apple.com/en-us/HT207424", "https://support.apple.com/en-us/HT207425", "https://support.apple.com/en-us/HT207427" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.1" ], "credit": "Yangkang (@dnpushme) of Qihoo360 Qex Team", "description": "An out-of-bounds read was addressed through improved bounds checking.", "id": "CVE-2016-7643", "impact": "A remote attacker may be able to leak memory", "links": [ "https://support.apple.com/en-us/HT207422", "https://support.apple.com/en-us/HT207423", "https://support.apple.com/en-us/HT207425" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.1" ], "credit": "Ian Beer of Google Project Zero", "description": "A use after free issue was addressed through improved memory management.", "id": "CVE-2016-7644", "impact": "A local application with system privileges may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207422", "https://support.apple.com/en-us/HT207423" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.2", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Kai Kang of Tencent's Xuanwu Lab (tencent.com)", "description": "Multiple memory corruption issues were addressed through improved state management.", "id": "CVE-2016-7645", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207421", "https://support.apple.com/en-us/HT207422", "https://support.apple.com/en-us/HT207424", "https://support.apple.com/en-us/HT207425", "https://support.apple.com/en-us/HT207427" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.2", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Kai Kang of Tencent's Xuanwu Lab (tencent.com)", "description": "Multiple memory corruption issues were addressed through improved state management.", "id": "CVE-2016-7646", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207421", "https://support.apple.com/en-us/HT207422", "https://support.apple.com/en-us/HT207424", "https://support.apple.com/en-us/HT207425", "https://support.apple.com/en-us/HT207427" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.1" ], "credit": "Lufeng Li of Qihoo 360 Vulcan Team", "description": "A denial of service issue was addressed through improved memory handling.", "id": "CVE-2016-7647", "impact": "An application may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT207422", "https://support.apple.com/en-us/HT207423", "https://support.apple.com/en-us/HT207425" ], "module": "Kernel", "rsr": "", "update": "May 17, 2017" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.2", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Kai Kang of Tencent's Xuanwu Lab (tencent.com)", "description": "Multiple memory corruption issues were addressed through improved state management.", "id": "CVE-2016-7648", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207421", "https://support.apple.com/en-us/HT207422", "https://support.apple.com/en-us/HT207424", "https://support.apple.com/en-us/HT207425", "https://support.apple.com/en-us/HT207427" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.2", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Kai Kang of Tencent's Xuanwu Lab (tencent.com)", "description": "Multiple memory corruption issues were addressed through improved state management.", "id": "CVE-2016-7649", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207421", "https://support.apple.com/en-us/HT207422", "https://support.apple.com/en-us/HT207424", "https://support.apple.com/en-us/HT207425", "https://support.apple.com/en-us/HT207427" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.2", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Erling Ellingsen", "description": "Multiple validation issues were addressed through improved input sanitization.", "id": "CVE-2016-7650", "impact": "Enabling the Safari Reader feature on a maliciously crafted webpage may lead to universal cross site scripting", "links": [ "https://support.apple.com/en-us/HT207421", "https://support.apple.com/en-us/HT207422" ], "module": "Safari Reader", "rsr": "", "update": "" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Ju Zhu and Lilang Wu of Trend Micro", "description": "This issue was addressed through improved sanitization.", "id": "CVE-2016-7651", "impact": "An issue existed which did not reset the authorization settings on app uninstall", "links": [ "https://support.apple.com/en-us/HT207422" ], "module": "Accounts", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.2", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Apple", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2016-7652", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207421", "https://support.apple.com/en-us/HT207422", "https://support.apple.com/en-us/HT207424", "https://support.apple.com/en-us/HT207425", "https://support.apple.com/en-us/HT207427" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "", "description": "A validation issue existed in the handling of media selection. This issue was addressed through improved validation.", "id": "CVE-2016-7653", "impact": "A user may be able to view photos and contacts from the lockscreen", "links": [ "https://support.apple.com/en-us/HT207422" ], "module": "Media Player", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.2", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Keen Lab working with Trend Micro\u2019s Zero Day Initiative", "description": "Multiple memory corruption issues were addressed through improved state management.", "id": "CVE-2016-7654", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207421", "https://support.apple.com/en-us/HT207422", "https://support.apple.com/en-us/HT207424", "https://support.apple.com/en-us/HT207425", "https://support.apple.com/en-us/HT207427" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.1" ], "credit": "Keen Lab working with Trend Micro\u2019s Zero Day Initiative", "description": "A type confusion issue was addressed through improved memory handling.", "id": "CVE-2016-7655", "impact": "A local application may be able to execute arbitrary code in the context of the mediaserver daemon", "links": [ "https://support.apple.com/en-us/HT207422", "https://support.apple.com/en-us/HT207423", "https://support.apple.com/en-us/HT207425" ], "module": "CoreMedia External Displays", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.2", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Keen Lab working with Trend Micro\u2019s Zero Day Initiative", "description": "A memory corruption issue was addressed through improved state management.", "id": "CVE-2016-7656", "impact": "Processing maliciously crafted web content may result in the disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT207421", "https://support.apple.com/en-us/HT207422", "https://support.apple.com/en-us/HT207424", "https://support.apple.com/en-us/HT207425", "https://support.apple.com/en-us/HT207427" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.1" ], "credit": "Keen Lab working with Trend Micro\u2019s Zero Day Initiative", "description": "A memory corruption issue was addressed through improved input validation.", "id": "CVE-2016-7657", "impact": "An application may be able to read kernel memory", "links": [ "https://support.apple.com/en-us/HT207422", "https://support.apple.com/en-us/HT207423", "https://support.apple.com/en-us/HT207425" ], "module": "IOKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.1" ], "credit": "Haohao Kong of Keen Lab (@keen_lab) of Tencent", "description": "A memory corruption issue was addressed through improved input validation.", "id": "CVE-2016-7658", "impact": "Processing a maliciously crafted file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207422", "https://support.apple.com/en-us/HT207423", "https://support.apple.com/en-us/HT207425" ], "module": "Audio", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.1" ], "credit": "Haohao Kong of Keen Lab (@keen_lab) of Tencent", "description": "A memory corruption issue was addressed through improved input validation.", "id": "CVE-2016-7659", "impact": "Processing a maliciously crafted file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207422", "https://support.apple.com/en-us/HT207423", "https://support.apple.com/en-us/HT207425" ], "module": "Audio", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.1" ], "credit": "Ian Beer of Google Project Zero", "description": "An issue in mach port name references was addressed through improved validation.", "id": "CVE-2016-7660", "impact": "A local user may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/HT207422", "https://support.apple.com/en-us/HT207423", "https://support.apple.com/en-us/HT207425" ], "module": "syslog", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.1" ], "credit": "Ian Beer of Google Project Zero", "description": "An issue in mach port name references was addressed through improved validation.", "id": "CVE-2016-7661", "impact": "A local user may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/HT207422", "https://support.apple.com/en-us/HT207423", "https://support.apple.com/en-us/HT207425" ], "module": "Power Management", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.1" ], "credit": "Apple", "description": "A certificate evaluation issue existed in certificate validation. This issue was addressed through additional validation of certificates.", "id": "CVE-2016-7662", "impact": "Certificates may be unexpectedly evaluated as trusted", "links": [ "https://support.apple.com/en-us/HT207422", "https://support.apple.com/en-us/HT207423", "https://support.apple.com/en-us/HT207425" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.1" ], "credit": "an anonymous researcher", "description": "A memory corruption issue existed in the processing of strings. This issue was addressed through improved bounds checking.", "id": "CVE-2016-7663", "impact": "Processing malicious strings may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207422", "https://support.apple.com/en-us/HT207423", "https://support.apple.com/en-us/HT207425" ], "module": "CoreFoundation", "rsr": "", "update": "" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Miguel Alvarado of iDeviceHelp", "description": "A lock screen issue allowed access to photos and contacts on a locked device. This issue was addressed by restricting options offered on a locked device.", "id": "CVE-2016-7664", "impact": "A person with physical access to an iOS device may be able to access photos and contacts from the lock screen", "links": [ "https://support.apple.com/en-us/HT207422" ], "module": "Accessibility", "rsr": "", "update": "" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Moataz El Gaml of Schlumberger, Daniel Schurter of watson.ch and Marc Ruef of scip AG", "description": "A denial of service issue existed in the handling of video. This issue was addressed through improved input validation.", "id": "CVE-2016-7665", "impact": "Watching a maliciously crafted video may lead to a denial of service", "links": [ "https://support.apple.com/en-us/HT207422" ], "module": "Graphics Driver", "rsr": "", "update": "December 15, 2016" }, { "available": [ "iTunes Producer 3.1.1, OS X v10.6 and later (64 bit), Windows 7 and later (32 bit), and Red Hat Enterprise Linux (64 bit)" ], "credit": "Craig Arendt of Stratum Security", "description": "An information disclosure issue existed in the parsing of EPUB. This issue was addressed through improved parsing.", "id": "CVE-2016-7666", "impact": "Parsing maliciously crafted EPUB may lead to disclosure of user information", "links": [ "https://support.apple.com/en-us/HT207432" ], "module": "iTMSTransporter", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.1" ], "credit": "Nasser Al-Hadhrami (@fast_hack), Saif Al-Hinai (welcom_there) of Digital Unit (dgunit.com)", "description": "An issue when rendering overlapping ranges was addressed through improved validation.", "id": "CVE-2016-7667", "impact": "Processing a maliciously crafted string may lead to a denial of service", "links": [ "https://support.apple.com/en-us/HT207422", "https://support.apple.com/en-us/HT207423", "https://support.apple.com/en-us/HT207425" ], "module": "CoreText", "rsr": "", "update": "December 15, 2016" }, { "available": [ "iOS 10.0 and later", "macOS 10.12 and later" ], "credit": "Reno Robert", "description": "A memory corruption issue existed in parsing a maliciously crafted document. This issue was addressed through improved memory handling.", "id": "CVE-2016-7672", "impact": "Opening a maliciously crafted document may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207623", "https://support.apple.com/en-us/HT207644" ], "module": "Pages, Numbers, and Keynote", "rsr": "", "update": "April 3, 2017" }, { "available": [ "All Apple Watch models" ], "credit": "Proteas of Qihoo 360 Nirvan Team", "description": "Multiple policy enforcement issues with Wi-Fi sharing. These issues were addressed with improved entitlement checks.", "id": "CVE-2016-7699", "impact": "App extensions may obtain internet access", "links": [ "https://support.apple.com/en-us/HT207141" ], "module": "Wi-Fi Manager", "rsr": "", "update": "May 17, 2017" }, { "available": [ "Apple TV (4th generation)", "Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes", "OS X El Capitan v10.11 and later", "iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later" ], "credit": "Craig Young of Tripwire VERT", "description": "A memory corruption issue was addressed through improved memory handling.", "id": "CVE-2016-7705", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT206902", "https://support.apple.com/en-us/HT206903", "https://support.apple.com/en-us/HT206904", "https://support.apple.com/en-us/HT206905" ], "module": "ImageIO", "rsr": "", "update": "November 30, 2017" }, { "available": [ "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.1" ], "credit": "Qidan He (@flanker_hqd) from KeenLab working with Trend Micro's Zero Day Initiative", "description": "A shared memory issue was addressed through improved memory handling.", "id": "CVE-2016-7714", "impact": "A local user may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT207422", "https://support.apple.com/en-us/HT207423", "https://support.apple.com/en-us/HT207425" ], "module": "IOKit", "rsr": "", "update": "January 25, 2017" }, { "available": [ "macOS Sierra 10.12.1" ], "credit": "Gareth Evans of Context Information Security", "description": "The use of an uninitialized variable was addressed through improved validation.", "id": "CVE-2016-7742", "impact": "Opening a maliciously crafted archive may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207423" ], "module": "xar", "rsr": "", "update": "January 10, 2017" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Fatma Y\u0131lmaz of Ptt Genel M\u00fcd\u00fcrl\u00fc\u011f\u00fc from Ankara", "description": "An issue existed in Springboard which displayed cached snapshots containing sensitive data in the Task Switcher. This issue was addressed by displaying updated snapshots.", "id": "CVE-2016-7759", "impact": "Sensitive data may be exposed in application snapshots presented in the Task Switcher", "links": [ "https://support.apple.com/en-us/HT207143" ], "module": "Springboard", "rsr": "", "update": "January 17, 2017" }, { "available": [ "macOS Sierra 10.12.1" ], "credit": "Peter Loos, Karlsruhe, Germany", "description": "Network configuration was unexpectedly global. This issue was addressed by moving sensitive network configuration to per-user settings.", "id": "CVE-2016-7761", "impact": "A malicious local user may be able to view sensitive network configuration information", "links": [ "https://support.apple.com/en-us/HT207423" ], "module": "Wi-Fi", "rsr": "", "update": "January 24, 2017" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "YongShao (Zhiyong Feng from JDSEC 1aq.com\u200d)", "description": "An issue existed in displaying documents in Safari. This issue was addressed through improved input validation.", "id": "CVE-2016-7762", "impact": "Processing maliciously crafted web content may lead to cross site scripting", "links": [ "https://support.apple.com/en-us/HT207422" ], "module": "WebKit", "rsr": "", "update": "January 24, 2017" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "CongRong (@Tr3jer)", "description": "The clipboard contents were accessible before device unlock. This issue was addressed through improved state management.", "id": "CVE-2016-7765", "impact": "A local attacker may be able to access clipboard contents", "links": [ "https://support.apple.com/en-us/HT207422" ], "module": "Clipboard", "rsr": "", "update": "January 17, 2017" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Jun Yang(\u6768\u541b) of Tencent's WeiXin Group", "description": "An access issue was addressed through additional sandbox restrictions on third party applications.", "id": "CVE-2016-7766", "impact": "A malicious application may gain access to a device's MAC address", "links": [ "https://support.apple.com/en-us/HT207422" ], "module": "Kernel", "rsr": "", "update": "May 31, 2017" }, { "available": [ "macOS Sierra 10.12.1" ], "credit": "", "description": "Multiple issues existed in curl. These issues were addressed by updating to curl version 7.51.0.", "id": "CVE-2016-8615", "impact": "An attacker in a privileged network position may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT207423" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.1" ], "credit": "", "description": "Multiple issues existed in curl. These issues were addressed by updating to curl version 7.51.0.", "id": "CVE-2016-8616", "impact": "An attacker in a privileged network position may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT207423" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.1" ], "credit": "", "description": "Multiple issues existed in curl. These issues were addressed by updating to curl version 7.51.0.", "id": "CVE-2016-8617", "impact": "An attacker in a privileged network position may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT207423" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.1" ], "credit": "", "description": "Multiple issues existed in curl. These issues were addressed by updating to curl version 7.51.0.", "id": "CVE-2016-8618", "impact": "An attacker in a privileged network position may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT207423" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.1" ], "credit": "", "description": "Multiple issues existed in curl. These issues were addressed by updating to curl version 7.51.0.", "id": "CVE-2016-8619", "impact": "An attacker in a privileged network position may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT207423" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.1" ], "credit": "", "description": "Multiple issues existed in curl. These issues were addressed by updating to curl version 7.51.0.", "id": "CVE-2016-8620", "impact": "An attacker in a privileged network position may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT207423" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.1" ], "credit": "", "description": "Multiple issues existed in curl. These issues were addressed by updating to curl version 7.51.0.", "id": "CVE-2016-8621", "impact": "An attacker in a privileged network position may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT207423" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.1" ], "credit": "", "description": "Multiple issues existed in curl. These issues were addressed by updating to curl version 7.51.0.", "id": "CVE-2016-8622", "impact": "An attacker in a privileged network position may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT207423" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.1" ], "credit": "", "description": "Multiple issues existed in curl. These issues were addressed by updating to curl version 7.51.0.", "id": "CVE-2016-8623", "impact": "An attacker in a privileged network position may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT207423" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.1" ], "credit": "", "description": "Multiple issues existed in curl. These issues were addressed by updating to curl version 7.51.0.", "id": "CVE-2016-8624", "impact": "An attacker in a privileged network position may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT207423" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.1" ], "credit": "", "description": "Multiple issues existed in curl. These issues were addressed by updating to curl version 7.51.0.", "id": "CVE-2016-8625", "impact": "An attacker in a privileged network position may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT207423" ], "module": "curl", "rsr": "", "update": "" } ] ================================================ FILE: 2016/README.md ================================================ # Apple CVE 2016 * data source: https://support.apple.com/en-us/HT201222 * [2016.json](2016.json) ## Modules | Index | Module Name | CVE Count | |:-----:|:------------------ |:---------:| | 1 | WebKit | 102 | | 2 | Kernel | 46 | | 3 | apache_mod_php | 36 | | 4 | libxml2 | 31 | | 5 | QuickTime | 20 | | 6 | curl | 17 | | 7 | IOAcceleratorFamily | 14 | | 8 | ImageIO | 13 | | 9 | IDE Xcode Server | 10 | | 10 | IOHIDFamily | 9 | | 11 | libxslt | 9 | | 12 | Intel Graphics Driver | 9 | | 13 | Audio | 9 | | 14 | FontParser | 8 | | 15 | Security | 8 | | 16 | OpenSSL | 6 | | 17 | Bluetooth | 6 | | 18 | Messages | 6 | | 19 | ATS | 5 | | 20 | Safari | 4 | | 21 | IOKit | 4 | | 22 | Libc | 4 | | 23 | Code Signing | 4 | | 24 | OpenSSH | 4 | | 25 | CoreText | 4 | | 26 | Disk Images | 4 | | 27 | NVIDIA Graphics Drivers | 4 | | 28 | WebKit Page Loading | 4 | | 29 | CFNetwork Proxies | 4 | | 30 | Sandbox Profiles | 4 | | 31 | CoreGraphics | 4 | | 32 | Login Window | 4 | | 33 | libxpc | 3 | | 34 | CoreMedia Playback | 3 | | 35 | Wi-Fi | 3 | | 36 | AppleGraphicsPowerManagement | 3 | | 37 | IOFireWireFamily | 3 | | 38 | otool | 3 | | 39 | Accessibility | 3 | | 40 | AppleGraphicsControl | 3 | | 41 | LibreSSL | 3 | | 42 | CFNetwork | 3 | | 43 | libarchive | 3 | | 44 | Mail | 3 | | 45 | Python | 2 | | 46 | subversion | 2 | | 47 | syslog | 2 | | 48 | WebSheet | 2 | | 49 | AppleRAID | 2 | | 50 | IOGraphics | 2 | | 51 | Profiles | 2 | | 52 | AMD | 2 | | 53 | CommonCrypto | 2 | | 54 | CoreCapture | 2 | | 55 | CoreStorage | 2 | | 56 | Graphics Drivers | 2 | | 57 | IOAudioFamily | 2 | | 58 | Git | 2 | | 59 | Safari Reader | 2 | | 60 | IOSurface | 2 | | 61 | FaceTime | 2 | | 62 | AppleMobileFileIntegrity | 2 | | 63 | AppleUUC | 2 | | 64 | WindowServer | 2 | | 65 | IDS - Connectivity | 2 | | 66 | Assets | 2 | | 67 | SpringBoard | 2 | | 68 | bsdiff | 1 | | 69 | Location Framework | 1 | | 70 | bootp | 1 | | 71 | CloudKit | 1 | | 72 | Office Viewer | 1 | | 73 | CFPreferences | 1 | | 74 | DiskImages | 1 | | 75 | Sandbox_profiles | 1 | | 76 | libpthread | 1 | | 77 | QL Office | 1 | | 78 | Libinfo | 1 | | 79 | AirPort Base Station Firmware | 1 | | 80 | Ruby | 1 | | 81 | HTTPProtocol | 1 | | 82 | libexpat | 1 | | 83 | WebKit CSS | 1 | | 84 | OSA Scripts | 1 | | 85 | Apple Software Update | 1 | | 86 | AppleUSBNetworking | 1 | | 87 | Carbon | 1 | | 88 | dyld | 1 | | 89 | iTunes | 1 | | 90 | IOUSBFamily | 1 | | 91 | LaunchServices | 1 | | 92 | Reminders | 1 | | 93 | Safari Downloads | 1 | | 94 | Safari Top Sites | 1 | | 95 | Server App | 1 | | 96 | TrueTypeScaler | 1 | | 97 | Web Server | 1 | | 98 | OpenLDAP | 1 | | 99 | WebKit History | 1 | | 100 | Wiki Server | 1 | | 101 | iBooks Author | 1 | | 102 | Captive Network Assistant | 1 | | 103 | Multi-Touch | 1 | | 104 | Crash Reporter | 1 | | 105 | Disk Utility | 1 | | 106 | libc | 1 | | 107 | MapKit | 1 | | 108 | OpenGL | 1 | | 109 | SceneKit | 1 | | 110 | Screen Lock | 1 | | 111 | Siri | 1 | | 112 | Tcl | 1 | | 113 | WebKit Canvas | 1 | | 114 | Siri Contacts | 1 | | 115 | Safari Login AutoFill | 1 | | 116 | Web Media | 1 | | 117 | Calendar | 1 | | 118 | libc++abi | 1 | | 119 | CFNetwork Credentials | 1 | | 120 | WebKit JavaScript Bindings | 1 | | 121 | IOMobileFrameBuffer | 1 | | 122 | ntfs | 1 | | 123 | AppleSMC | 1 | | 124 | Core Image | 1 | | 125 | iTunes Backup | 1 | | 126 | Contacts | 1 | | 127 | Image Capture | 1 | | 128 | apache | 1 | | 129 | JavaScriptCore | 1 | | 130 | AppleEFIRuntime | 1 | | 131 | Apple HSSPI Support | 1 | | 132 | Application Firewall | 1 | | 133 | cd9660 | 1 | | 134 | CoreCrypto | 1 | | 135 | CoreDisplay | 1 | | 136 | Date & Time Pref Pane | 1 | | 137 | DiskArbitration | 1 | | 138 | File Bookmark | 1 | | 139 | GeoServices | 1 | | 140 | IOThunderboltFamily | 1 | | 141 | mDNSResponder | 1 | | 142 | NSSecureTextField | 1 | | 143 | Kerberos v5 PAM module | 1 | | 144 | Keyboards | 1 | | 145 | Perl | 1 | | 146 | Printing UIKit | 1 | | 147 | S2 Camera | 1 | | 148 | Safari Tabs | 1 | | 149 | ServerDocs Server | 1 | | 150 | Terminal | 1 | | 151 | Thunderbolt | 1 | | 152 | GasGauge | 1 | | 153 | iCloud | 1 | | 154 | ICU | 1 | | 155 | OpenPAM | 1 | | 156 | Local Authentication | 1 | | 157 | Windows Security | 1 | | 158 | Foundation | 1 | | 159 | Grapher | 1 | | 160 | kext tools | 1 | | 161 | Directory Services | 1 | | 162 | Find My iPhone | 1 | | 163 | Accounts | 1 | | 164 | Media Player | 1 | | 165 | CoreMedia External Displays | 1 | | 166 | Power Management | 1 | | 167 | CoreFoundation | 1 | | 168 | Graphics Driver | 1 | | 169 | iTMSTransporter | 1 | | 170 | Pages, Numbers, and Keynote | 1 | | 171 | Wi-Fi Manager | 1 | | 172 | xar | 1 | | 173 | Springboard | 1 | | 174 | Clipboard | 1 | ================================================ FILE: 2017/2017.json ================================================ [ { "available": [ "macOS 10.12.4 and later" ], "credit": "", "description": "This issue was addressed by adding mod_reqtimeout.", "id": "CVE-2007-6750", "impact": "A remote attacker may be able to cause a denial of service against the HTTP server via partial HTTP requests", "links": [ "https://support.apple.com/en-us/HT207604" ], "module": "Web Server", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5 and later", "Windows 7 and later" ], "credit": "", "description": "Multiple issues existed in expat. These issues were addressed by updating expat to version 2.2.0.", "id": "CVE-2009-3270", "impact": "Multiple issues in expat", "links": [ "https://support.apple.com/en-us/HT207598", "https://support.apple.com/en-us/HT207599" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5 and later", "Windows 7 and later" ], "credit": "", "description": "Multiple issues existed in expat. These issues were addressed by updating expat to version 2.2.0.", "id": "CVE-2009-3560", "impact": "Multiple issues in expat", "links": [ "https://support.apple.com/en-us/HT207598", "https://support.apple.com/en-us/HT207599" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5 and later", "Windows 7 and later" ], "credit": "", "description": "Multiple issues existed in expat. These issues were addressed by updating expat to version 2.2.0.", "id": "CVE-2009-3720", "impact": "Multiple issues in expat", "links": [ "https://support.apple.com/en-us/HT207598", "https://support.apple.com/en-us/HT207599" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5 and later", "Windows 7 and later" ], "credit": "", "description": "Multiple issues existed in expat. These issues were addressed by updating expat to version 2.2.0.", "id": "CVE-2012-1147", "impact": "Multiple issues in expat", "links": [ "https://support.apple.com/en-us/HT207598", "https://support.apple.com/en-us/HT207599" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5 and later", "Windows 7 and later" ], "credit": "", "description": "Multiple issues existed in expat. These issues were addressed by updating expat to version 2.2.0.", "id": "CVE-2012-1148", "impact": "Multiple issues in expat", "links": [ "https://support.apple.com/en-us/HT207598", "https://support.apple.com/en-us/HT207599" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5 and later", "Windows 7 and later" ], "credit": "", "description": "Multiple issues existed in expat. These issues were addressed by updating expat to version 2.2.0.", "id": "CVE-2012-6702", "impact": "Multiple issues in expat", "links": [ "https://support.apple.com/en-us/HT207598", "https://support.apple.com/en-us/HT207599" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5 and later", "Windows 7 and later" ], "credit": "", "description": "Multiple issues existed in SQLite. These issues were addressed by updating SQLite to version 3.15.2.", "id": "CVE-2013-7443", "impact": "Multiple issues in SQLite", "links": [ "https://support.apple.com/en-us/HT207598", "https://support.apple.com/en-us/HT207599" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5 and later", "Windows 7 and later" ], "credit": "", "description": "Multiple issues existed in expat. These issues were addressed by updating expat to version 2.2.0.", "id": "CVE-2015-1283", "impact": "Multiple issues in expat", "links": [ "https://support.apple.com/en-us/HT207598", "https://support.apple.com/en-us/HT207599" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5 and later", "Windows 7 and later" ], "credit": "", "description": "Multiple issues existed in SQLite. These issues were addressed by updating SQLite to version 3.15.2.", "id": "CVE-2015-3414", "impact": "Multiple issues in SQLite", "links": [ "https://support.apple.com/en-us/HT207598", "https://support.apple.com/en-us/HT207599" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5 and later", "Windows 7 and later" ], "credit": "", "description": "Multiple issues existed in SQLite. These issues were addressed by updating SQLite to version 3.15.2.", "id": "CVE-2015-3415", "impact": "Multiple issues in SQLite", "links": [ "https://support.apple.com/en-us/HT207598", "https://support.apple.com/en-us/HT207599" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5 and later", "Windows 7 and later" ], "credit": "", "description": "Multiple issues existed in SQLite. These issues were addressed by updating SQLite to version 3.15.2.", "id": "CVE-2015-3416", "impact": "Multiple issues in SQLite", "links": [ "https://support.apple.com/en-us/HT207598", "https://support.apple.com/en-us/HT207599" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5 and later", "Windows 7 and later" ], "credit": "", "description": "Multiple issues existed in SQLite. These issues were addressed by updating SQLite to version 3.15.2.", "id": "CVE-2015-3717", "impact": "Multiple issues in SQLite", "links": [ "https://support.apple.com/en-us/HT207598", "https://support.apple.com/en-us/HT207599" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5 and later", "Windows 7 and later" ], "credit": "", "description": "Multiple issues existed in SQLite. These issues were addressed by updating SQLite to version 3.15.2.", "id": "CVE-2015-6607", "impact": "Multiple issues in SQLite", "links": [ "https://support.apple.com/en-us/HT207598", "https://support.apple.com/en-us/HT207599" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5 and later", "Windows 7 and later" ], "credit": "", "description": "Multiple issues existed in expat. These issues were addressed by updating expat to version 2.2.0.", "id": "CVE-2016-0718", "impact": "Multiple issues in expat", "links": [ "https://support.apple.com/en-us/HT207598", "https://support.apple.com/en-us/HT207599" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion 10.8 and later", "macOS Sierra 10.12.3", "macOS Sierra 10.12.6, OS X El Capitan 10.11.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 2.4.27.", "id": "CVE-2016-0736", "impact": "Multiple issues in Apache", "links": [ "https://support.apple.com/en-us/HT207615", "https://support.apple.com/en-us/HT208144", "https://support.apple.com/en-us/HT208221" ], "module": "apache", "rsr": "", "update": "November 14, 2017" }, { "available": [ "macOS 10.12.4 and later" ], "credit": "", "description": "A crafted request may cause a global cache to grow indefinitely, leading to a denial-of-service. This was addressed by not caching unknown MIME types.", "id": "CVE-2016-0751", "impact": "A remote user may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/HT207604" ], "module": "Profile Manager", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "Multiple issues existed in OpenSSH before version 7.4. These were addressed by updating OpenSSH to version 7.4.", "id": "CVE-2016-10009", "impact": "Multiple issues in OpenSSH", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "OpenSSH", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "Multiple issues existed in OpenSSH before version 7.4. These were addressed by updating OpenSSH to version 7.4.", "id": "CVE-2016-10010", "impact": "Multiple issues in OpenSSH", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "OpenSSH", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "Multiple issues existed in OpenSSH before version 7.4. These were addressed by updating OpenSSH to version 7.4.", "id": "CVE-2016-10011", "impact": "Multiple issues in OpenSSH", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "OpenSSH", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "Multiple issues existed in OpenSSH before version 7.4. These were addressed by updating OpenSSH to version 7.4.", "id": "CVE-2016-10012", "impact": "Multiple issues in OpenSSH", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "OpenSSH", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "Multiple issues existed in PHP before 5.6.30. These were addressed by updating PHP to version 5.6.30.", "id": "CVE-2016-10158", "impact": "Multiple issues existed in PHP before 5.6.30", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "Multiple issues existed in PHP before 5.6.30. These were addressed by updating PHP to version 5.6.30.", "id": "CVE-2016-10159", "impact": "Multiple issues existed in PHP before 5.6.30", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "Multiple issues existed in PHP before 5.6.30. These were addressed by updating PHP to version 5.6.30.", "id": "CVE-2016-10160", "impact": "Multiple issues existed in PHP before 5.6.30", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "Multiple issues existed in PHP before 5.6.30. These were addressed by updating PHP to version 5.6.30.", "id": "CVE-2016-10161", "impact": "Multiple issues existed in PHP before 5.6.30", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.2" ], "credit": "Florian Larysch", "description": "An input validation issue existed in modelines. This was addressed through improved input validation.", "id": "CVE-2016-1248", "impact": "Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207483" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion 10.8 and later", "macOS Sierra 10.12.3", "macOS Sierra 10.12.6, OS X El Capitan 10.11.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 2.4.27.", "id": "CVE-2016-2161", "impact": "Multiple issues in Apache", "links": [ "https://support.apple.com/en-us/HT207615", "https://support.apple.com/en-us/HT208144", "https://support.apple.com/en-us/HT208221" ], "module": "apache", "rsr": "", "update": "November 14, 2017" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.3" ], "credit": "", "description": "An out-of-bound read existed in LibTIFF versions before 4.0.7. This was addressed by updating LibTIFF in ImageIO to version 4.0.7.", "id": "CVE-2016-3619", "impact": "Processing a maliciously crafted image may lead to unexpected application termination", "links": [ "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207602", "https://support.apple.com/en-us/HT207615", "https://support.apple.com/en-us/HT207617" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5 and later", "Windows 7 and later" ], "credit": "", "description": "Multiple issues existed in expat. These issues were addressed by updating expat to version 2.2.0.", "id": "CVE-2016-4472", "impact": "Multiple issues in expat", "links": [ "https://support.apple.com/en-us/HT207598", "https://support.apple.com/en-us/HT207599" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "OS X El Capitan v10.11.6 and OS X Yosemite v10.10.5" ], "credit": "Simon Huang of Alipay company", "description": "A buffer overflow existed in the handling of font files. This issue was addressed through improved bounds checking.", "id": "CVE-2016-4688", "impact": "Processing a maliciously crafted font file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207487", "https://support.apple.com/en-us/HT207615" ], "module": "FontParser", "rsr": "", "update": "April 11, 2017" }, { "available": [ "All Apple Watch models" ], "credit": "riusksk(\u6cc9\u54e5) of Tencent Security Platform Department", "description": "Multiple memory corruption issues existed in the handling of font files. These issues were addressed through improved bounds checking.", "id": "CVE-2016-4691", "impact": "Processing a maliciously crafted font file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207487" ], "module": "FontParser", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models" ], "credit": "Ga\u00ebtan Leurent and Karthikeyan Bhargavan from INRIA Paris", "description": "3DES was removed as a default cipher.", "id": "CVE-2016-4693", "impact": "An attacker may be able to exploit weaknesses in the 3DES cryptographic algorithm", "links": [ "https://support.apple.com/en-us/HT207487" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion 10.8 and later", "macOS Sierra 10.12.6, OS X El Capitan 10.11.6" ], "credit": "Proteas of Qihoo 360 Nirvan Team", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2016-4736", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT208144", "https://support.apple.com/en-us/HT208221" ], "module": "libarchive", "rsr": "", "update": "December 21, 2017" }, { "available": [ "OS X Mavericks v10.9.5 and later", "Windows 7 and later" ], "credit": "", "description": "Multiple issues existed in expat. These issues were addressed by updating expat to version 2.2.0.", "id": "CVE-2016-5300", "impact": "Multiple issues in expat", "links": [ "https://support.apple.com/en-us/HT207598", "https://support.apple.com/en-us/HT207599" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion 10.8 and later", "macOS Sierra 10.12.3", "macOS Sierra 10.12.6, OS X El Capitan 10.11.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 2.4.27.", "id": "CVE-2016-5387", "impact": "Multiple issues in Apache", "links": [ "https://support.apple.com/en-us/HT207615", "https://support.apple.com/en-us/HT208144", "https://support.apple.com/en-us/HT208221" ], "module": "apache", "rsr": "", "update": "November 14, 2017" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "A memory corruption issue existed in the handling of zip archives. This issue was addressed through improved input validation.", "id": "CVE-2016-5636", "impact": "Processing maliciously crafted zip archives with Python may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "python", "rsr": "", "update": "" }, { "available": [ "OS X Mavericks v10.9.5 and later", "Windows 7 and later" ], "credit": "", "description": "Multiple issues existed in SQLite. These issues were addressed by updating SQLite to version 3.15.2.", "id": "CVE-2016-6153", "impact": "Multiple issues in SQLite", "links": [ "https://support.apple.com/en-us/HT207598", "https://support.apple.com/en-us/HT207599" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3", "macOS Sierra 10.12.3 and OS X El Capitan v10.11.6" ], "credit": "Cesar Pereida Garc\u00eda and Billy Brumley (Tampere University of Technology)", "description": "A timing side channel allowed an attacker to recover keys. This issue was addressed by introducing constant time computation.", "id": "CVE-2016-7056", "impact": "A local user may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "LibreSSL", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "Ulf Frisk (@UlfFrisk)", "description": "An issue existed in the handling of DMA. This issue was addressed by enabling VT-d in EFI.", "id": "CVE-2016-7585", "impact": "A malicious Thunderbolt adapter may be able to recover the FileVault 2 encryption password", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "EFI", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models" ], "credit": "dragonltx of Huawei 2012 Laboratories", "description": "A memory corruption issue was addressed through improved memory handling.", "id": "CVE-2016-7588", "impact": "Processing a maliciously crafted .mp4 file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207487" ], "module": "CoreMedia Playback", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models" ], "credit": "Apple", "description": "A memory corruption issue was addressed through improved state management.", "id": "CVE-2016-7589", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207487" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models" ], "credit": "daybreaker of Minionz", "description": "A use after free issue was addressed through improved memory management.", "id": "CVE-2016-7591", "impact": "A local application with system privileges may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207487" ], "module": "IOHIDFamily", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models" ], "credit": "Andr\u00e9 Bargull", "description": "A memory corruption issue was addressed through improved memory handling.", "id": "CVE-2016-7594", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207487" ], "module": "ICU", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models" ], "credit": "riusksk(\u6cc9\u54e5) of Tencent Security Platform Department", "description": "Multiple memory corruption issues existed in the handling of font files. These issues were addressed through improved bounds checking.", "id": "CVE-2016-7595", "impact": "Processing a maliciously crafted font file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207487" ], "module": "CoreText", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models" ], "credit": "Chen Qin of Topsec Alpha Team (topsec.com), @cocoahuke", "description": "Multiple memory corruption issues were addressed through improved input validation.", "id": "CVE-2016-7606", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207487" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models" ], "credit": "Brandon Azad", "description": "An insufficient initialization issue was addressed by properly initializing memory returned to user space.", "id": "CVE-2016-7607", "impact": "An application may be able to read kernel memory", "links": [ "https://support.apple.com/en-us/HT207487" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models" ], "credit": "Ian Beer of Google Project Zero", "description": "Multiple memory corruption issues were addressed through improved input validation.", "id": "CVE-2016-7612", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207487" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models" ], "credit": "The UK's National Cyber Security Centre (NCSC)", "description": "A denial of service issue was addressed through improved memory handling.", "id": "CVE-2016-7615", "impact": "A local user may be able to cause a system denial of service", "links": [ "https://support.apple.com/en-us/HT207487" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models" ], "credit": "daybreaker@Minionz working with Trend Micro's Zero Day Initiative", "description": "A memory corruption issue was addressed through improved input validation.", "id": "CVE-2016-7616", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207487" ], "module": "Disk Images", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models" ], "credit": "an anonymous researcher", "description": "A validation issue existed in the handling of symlinks. This issue was addressed through improved validation of symlinks.", "id": "CVE-2016-7619", "impact": "A local attacker may be able to overwrite existing files", "links": [ "https://support.apple.com/en-us/HT207487" ], "module": "libarchive", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models" ], "credit": "Ian Beer of Google Project Zero", "description": "A use after free issue was addressed through improved memory management.", "id": "CVE-2016-7621", "impact": "A local user may be able to cause an unexpected system termination or arbitrary code execution in the kernel", "links": [ "https://support.apple.com/en-us/HT207487" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models" ], "credit": "Maksymilian Arciemowicz (cxsecurity.com)", "description": "A memory corruption issue existed in the handling of certificate profiles. This issue was addressed through improved input validation.", "id": "CVE-2016-7626", "impact": "Opening a maliciously crafted certificate may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207487" ], "module": "Profiles", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models" ], "credit": "TRAPMINE Inc. & Meysam Firouzi @R00tkitSMM", "description": "A null pointer dereference was addressed through improved input validation.", "id": "CVE-2016-7627", "impact": "Processing a maliciously crafted font file may lead to unexpected application termination", "links": [ "https://support.apple.com/en-us/HT207487" ], "module": "CoreGraphics", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models" ], "credit": "Maksymilian Arciemowicz (cxsecurity.com)", "description": "A validation issue existed in the handling of OCSP responder URLs. This issue was addressed by verifying OCSP revocation status after CA validation and limiting the number of OCSP requests per certificate.", "id": "CVE-2016-7636", "impact": "An attacker in a privileged network position may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT207487" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models" ], "credit": "Ian Beer of Google Project Zero", "description": "A memory corruption issue was addressed through improved input validation.", "id": "CVE-2016-7637", "impact": "A local user may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/HT207487" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models" ], "credit": "Yangkang (@dnpushme) of Qihoo360 Qex Team", "description": "An out-of-bounds read was addressed through improved bounds checking.", "id": "CVE-2016-7643", "impact": "A remote attacker may be able to leak memory", "links": [ "https://support.apple.com/en-us/HT207487" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models" ], "credit": "Ian Beer of Google Project Zero", "description": "A use after free issue was addressed through improved memory management.", "id": "CVE-2016-7644", "impact": "A local application with system privileges may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207487" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models" ], "credit": "Lufeng Li of Qihoo 360 Vulcan Team", "description": "A denial of service issue was addressed through improved memory handling.", "id": "CVE-2016-7647", "impact": "An application may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT207487" ], "module": "Kernel", "rsr": "", "update": "May 17, 2017" }, { "available": [ "All Apple Watch models" ], "credit": "Ju Zhu and Lilang Wu of Trend Micro", "description": "An issue existed which did not reset the authorization settings on app uninstall. This issue was addressed through improved sanitization.", "id": "CVE-2016-7651", "impact": "Uninstalling an app did not reset the authorization settings", "links": [ "https://support.apple.com/en-us/HT207487" ], "module": "Accounts", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models" ], "credit": "Keen Lab working with Trend Micro's Zero Day Initiative", "description": "A memory corruption issue was addressed through improved input validation.", "id": "CVE-2016-7657", "impact": "An application may be able to read kernel memory", "links": [ "https://support.apple.com/en-us/HT207487" ], "module": "IOKit", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models" ], "credit": "Haohao Kong of Keen Lab (@keen_lab) of Tencent", "description": "A memory corruption issue was addressed through improved input validation.", "id": "CVE-2016-7658", "impact": "Processing a maliciously crafted file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207487" ], "module": "Audio", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models" ], "credit": "Haohao Kong of Keen Lab (@keen_lab) of Tencent", "description": "A memory corruption issue was addressed through improved input validation.", "id": "CVE-2016-7659", "impact": "Processing a maliciously crafted file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207487" ], "module": "Audio", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models" ], "credit": "Ian Beer of Google Project Zero", "description": "An issue in mach port name references was addressed through improved validation.", "id": "CVE-2016-7660", "impact": "A local user may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/HT207487" ], "module": "syslog", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models" ], "credit": "Apple", "description": "A certificate evaluation issue existed in certificate validation. This issue was addressed through additional validation of certificates.", "id": "CVE-2016-7662", "impact": "Certificates may be unexpectedly evaluated as trusted", "links": [ "https://support.apple.com/en-us/HT207487" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models" ], "credit": "an anonymous researcher", "description": "A memory corruption issue existed in the processing of strings. This issue was addressed through improved bounds checking.", "id": "CVE-2016-7663", "impact": "Processing maliciously crafted strings may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207487" ], "module": "CoreFoundation", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models" ], "credit": "Qidan He (@flanker_hqd) from KeenLab working with Trend Micro's Zero Day Initiative", "description": "A shared memory issue was addressed through improved memory handling.", "id": "CVE-2016-7714", "impact": "A local user may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT207487" ], "module": "IOKit", "rsr": "", "update": "January 25, 2017" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "Multiple issues existed in tcpdump before 4.9.0. These were addressed by updating tcpdump to version 4.9.0.", "id": "CVE-2016-7922", "impact": "An attacker in a privileged network position may be able to execute arbitrary code with user assistance", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "Multiple issues existed in tcpdump before 4.9.0. These were addressed by updating tcpdump to version 4.9.0.", "id": "CVE-2016-7923", "impact": "An attacker in a privileged network position may be able to execute arbitrary code with user assistance", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "Multiple issues existed in tcpdump before 4.9.0. These were addressed by updating tcpdump to version 4.9.0.", "id": "CVE-2016-7924", "impact": "An attacker in a privileged network position may be able to execute arbitrary code with user assistance", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "Multiple issues existed in tcpdump before 4.9.0. These were addressed by updating tcpdump to version 4.9.0.", "id": "CVE-2016-7925", "impact": "An attacker in a privileged network position may be able to execute arbitrary code with user assistance", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "Multiple issues existed in tcpdump before 4.9.0. These were addressed by updating tcpdump to version 4.9.0.", "id": "CVE-2016-7926", "impact": "An attacker in a privileged network position may be able to execute arbitrary code with user assistance", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "Multiple issues existed in tcpdump before 4.9.0. These were addressed by updating tcpdump to version 4.9.0.", "id": "CVE-2016-7927", "impact": "An attacker in a privileged network position may be able to execute arbitrary code with user assistance", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "Multiple issues existed in tcpdump before 4.9.0. These were addressed by updating tcpdump to version 4.9.0.", "id": "CVE-2016-7928", "impact": "An attacker in a privileged network position may be able to execute arbitrary code with user assistance", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "Multiple issues existed in tcpdump before 4.9.0. These were addressed by updating tcpdump to version 4.9.0.", "id": "CVE-2016-7929", "impact": "An attacker in a privileged network position may be able to execute arbitrary code with user assistance", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "Multiple issues existed in tcpdump before 4.9.0. These were addressed by updating tcpdump to version 4.9.0.", "id": "CVE-2016-7930", "impact": "An attacker in a privileged network position may be able to execute arbitrary code with user assistance", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "Multiple issues existed in tcpdump before 4.9.0. These were addressed by updating tcpdump to version 4.9.0.", "id": "CVE-2016-7931", "impact": "An attacker in a privileged network position may be able to execute arbitrary code with user assistance", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "Multiple issues existed in tcpdump before 4.9.0. These were addressed by updating tcpdump to version 4.9.0.", "id": "CVE-2016-7932", "impact": "An attacker in a privileged network position may be able to execute arbitrary code with user assistance", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "Multiple issues existed in tcpdump before 4.9.0. These were addressed by updating tcpdump to version 4.9.0.", "id": "CVE-2016-7933", "impact": "An attacker in a privileged network position may be able to execute arbitrary code with user assistance", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "Multiple issues existed in tcpdump before 4.9.0. These were addressed by updating tcpdump to version 4.9.0.", "id": "CVE-2016-7934", "impact": "An attacker in a privileged network position may be able to execute arbitrary code with user assistance", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "Multiple issues existed in tcpdump before 4.9.0. These were addressed by updating tcpdump to version 4.9.0.", "id": "CVE-2016-7935", "impact": "An attacker in a privileged network position may be able to execute arbitrary code with user assistance", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "Multiple issues existed in tcpdump before 4.9.0. These were addressed by updating tcpdump to version 4.9.0.", "id": "CVE-2016-7936", "impact": "An attacker in a privileged network position may be able to execute arbitrary code with user assistance", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "Multiple issues existed in tcpdump before 4.9.0. These were addressed by updating tcpdump to version 4.9.0.", "id": "CVE-2016-7937", "impact": "An attacker in a privileged network position may be able to execute arbitrary code with user assistance", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "Multiple issues existed in tcpdump before 4.9.0. These were addressed by updating tcpdump to version 4.9.0.", "id": "CVE-2016-7938", "impact": "An attacker in a privileged network position may be able to execute arbitrary code with user assistance", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "Multiple issues existed in tcpdump before 4.9.0. These were addressed by updating tcpdump to version 4.9.0.", "id": "CVE-2016-7939", "impact": "An attacker in a privileged network position may be able to execute arbitrary code with user assistance", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "Multiple issues existed in tcpdump before 4.9.0. These were addressed by updating tcpdump to version 4.9.0.", "id": "CVE-2016-7940", "impact": "An attacker in a privileged network position may be able to execute arbitrary code with user assistance", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "Multiple issues existed in tcpdump before 4.9.0. These were addressed by updating tcpdump to version 4.9.0.", "id": "CVE-2016-7973", "impact": "An attacker in a privileged network position may be able to execute arbitrary code with user assistance", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "Multiple issues existed in tcpdump before 4.9.0. These were addressed by updating tcpdump to version 4.9.0.", "id": "CVE-2016-7974", "impact": "An attacker in a privileged network position may be able to execute arbitrary code with user assistance", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "Multiple issues existed in tcpdump before 4.9.0. These were addressed by updating tcpdump to version 4.9.0.", "id": "CVE-2016-7975", "impact": "An attacker in a privileged network position may be able to execute arbitrary code with user assistance", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "Multiple issues existed in tcpdump before 4.9.0. These were addressed by updating tcpdump to version 4.9.0.", "id": "CVE-2016-7983", "impact": "An attacker in a privileged network position may be able to execute arbitrary code with user assistance", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "Multiple issues existed in tcpdump before 4.9.0. These were addressed by updating tcpdump to version 4.9.0.", "id": "CVE-2016-7984", "impact": "An attacker in a privileged network position may be able to execute arbitrary code with user assistance", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "Multiple issues existed in tcpdump before 4.9.0. These were addressed by updating tcpdump to version 4.9.0.", "id": "CVE-2016-7985", "impact": "An attacker in a privileged network position may be able to execute arbitrary code with user assistance", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "Multiple issues existed in tcpdump before 4.9.0. These were addressed by updating tcpdump to version 4.9.0.", "id": "CVE-2016-7986", "impact": "An attacker in a privileged network position may be able to execute arbitrary code with user assistance", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "Multiple issues existed in tcpdump before 4.9.0. These were addressed by updating tcpdump to version 4.9.0.", "id": "CVE-2016-7992", "impact": "An attacker in a privileged network position may be able to execute arbitrary code with user assistance", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "Multiple issues existed in tcpdump before 4.9.0. These were addressed by updating tcpdump to version 4.9.0.", "id": "CVE-2016-7993", "impact": "An attacker in a privileged network position may be able to execute arbitrary code with user assistance", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "Multiple issues existed in tcpdump before 4.9.0. These were addressed by updating tcpdump to version 4.9.0.", "id": "CVE-2016-8574", "impact": "An attacker in a privileged network position may be able to execute arbitrary code with user assistance", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "Multiple issues existed in tcpdump before 4.9.0. These were addressed by updating tcpdump to version 4.9.0.", "id": "CVE-2016-8575", "impact": "An attacker in a privileged network position may be able to execute arbitrary code with user assistance", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.2" ], "credit": "", "description": "Multiple issues were addressed by updating to PHP version 5.6.28.", "id": "CVE-2016-8670", "impact": "Multiple issues in PHP", "links": [ "https://support.apple.com/en-us/HT207483" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.2" ], "credit": "Agostino Sarubbo of Gentoo", "description": "A buffer overflow issue was addressed through improved memory handling.", "id": "CVE-2016-8687", "impact": "Unpacking a maliciously crafted archive may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207482", "https://support.apple.com/en-us/HT207483", "https://support.apple.com/en-us/HT207485", "https://support.apple.com/en-us/HT207487" ], "module": "libarchive", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion 10.8 and later", "macOS Sierra 10.12.3", "macOS Sierra 10.12.6, OS X El Capitan 10.11.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 2.4.27.", "id": "CVE-2016-8740", "impact": "Multiple issues in Apache", "links": [ "https://support.apple.com/en-us/HT207615", "https://support.apple.com/en-us/HT208144", "https://support.apple.com/en-us/HT208221" ], "module": "apache", "rsr": "", "update": "November 14, 2017" }, { "available": [ "OS X Mountain Lion 10.8 and later", "macOS Sierra 10.12.3", "macOS Sierra 10.12.6, OS X El Capitan 10.11.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 2.4.27.", "id": "CVE-2016-8743", "impact": "Multiple issues in Apache", "links": [ "https://support.apple.com/en-us/HT207615", "https://support.apple.com/en-us/HT208144", "https://support.apple.com/en-us/HT208221" ], "module": "apache", "rsr": "", "update": "November 14, 2017" }, { "available": [ "OS X Mountain Lion 10.8 and later" ], "credit": "Matthew Van Gundy of Cisco", "description": "Multiple issues were addressed by updating to version 4.2.8p10", "id": "CVE-2016-9042", "impact": "Multiple issues in ntp", "links": [ "https://support.apple.com/en-us/HT208144" ], "module": "ntp", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Mountain Lion 10.8 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "", "description": "Multiple issues were addressed by updating to version 2.2.1", "id": "CVE-2016-9063", "impact": "Multiple issues in expat", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208115", "https://support.apple.com/en-us/HT208144" ], "module": "libexpat", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "An out-of-bound read existed in LibTIFF versions before 4.0.7. This was addressed by updating LibTIFF in AKCmds to version 4.0.7.", "id": "CVE-2016-9533", "impact": "Processing a maliciously crafted image may lead to unexpected application termination", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "tiffutil", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "An out-of-bound read existed in LibTIFF versions before 4.0.7. This was addressed by updating LibTIFF in AKCmds to version 4.0.7.", "id": "CVE-2016-9535", "impact": "Processing a maliciously crafted image may lead to unexpected application termination", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "tiffutil", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "An out-of-bound read existed in LibTIFF versions before 4.0.7. This was addressed by updating LibTIFF in AKCmds to version 4.0.7.", "id": "CVE-2016-9536", "impact": "Processing a maliciously crafted image may lead to unexpected application termination", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "tiffutil", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "An out-of-bound read existed in LibTIFF versions before 4.0.7. This was addressed by updating LibTIFF in AKCmds to version 4.0.7.", "id": "CVE-2016-9537", "impact": "Processing a maliciously crafted image may lead to unexpected application termination", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "tiffutil", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "An out-of-bound read existed in LibTIFF versions before 4.0.7. This was addressed by updating LibTIFF in AKCmds to version 4.0.7.", "id": "CVE-2016-9538", "impact": "Processing a maliciously crafted image may lead to unexpected application termination", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "tiffutil", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "An out-of-bound read existed in LibTIFF versions before 4.0.7. This was addressed by updating LibTIFF in AKCmds to version 4.0.7.", "id": "CVE-2016-9539", "impact": "Processing a maliciously crafted image may lead to unexpected application termination", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "tiffutil", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "An out-of-bound read existed in LibTIFF versions before 4.0.7. This was addressed by updating LibTIFF in AKCmds to version 4.0.7.", "id": "CVE-2016-9540", "impact": "Processing a maliciously crafted image may lead to unexpected application termination", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "tiffutil", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3", "macOS Sierra 10.12.5" ], "credit": "", "description": "Multiple issues were addressed by updating to version 7.54.0.", "id": "CVE-2016-9586", "impact": "Multiple issues in curl", "links": [ "https://support.apple.com/en-us/HT207615", "https://support.apple.com/en-us/HT207922" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.5" ], "credit": "", "description": "Multiple issues were addressed by updating to version 7.54.0.", "id": "CVE-2016-9594", "impact": "Multiple issues in curl", "links": [ "https://support.apple.com/en-us/HT207922" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.4", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Gustavo Grieco", "description": "Multiple memory corruption issues were addressed through improved input validation.", "id": "CVE-2016-9642", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207600", "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207617" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.4", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Gustavo Grieco", "description": "An uncontrolled resource consumption issue was addressed through improved regex processing.", "id": "CVE-2016-9643", "impact": "Processing maliciously crafted web content may lead to high memory consumption", "links": [ "https://support.apple.com/en-us/HT207600", "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207602", "https://support.apple.com/en-us/HT207617" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Mountain Lion 10.8 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "", "description": "Multiple issues were addressed by updating to version 1.2.11.", "id": "CVE-2016-9840", "impact": "Multiple issues in zlib", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208115", "https://support.apple.com/en-us/HT208144" ], "module": "zlib", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Mountain Lion 10.8 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "", "description": "Multiple issues were addressed by updating to version 1.2.11.", "id": "CVE-2016-9841", "impact": "Multiple issues in zlib", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208115", "https://support.apple.com/en-us/HT208144" ], "module": "zlib", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Mountain Lion 10.8 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "", "description": "Multiple issues were addressed by updating to version 1.2.11.", "id": "CVE-2016-9842", "impact": "Multiple issues in zlib", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208115", "https://support.apple.com/en-us/HT208144" ], "module": "zlib", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Mountain Lion 10.8 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "", "description": "Multiple issues were addressed by updating to version 1.2.11.", "id": "CVE-2016-9843", "impact": "Multiple issues in zlib", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208115", "https://support.apple.com/en-us/HT208144" ], "module": "zlib", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.2" ], "credit": "", "description": "Multiple issues were addressed by updating to PHP version 5.6.28.", "id": "CVE-2016-9933", "impact": "Multiple issues in PHP", "links": [ "https://support.apple.com/en-us/HT207483" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.2" ], "credit": "", "description": "Multiple issues were addressed by updating to PHP version 5.6.28.", "id": "CVE-2016-9934", "impact": "Multiple issues in PHP", "links": [ "https://support.apple.com/en-us/HT207483" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "Multiple issues existed in PHP before 5.6.30. These were addressed by updating PHP to version 5.6.30.", "id": "CVE-2016-9935", "impact": "Multiple issues existed in PHP before 5.6.30", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Mountain Lion 10.8 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "V.E.O (@VYSEa) of Mobile Threat Research Team, Trend Micro", "description": "An out-of-bounds read was addressed by updating to Opus version 1.1.4.", "id": "CVE-2017-0381", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208115", "https://support.apple.com/en-us/HT208144" ], "module": "CoreAudio", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6, OS X El Capitan 10.11.6" ], "credit": "Even Rouault, found by OSS-Fuzz", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2017-1000100", "impact": "Uploading using TFTP to a maliciously crafted URL with libcurl may disclose application memory", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6, OS X El Capitan 10.11.6" ], "credit": "Brian Carpenter, Yongji Ouyang", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2017-1000101", "impact": "Processing a maliciously crafted URL with libcurl may cause unexpected application termination or read process memory", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.6 or later" ], "credit": "", "description": "An ssh:// URL scheme handling issue was addressed through improved input validation.", "id": "CVE-2017-1000117", "impact": "Checking out a maliciously crafted repository may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208103" ], "module": "Git", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.1" ], "credit": "Max Dymond", "description": "An out-of-bounds read issue existed in the FTP PWD response parsing. This issue was addressed with improved bounds checking.", "id": "CVE-2017-1000254", "impact": "Malicious FTP servers may be able to cause the client to read out-of-bounds memory", "links": [ "https://support.apple.com/en-us/HT208331" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Mountain Lion 10.8 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "", "description": "A memory consumption issue was addressed through improved memory handling.", "id": "CVE-2017-1000373", "impact": "An application may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208115", "https://support.apple.com/en-us/HT208144" ], "module": "libc", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion 10.8 and later", "macOS Sierra 10.12.6, OS X El Capitan 10.11.6" ], "credit": "an anonymous researcher", "description": "Multiple issues were addressed by updating to version 3.2.2.", "id": "CVE-2017-10140", "impact": "Multiple issues in Postfix", "links": [ "https://support.apple.com/en-us/HT208144", "https://support.apple.com/en-us/HT208221" ], "module": "Postfix", "rsr": "", "update": "November 17, 2017" }, { "available": [ "macOS High Sierra 10.13" ], "credit": "", "description": "Multiple issues existed in FreeRADIUS before 2.2.10. These were addressed by updating FreeRADIUS to version 2.2.10.", "id": "CVE-2017-10978", "impact": "Multiple issues in FreeRADIUS", "links": [ "https://support.apple.com/en-us/HT208102" ], "module": "FreeRadius", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13" ], "credit": "", "description": "Multiple issues existed in FreeRADIUS before 2.2.10. These were addressed by updating FreeRADIUS to version 2.2.10.", "id": "CVE-2017-10979", "impact": "Multiple issues in FreeRADIUS", "links": [ "https://support.apple.com/en-us/HT208102" ], "module": "FreeRadius", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Mountain Lion 10.8 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "found by OSS-Fuzz", "description": "Multiple issues were addressed by updating to version 3.19.3.", "id": "CVE-2017-10989", "impact": "Multiple issues in SQLite", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208115", "https://support.apple.com/en-us/HT208144" ], "module": "SQLite", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion 10.8 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, OS X El Capitan 10.11.6" ], "credit": "Jeffrey Altman, Viktor Duchovni, and Nico Williams", "description": "A validation issue existed in the handling of the KDC-REP service name. This issue was addressed with improved validation.", "id": "CVE-2017-11103", "impact": "An attacker in a privileged network position may be able to impersonate a service", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208144", "https://support.apple.com/en-us/HT208221" ], "module": "Heimdal", "rsr": "", "update": "January 22, 2019" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-11108", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Gal Beniamini of Google Project Zero", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-11120", "impact": "An attacker within range may be able to execute arbitrary code on the Wi-Fi chip", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113" ], "module": "Wi-Fi", "rsr": "", "update": "September 25, 2017" }, { "available": [ "Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Gal Beniamini of Google Project Zero", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-11121", "impact": "An attacker within range may be able to execute arbitrary code on the Wi-Fi chip", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113" ], "module": "Wi-Fi", "rsr": "", "update": "September 25, 2017" }, { "available": [ "Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Gal Beniamini of Google Project Zero", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2017-11122", "impact": "A attacker within range may be able to read restricted memory from the Wi-Fi chipset", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113" ], "module": "Wi-Fi", "rsr": "", "update": "October 9, 2017" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-11541", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-11542", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-11543", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.6" ], "credit": "Jakub Wilk", "description": "Public CVE-2017-12837 was addressed by updating the function in Perl 5.18", "id": "CVE-2017-12837", "impact": "This bugs can allow remote attackers to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT208331" ], "module": "Perl", "rsr": "", "update": "October 18, 2018" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-12893", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-12894", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-12895", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-12896", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-12897", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-12898", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-12899", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-12900", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-12901", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-12902", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-12985", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-12986", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-12987", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-12988", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-12989", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-12990", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-12991", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-12992", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-12993", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-12994", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-12995", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-12996", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-12997", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-12998", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-12999", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13000", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13001", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13002", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13003", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13004", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13005", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13006", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13007", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13008", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13009", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13010", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13011", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13012", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13013", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13014", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13015", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13016", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13017", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13018", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13019", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13020", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13021", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13022", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13023", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13024", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13025", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13026", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13027", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13028", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13029", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13030", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13031", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13032", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13033", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13034", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13035", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13036", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13037", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13038", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13039", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13040", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13041", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13042", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13043", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13044", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13045", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13046", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13047", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13048", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13049", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13050", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13051", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13052", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13053", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13054", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13055", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "AirPort Express, AirPort Extreme, and AirPort Time Capsule base stations with 802.11n", "AirPort Extreme and AirPort Time Capsule base stations with 802.11ac", "All Apple Watch models", "Apple TV 4K", "iPhone 8, iPhone 8 Plus, and iPhone X", "macOS High Sierra 10.13, macOS Sierra 10.12.6, OS X El Capitan 10.11.6" ], "credit": "Mathy Vanhoef of the imec-DistriNet group at KU Leuven", "description": "A logic issue existed in the handling of state transitions. This was addressed with improved state management.", "id": "CVE-2017-13077", "impact": "An attacker in Wi-Fi range may force nonce reuse in WPA unicast/PTK clients (Key Reinstallation Attacks - KRACK)", "links": [ "https://support.apple.com/en-us/HT208219", "https://support.apple.com/en-us/HT208220", "https://support.apple.com/en-us/HT208221", "https://support.apple.com/en-us/HT208222", "https://support.apple.com/en-us/HT208258", "https://support.apple.com/en-us/HT208354" ], "module": "AirPort Base Station Firmware", "rsr": "", "update": "" }, { "available": [ "AirPort Express, AirPort Extreme, and AirPort Time Capsule base stations with 802.11n", "AirPort Extreme and AirPort Time Capsule base stations with 802.11ac", "All Apple Watch models", "Apple TV 4K", "iPhone 8, iPhone 8 Plus, and iPhone X", "macOS High Sierra 10.13, macOS Sierra 10.12.6, OS X El Capitan 10.11.6" ], "credit": "Mathy Vanhoef of the imec-DistriNet group at KU Leuven", "description": "A logic issue existed in the handling of state transitions. This was addressed with improved state management.", "id": "CVE-2017-13078", "impact": "An attacker in Wi-Fi range may force nonce reuse in WPA unicast/PTK clients (Key Reinstallation Attacks - KRACK)", "links": [ "https://support.apple.com/en-us/HT208219", "https://support.apple.com/en-us/HT208220", "https://support.apple.com/en-us/HT208221", "https://support.apple.com/en-us/HT208222", "https://support.apple.com/en-us/HT208258", "https://support.apple.com/en-us/HT208354" ], "module": "AirPort Base Station Firmware", "rsr": "", "update": "" }, { "available": [ "AirPort Express, AirPort Extreme, and AirPort Time Capsule base stations with 802.11n", "AirPort Extreme and AirPort Time Capsule base stations with 802.11ac", "Apple TV (4th generation)", "Apple TV 4K", "Apple Watch (1st Generation) and Apple Watch Series 3", "Apple Watch Series 1 and Apple Watch Series 2", "iPhone 6s, iPhone 6s Plus, iPhone 6, iPhone 6 Plus, iPhone SE, iPhone 5s, 12.9-inch iPad Pro 1st generation, iPad Air 2, iPad Air, iPad 5th generation, iPad mini 4, iPad mini 3, iPad mini 2, and iPod touch 6th generation", "iPhone 7 and later, and iPad Pro 9.7-inch (early 2016) and later", "macOS High Sierra 10.13, macOS Sierra 10.12.6, OS X El Capitan 10.11.6" ], "credit": "Mathy Vanhoef of the imec-DistriNet group at KU Leuven", "description": "A logic issue existed in the handling of state transitions. This was addressed with improved state management.", "id": "CVE-2017-13080", "impact": "An attacker in Wi-Fi range may force nonce reuse in WPA multicast/GTK clients (Key Reinstallation Attacks - KRACK)", "links": [ "https://support.apple.com/en-us/HT208219", "https://support.apple.com/en-us/HT208220", "https://support.apple.com/en-us/HT208221", "https://support.apple.com/en-us/HT208222", "https://support.apple.com/en-us/HT208258", "https://support.apple.com/en-us/HT208325", "https://support.apple.com/en-us/HT208327", "https://support.apple.com/en-us/HT208334", "https://support.apple.com/en-us/HT208354" ], "module": "AirPort Base Station Firmware", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13687", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13688", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13689", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13690", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 4.9.2.", "id": "CVE-2017-13725", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Mountain Lion 10.8 and later", "macOS Sierra 10.12.6, OS X El Capitan 10.11.6" ], "credit": "Kevin Backhouse of Semmle Ltd.", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2017-13782", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208115", "https://support.apple.com/en-us/HT208144", "https://support.apple.com/en-us/HT208221" ], "module": "Kernel", "rsr": "", "update": "June 18, 2018" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Ivan Fratric of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-13783", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208219", "https://support.apple.com/en-us/HT208222", "https://support.apple.com/en-us/HT208223", "https://support.apple.com/en-us/HT208224", "https://support.apple.com/en-us/HT208225" ], "module": "WebKit", "rsr": "", "update": "November 2, 2017" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Ivan Fratric of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-13784", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208219", "https://support.apple.com/en-us/HT208222", "https://support.apple.com/en-us/HT208223", "https://support.apple.com/en-us/HT208224", "https://support.apple.com/en-us/HT208225" ], "module": "WebKit", "rsr": "", "update": "November 2, 2017" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Ivan Fratric of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-13785", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208219", "https://support.apple.com/en-us/HT208222", "https://support.apple.com/en-us/HT208223", "https://support.apple.com/en-us/HT208224", "https://support.apple.com/en-us/HT208225" ], "module": "WebKit", "rsr": "", "update": "November 2, 2017" }, { "available": [ "macOS High Sierra 10.13" ], "credit": "Dmytro Oleksiuk", "description": "An issue existed in the handling of DMA. This issue was addressed by limiting the time the FileVault decryption buffers are DMA mapped to the duration of the I/O operation.", "id": "CVE-2017-13786", "impact": "A malicious Thunderbolt adapter may be able to recover unencrypted APFS filesystem data", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "APFS", "rsr": "", "update": "November 10, 2017" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "xisigr of Tencent's Xuanwu Lab (tencent.com)", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-13788", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208219", "https://support.apple.com/en-us/HT208222", "https://support.apple.com/en-us/HT208223", "https://support.apple.com/en-us/HT208224", "https://support.apple.com/en-us/HT208225" ], "module": "WebKit", "rsr": "", "update": "November 2, 2017" }, { "available": [ "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13" ], "credit": "xisigr of Tencent's Xuanwu Lab (tencent.com)", "description": "An inconsistent user interface issue was addressed with improved state management.", "id": "CVE-2017-13789", "impact": "Visiting a malicious website may lead to address bar spoofing", "links": [ "https://support.apple.com/en-us/HT208223" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13" ], "credit": "Zhiyang Zeng (@Wester) of Tencent Security Platform Department", "description": "An inconsistent user interface issue was addressed with improved state management.", "id": "CVE-2017-13790", "impact": "Visiting a malicious website may lead to address bar spoofing", "links": [ "https://support.apple.com/en-us/HT208223" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Ivan Fratric of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-13791", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208219", "https://support.apple.com/en-us/HT208222", "https://support.apple.com/en-us/HT208223", "https://support.apple.com/en-us/HT208224", "https://support.apple.com/en-us/HT208225" ], "module": "WebKit", "rsr": "", "update": "November 2, 2017" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Ivan Fratric of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-13792", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208219", "https://support.apple.com/en-us/HT208222", "https://support.apple.com/en-us/HT208223", "https://support.apple.com/en-us/HT208224", "https://support.apple.com/en-us/HT208225" ], "module": "WebKit", "rsr": "", "update": "November 2, 2017" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Hanul Choi working with Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-13793", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208219", "https://support.apple.com/en-us/HT208222", "https://support.apple.com/en-us/HT208223", "https://support.apple.com/en-us/HT208224", "https://support.apple.com/en-us/HT208225" ], "module": "WebKit", "rsr": "", "update": "November 2, 2017" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Ivan Fratric of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-13794", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208219", "https://support.apple.com/en-us/HT208222", "https://support.apple.com/en-us/HT208223", "https://support.apple.com/en-us/HT208224", "https://support.apple.com/en-us/HT208225" ], "module": "WebKit", "rsr": "", "update": "November 2, 2017" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Ivan Fratric of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-13795", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208219", "https://support.apple.com/en-us/HT208222", "https://support.apple.com/en-us/HT208223", "https://support.apple.com/en-us/HT208224", "https://support.apple.com/en-us/HT208225" ], "module": "WebKit", "rsr": "", "update": "November 2, 2017" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Ivan Fratric of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-13796", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208219", "https://support.apple.com/en-us/HT208222", "https://support.apple.com/en-us/HT208223", "https://support.apple.com/en-us/HT208224", "https://support.apple.com/en-us/HT208225" ], "module": "WebKit", "rsr": "", "update": "November 2, 2017" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Ivan Fratric of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-13797", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208219", "https://support.apple.com/en-us/HT208222", "https://support.apple.com/en-us/HT208223", "https://support.apple.com/en-us/HT208224", "https://support.apple.com/en-us/HT208225" ], "module": "WebKit", "rsr": "", "update": "November 2, 2017" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Ivan Fratric of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-13798", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208219", "https://support.apple.com/en-us/HT208222", "https://support.apple.com/en-us/HT208223", "https://support.apple.com/en-us/HT208224", "https://support.apple.com/en-us/HT208225" ], "module": "WebKit", "rsr": "", "update": "November 2, 2017" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13, macOS Sierra 10.12.6" ], "credit": "Lufeng Li of Qihoo 360 Vulcan Team", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-13799", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT208219", "https://support.apple.com/en-us/HT208220", "https://support.apple.com/en-us/HT208221", "https://support.apple.com/en-us/HT208222" ], "module": "Kernel", "rsr": "", "update": "November 10, 2017" }, { "available": [ "macOS High Sierra 10.13" ], "credit": "Sergej Schumilo of Ruhr-University Bochum", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-13800", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "APFS", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6, OS X El Capitan 10.11.6" ], "credit": "xisigr of Tencent's Xuanwu Lab (tencent.com)", "description": "A validation issue existed which allowed local file access. This was addressed with input sanitization.", "id": "CVE-2017-13801", "impact": "Searching pasted text in the Dictionary widget may lead to compromise of user information", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "Dictionary Widget", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Ivan Fratric of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-13802", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208219", "https://support.apple.com/en-us/HT208222", "https://support.apple.com/en-us/HT208223", "https://support.apple.com/en-us/HT208224", "https://support.apple.com/en-us/HT208225" ], "module": "WebKit", "rsr": "", "update": "November 2, 2017" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "chenqin (\u9648\u94a6) of Ant-financial Light-Year Security", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-13803", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208219", "https://support.apple.com/en-us/HT208222", "https://support.apple.com/en-us/HT208223", "https://support.apple.com/en-us/HT208224", "https://support.apple.com/en-us/HT208225" ], "module": "WebKit", "rsr": "", "update": "November 2, 2017" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13, macOS Sierra 10.12.6, OS X El Capitan 10.11.6" ], "credit": "@qwertyoruiopz at KJC Research Intl. S.R.L.", "description": "A path handling issue was addressed with improved validation.", "id": "CVE-2017-13804", "impact": "A malicious zip file may be able modify restricted areas of the file system", "links": [ "https://support.apple.com/en-us/HT208219", "https://support.apple.com/en-us/HT208220", "https://support.apple.com/en-us/HT208221", "https://support.apple.com/en-us/HT208222" ], "module": "StreamingZip", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Yi\u011fit Can YILMAZ (@yilmazcanyigit), Ayden Panhuyzen (madebyayden.co)", "description": "An issue existed with Siri permissions. This was addressed with improved permission checking.", "id": "CVE-2017-13805", "impact": "A person with physical access to an iOS device may be able to use Siri to read notifications of content that is set not to be displayed at the lock screen", "links": [ "https://support.apple.com/en-us/HT208222" ], "module": "Siri", "rsr": "", "update": "June 14, 2018" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Rorie Hood of MWR InfoSecurity", "description": "Pairings were not removed when a profile disallowing pairings was installed. This was addressed by removing pairings conflicting with the configuration profile.", "id": "CVE-2017-13806", "impact": "Device pairing records could be inadvertently installed on a device when a profile that disallows pairing is installed", "links": [ "https://support.apple.com/en-us/HT208112" ], "module": "Profiles", "rsr": "", "update": "November 2, 2017" }, { "available": [ "OS X Mountain Lion 10.8 and later", "macOS Sierra 10.12.6" ], "credit": "Yangkang (@dnpushme) of Qihoo 360 Qex Team", "description": "A memory consumption issue was addressed with improved memory handling.", "id": "CVE-2017-13807", "impact": "Parsing a maliciously crafted QuickTime file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208144", "https://support.apple.com/en-us/HT208221" ], "module": "Audio", "rsr": "", "update": "January 22, 2019" }, { "available": [ "OS X Mountain Lion 10.8 and later", "macOS Sierra 10.12.6" ], "credit": "an anonymous researcher", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-13808", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT208144", "https://support.apple.com/en-us/HT208221" ], "module": "Remote Management", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion 10.8 and later", "macOS Sierra 10.12.6, OS X El Capitan 10.11.6" ], "credit": "bat0s", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2017-13809", "impact": "Decompiling an AppleScript with osadecompile may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208144", "https://support.apple.com/en-us/HT208221" ], "module": "AppleScript", "rsr": "", "update": "November 10, 2017" }, { "available": [ "OS X Mountain Lion 10.8 and later", "macOS Sierra 10.12.6, OS X El Capitan 10.11.6" ], "credit": "Zhiyun Qian of University of California, Riverside", "description": "A permissions issue existed in kernel packet counters. This issue was addressed with improved permission validation.", "id": "CVE-2017-13810", "impact": "A local user may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT208144", "https://support.apple.com/en-us/HT208221" ], "module": "Kernel", "rsr": "", "update": "January 22, 2019" }, { "available": [ "OS X Mountain Lion 10.8 and later", "macOS Sierra 10.12.6, OS X El Capitan 10.11.6" ], "credit": "V.E.O. (@VYSEa) of Mobile Advanced Threat Team of Trend Micro", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-13811", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT208144", "https://support.apple.com/en-us/HT208221" ], "module": "fsck_msdos", "rsr": "", "update": "November 2, 2017" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Mountain Lion 10.8 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, OS X El Capitan 10.11.6" ], "credit": "found by OSS-Fuzz", "description": "Multiple memory corruption issues existed in libarchive. These issues were addressed with improved input validation.", "id": "CVE-2017-13812", "impact": "Unpacking a maliciously crafted archive may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208115", "https://support.apple.com/en-us/HT208144", "https://support.apple.com/en-us/HT208221" ], "module": "libarchive", "rsr": "", "update": "January 22, 2019" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6", "OS X Mountain Lion 10.8 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "found by OSS-Fuzz", "description": "Multiple memory corruption issues existed in libarchive. These issues were addressed with improved input validation.", "id": "CVE-2017-13813", "impact": "Unpacking a maliciously crafted archive may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208115", "https://support.apple.com/en-us/HT208144", "https://support.apple.com/en-us/HT208221" ], "module": "libarchive", "rsr": "", "update": "November 16, 2018, updated January 22, 2019" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Mountain Lion 10.8 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6" ], "credit": "Australian Cyber Security Centre \u2013 Australian Signals Directorate", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2017-13814", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208115", "https://support.apple.com/en-us/HT208144", "https://support.apple.com/en-us/HT208221" ], "module": "ImageIO", "rsr": "", "update": "November 16, 2018" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Mountain Lion 10.8 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6" ], "credit": "found by OSS-Fuzz", "description": "Multiple issues were addressed by updating to version 5.31.", "id": "CVE-2017-13815", "impact": "Multiple issues in file", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208115", "https://support.apple.com/en-us/HT208144", "https://support.apple.com/en-us/HT208221" ], "module": "file", "rsr": "", "update": "October 18, 2018" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Mountain Lion 10.8 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "found by OSS-Fuzz", "description": "A buffer overflow issue was addressed through improved memory handling.", "id": "CVE-2017-13816", "impact": "Unpacking a maliciously crafted archive may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208115", "https://support.apple.com/en-us/HT208144" ], "module": "libarchive", "rsr": "", "update": "October 31, 2017" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Mountain Lion 10.8 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, OS X El Capitan 10.11.6" ], "credit": "Maxime Villard (m00nbsd)", "description": "An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation.", "id": "CVE-2017-13817", "impact": "A local user may be able to read kernel memory", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208115", "https://support.apple.com/en-us/HT208144", "https://support.apple.com/en-us/HT208221" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Mountain Lion 10.8 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, OS X El Capitan 10.11.6" ], "credit": "The UK's National Cyber Security Centre (NCSC)", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2017-13818", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208115", "https://support.apple.com/en-us/HT208144", "https://support.apple.com/en-us/HT208221" ], "module": "Kernel", "rsr": "", "update": "June 18, 2018" }, { "available": [ "OS X Mountain Lion 10.8 and later", "macOS Sierra 10.12.6, OS X El Capitan 10.11.6" ], "credit": "Filippo Cavallarin of SecuriTeam Secure Disclosure", "description": "A cross-site scripting issue existed in HelpViewer. This issue was addressed by removing the affected file.", "id": "CVE-2017-13819", "impact": "A quarantined HTML file may execute arbitrary JavaScript cross-origin", "links": [ "https://support.apple.com/en-us/HT208144", "https://support.apple.com/en-us/HT208221" ], "module": "HelpViewer", "rsr": "", "update": "November 10, 2017" }, { "available": [ "OS X Mountain Lion 10.8 and later", "macOS Sierra 10.12.6, OS X El Capitan 10.11.6" ], "credit": "John Villamil, Doyensec", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2017-13820", "impact": "Processing a maliciously crafted font may result in the disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT208144", "https://support.apple.com/en-us/HT208221" ], "module": "ATS", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "OS X Mountain Lion 10.8 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, OS X El Capitan 10.11.6" ], "credit": "Australian Cyber Security Centre \u2013 Australian Signals Directorate", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2017-13821", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208115", "https://support.apple.com/en-us/HT208144", "https://support.apple.com/en-us/HT208221" ], "module": "CFString", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Mountain Lion 10.8 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, OS X El Capitan 10.11.6" ], "credit": "Australian Cyber Security Centre \u2013 Australian Signals Directorate", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2017-13822", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208144", "https://support.apple.com/en-us/HT208221" ], "module": "Quick Look", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion 10.8 and later", "macOS Sierra 10.12.6, OS X El Capitan 10.11.6" ], "credit": "Xiangkun Jia of Institute of Software Chinese Academy of Sciences", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2017-13823", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT208144", "https://support.apple.com/en-us/HT208221" ], "module": "QuickTime", "rsr": "", "update": "November 10, 2017" }, { "available": [ "OS X Mountain Lion 10.8 and later", "macOS Sierra 10.12.6, OS X El Capitan 10.11.6" ], "credit": "an anonymous researcher", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-13824", "impact": "Decompiling an AppleScript with osadecompile may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208144", "https://support.apple.com/en-us/HT208221" ], "module": "Open Scripting Architecture", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6", "OS X Mountain Lion 10.8 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Australian Cyber Security Centre \u2013 Australian Signals Directorate", "description": "A memory consumption issue was addressed with improved memory handling.", "id": "CVE-2017-13825", "impact": "Processing a maliciously crafted font file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208115", "https://support.apple.com/en-us/HT208144", "https://support.apple.com/en-us/HT208221" ], "module": "CoreText", "rsr": "", "update": "November 16, 2018" }, { "available": [ "macOS High Sierra 10.13" ], "credit": "an anonymous researcher", "description": "Multiple issues were addressed by updating to version 3.2.2.", "id": "CVE-2017-13826", "impact": "Multiple issues in Postfix", "links": [ "https://support.apple.com/en-us/HT208102" ], "module": "Postfix", "rsr": "", "update": "October 31, 2017" }, { "available": [ "OS X Mountain Lion 10.8 and later" ], "credit": "an anonymous researcher", "description": "A logic error in kext loading was addressed with improved state handling.", "id": "CVE-2017-13827", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT208144" ], "module": "kext tools", "rsr": "", "update": "October 31, 2017" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Mountain Lion 10.8 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, OS X El Capitan 10.11.6" ], "credit": "Leonard Grey and Robert Sesek of Google Chrome", "description": "An inconsistent user interface issue was addressed with improved state management.", "id": "CVE-2017-13828", "impact": "Rendering untrusted text may lead to spoofing", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208115", "https://support.apple.com/en-us/HT208144", "https://support.apple.com/en-us/HT208221" ], "module": "Fonts", "rsr": "", "update": "November 10, 2017" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X El Capitan 10.11.6, and macOS Sierra 10.12.6", "OS X Mountain Lion 10.8 and later", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Niklas Baumstark and Samuel Gro working with Trend Micro's Zero Day Initiative", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-13829", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208115", "https://support.apple.com/en-us/HT208141", "https://support.apple.com/en-us/HT208142", "https://support.apple.com/en-us/HT208144", "https://support.apple.com/en-us/HT208221" ], "module": "CFNetwork", "rsr": "", "update": "November 10, 2017" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Mountain Lion 10.8 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, OS X El Capitan 10.11.6" ], "credit": "Sergej Schumilo of Ruhr-University Bochum", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-13830", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208115", "https://support.apple.com/en-us/HT208144", "https://support.apple.com/en-us/HT208221" ], "module": "HFS", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6", "OS X Mountain Lion 10.8 and later", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Glen Carmichael", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2017-13831", "impact": "Processing a maliciously crafted image may lead to a denial of service", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208115", "https://support.apple.com/en-us/HT208141", "https://support.apple.com/en-us/HT208142", "https://support.apple.com/en-us/HT208144", "https://support.apple.com/en-us/HT208221" ], "module": "ImageIO", "rsr": "", "update": "April 3, 2019" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Mountain Lion 10.8 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Doug Wussler of Florida State University", "description": "A protocol security issue was addressed by enabling TLS 1.1 and TLS 1.2.", "id": "CVE-2017-13832", "impact": "An attacker may be able to exploit weaknesses in TLS 1.0", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208115", "https://support.apple.com/en-us/HT208144" ], "module": "802.1X", "rsr": "", "update": "October 31, 2017, updated November 10, 2017" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X El Capitan 10.11.6, and macOS Sierra 10.12.6", "OS X Mountain Lion 10.8 and later", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Niklas Baumstark and Samuel Gro working with Trend Micro's Zero Day Initiative", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-13833", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208115", "https://support.apple.com/en-us/HT208141", "https://support.apple.com/en-us/HT208142", "https://support.apple.com/en-us/HT208144", "https://support.apple.com/en-us/HT208221" ], "module": "CFNetwork", "rsr": "", "update": "November 10, 2017" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Mountain Lion 10.8 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6" ], "credit": "Maxime Villard (m00nbsd)", "description": "A memory corruption issue was addressed with improved validation.", "id": "CVE-2017-13834", "impact": "Processing a malformed mach binary may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208115", "https://support.apple.com/en-us/HT208144", "https://support.apple.com/en-us/HT208221" ], "module": "Kernel", "rsr": "", "update": "January 22, 2019" }, { "available": [ "OS X Mountain Lion 10.8 and later" ], "credit": "an anonymous researcher", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-13835", "impact": "An application may be able to execute arbitrary code with elevated privileges", "links": [ "https://support.apple.com/en-us/HT208144" ], "module": "fsck_msdos", "rsr": "", "update": "October 18, 2018" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Mountain Lion 10.8 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, OS X El Capitan 10.11.6" ], "credit": "Vlad Tsyrklevich", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2017-13836", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208115", "https://support.apple.com/en-us/HT208144", "https://support.apple.com/en-us/HT208221" ], "module": "Kernel", "rsr": "", "update": "June 18, 2018" }, { "available": [ "OS X Mountain Lion 10.8 and later" ], "credit": "Patrick Wardle of Synack", "description": "This issue was addressed by removing additional entitlements.", "id": "CVE-2017-13837", "impact": "A malicious application may be able to access the FileVault unlock key", "links": [ "https://support.apple.com/en-us/HT208144" ], "module": "Installer", "rsr": "", "update": "October 31, 2017, updated November 10, 2017" }, { "available": [ "OS X Mountain Lion 10.8 and later", "macOS Sierra 10.12.6, OS X El Capitan 10.11.6" ], "credit": "Alastair Houghton", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-13838", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT208144", "https://support.apple.com/en-us/HT208221" ], "module": "Sandbox", "rsr": "", "update": "November 10, 2017" }, { "available": [ "OS X Mountain Lion 10.8 and later" ], "credit": "Ken Harris of the Free Robot Collective", "description": "An access issue existed in Spotlight. This issue was addressed through improved access restrictions.", "id": "CVE-2017-13839", "impact": "Spotlight may display results for files not belonging to the user", "links": [ "https://support.apple.com/en-us/HT208144" ], "module": "Spotlight", "rsr": "", "update": "October 31, 2017, updated November 10, 2017" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Mountain Lion 10.8 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, OS X El Capitan 10.11.6" ], "credit": "Vlad Tsyrklevich", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2017-13840", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208115", "https://support.apple.com/en-us/HT208144", "https://support.apple.com/en-us/HT208221" ], "module": "Kernel", "rsr": "", "update": "June 18, 2018" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Mountain Lion 10.8 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, OS X El Capitan 10.11.6" ], "credit": "Vlad Tsyrklevich", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2017-13841", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208115", "https://support.apple.com/en-us/HT208144", "https://support.apple.com/en-us/HT208221" ], "module": "Kernel", "rsr": "", "update": "June 18, 2018" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Mountain Lion 10.8 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, OS X El Capitan 10.11.6" ], "credit": "Vlad Tsyrklevich", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2017-13842", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208115", "https://support.apple.com/en-us/HT208144", "https://support.apple.com/en-us/HT208221" ], "module": "Kernel", "rsr": "", "update": "June 18, 2018" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Mountain Lion 10.8 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, OS X El Capitan 10.11.6" ], "credit": "an anonymous researcher, an anonymous researcher", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-13843", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208115", "https://support.apple.com/en-us/HT208144", "https://support.apple.com/en-us/HT208221" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Miguel Alvarado of iDeviceHelp INC", "description": "A lock screen issue allowed access to photos via Reply With Message on a locked device. This issue was addressed with improved state management.", "id": "CVE-2017-13844", "impact": "A person with physical access to an iOS device may be able to access photos from the lock screen", "links": [ "https://support.apple.com/en-us/HT208222" ], "module": "Messages", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion 10.8 and later", "macOS Sierra 10.12.6, OS X El Capitan 10.11.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 8.40.", "id": "CVE-2017-13846", "impact": "Multiple issues in pcre", "links": [ "https://support.apple.com/en-us/HT208144", "https://support.apple.com/en-us/HT208221" ], "module": "PCRE", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.1", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Ian Beer of Google Project Zero", "description": "Multiple memory corruption issues were addressed through improved state management.", "id": "CVE-2017-13847", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT208331", "https://support.apple.com/en-us/HT208334" ], "module": "IOKit", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.1" ], "credit": "Alex Plaskett of MWR InfoSecurity", "description": "An input validation issue existed in the kernel. This issue was addressed through improved input validation.", "id": "CVE-2017-13848", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT208331" ], "module": "IOKit", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Ro of SavSec", "description": "A denial of service issue was addressed through improved memory handling.", "id": "CVE-2017-13849", "impact": "Processing a maliciously crafted text file may lead to an unexpected application termination", "links": [ "https://support.apple.com/en-us/HT208219", "https://support.apple.com/en-us/HT208220", "https://support.apple.com/en-us/HT208222" ], "module": "CoreText", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.5, OS X El Capitan 10.11.6, and OS X Yosemite 10.10.5" ], "credit": "John Villamil, Doyensec", "description": "A memory corruption issue was addressed through improved input validation.", "id": "CVE-2017-13850", "impact": "Processing a maliciously crafted font may result in the disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT207922" ], "module": "Font Importer", "rsr": "", "update": "October 31, 2017" }, { "available": [ "OS X Mountain Lion 10.8 and later" ], "credit": "Henrique Correa de Amorim", "description": "A file access issue existed with certain home folder files. This was addressed with improved access restrictions.", "id": "CVE-2017-13851", "impact": "A local attacker may be able to observe unprotected user data", "links": [ "https://support.apple.com/en-us/HT208144" ], "module": "DesktopServices", "rsr": "", "update": "November 2, 2017, updated February 14, 2018" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13" ], "credit": "Xiaokuan Zhang and Yinqian Zhang of The Ohio State University, Xueqiang Wang and XiaoFeng Wang of Indiana University Bloomington, and Xiaolong Bai of Tsinghua University", "description": "An application was able to access process information maintained by the operating system unrestricted. This issue was addressed through rate limiting.", "id": "CVE-2017-13852", "impact": "A malicious application may be able to learn information about the presence and operation of other applications on the device.", "links": [ "https://support.apple.com/en-us/HT208219", "https://support.apple.com/en-us/HT208220", "https://support.apple.com/en-us/HT208221", "https://support.apple.com/en-us/HT208222" ], "module": "Kernel", "rsr": "", "update": "November 10, 2017" }, { "available": [ "macOS Sierra 10.12.5, OS X El Capitan 10.11.6, and OS X Yosemite 10.10.5" ], "credit": "shrek_wzw from Qihoo 360 NirvanTeam", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-13853", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207922" ], "module": "AppleGraphicsControl", "rsr": "", "update": "November 2, 2017" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Mountain Lion 10.8 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "shrek_wzw of Qihoo 360 Nirvan Team", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-13854", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208115", "https://support.apple.com/en-us/HT208144" ], "module": "Kernel", "rsr": "", "update": "November 2, 2017" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.1", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Jann Horn of Google Project Zero", "description": "A type confusion issue was addressed with improved memory handling.", "id": "CVE-2017-13855", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT208325", "https://support.apple.com/en-us/HT208327", "https://support.apple.com/en-us/HT208331", "https://support.apple.com/en-us/HT208334" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.2", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Jeonghoon Shin", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-13856", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208324", "https://support.apple.com/en-us/HT208326", "https://support.apple.com/en-us/HT208327", "https://support.apple.com/en-us/HT208328", "https://support.apple.com/en-us/HT208334" ], "module": "WebKit", "rsr": "", "update": "January 10, 2018" }, { "available": [ "macOS High Sierra 10.13.1" ], "credit": "an anonymous researcher", "description": "An input validation issue existed in the kernel. This issue was addressed through improved input validation.", "id": "CVE-2017-13858", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT208331" ], "module": "IOKit", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.1" ], "credit": "Michael Weishaar of INNEO Solutions GmbH", "description": "An encryption issue existed with S/MIME credentials. The issue was addressed with additional checks and user control.", "id": "CVE-2017-13860", "impact": "An attacker with a privileged network position may be able to intercept mail", "links": [ "https://support.apple.com/en-us/HT208331", "https://support.apple.com/en-us/HT208334" ], "module": "Mail Drafts", "rsr": "", "update": "January 10, 2018" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Ian Beer of Google Project Zero", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-13861", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT208325", "https://support.apple.com/en-us/HT208327", "https://support.apple.com/en-us/HT208334" ], "module": "IOSurface", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.1", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Apple", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-13862", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT208325", "https://support.apple.com/en-us/HT208327", "https://support.apple.com/en-us/HT208331", "https://support.apple.com/en-us/HT208334" ], "module": "Kernel", "rsr": "", "update": "December 21, 2017" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "FURIOUSMAC Team of United States Naval Academy", "description": "A privacy issue existed in the use of client certificates. This issue was addressed through a revised protocol.", "id": "CVE-2017-13863", "impact": "An attacker in a privileged network position could track a user", "links": [ "https://support.apple.com/en-us/HT208112" ], "module": "APNs", "rsr": "", "update": "December 21, 2017" }, { "available": [ "Windows 7 and later" ], "credit": "FURIOUSMAC Team of United States Naval Academy", "description": "A privacy issue existed in the use of client certificates. This issue was addressed through a revised protocol.", "id": "CVE-2017-13864", "impact": "An attacker in a privileged network position could track a user", "links": [ "https://support.apple.com/en-us/HT208326", "https://support.apple.com/en-us/HT208328" ], "module": "APNs Server", "rsr": "", "update": "December 21, 2017" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.1" ], "credit": "Ian Beer of Google Project Zero", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2017-13865", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT208325", "https://support.apple.com/en-us/HT208327", "https://support.apple.com/en-us/HT208331", "https://support.apple.com/en-us/HT208334" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.2", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Tencent Keen Security Lab (@keen_lab) working with Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-13866", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208324", "https://support.apple.com/en-us/HT208326", "https://support.apple.com/en-us/HT208327", "https://support.apple.com/en-us/HT208328", "https://support.apple.com/en-us/HT208334" ], "module": "WebKit", "rsr": "", "update": "January 10, 2018" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.1", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Ian Beer of Google Project Zero", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-13867", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT208325", "https://support.apple.com/en-us/HT208327", "https://support.apple.com/en-us/HT208331", "https://support.apple.com/en-us/HT208334" ], "module": "Kernel", "rsr": "", "update": "December 21, 2017" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.1", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Brandon Azad", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2017-13868", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT208325", "https://support.apple.com/en-us/HT208327", "https://support.apple.com/en-us/HT208331", "https://support.apple.com/en-us/HT208334" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.1", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Jann Horn of Google Project Zero", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2017-13869", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT208325", "https://support.apple.com/en-us/HT208327", "https://support.apple.com/en-us/HT208331", "https://support.apple.com/en-us/HT208334" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.2", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Tencent Keen Security Lab (@keen_lab) working with Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-13870", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208324", "https://support.apple.com/en-us/HT208326", "https://support.apple.com/en-us/HT208327", "https://support.apple.com/en-us/HT208328", "https://support.apple.com/en-us/HT208334" ], "module": "WebKit", "rsr": "", "update": "January 10, 2018" }, { "available": [ "macOS High Sierra 10.13.1" ], "credit": "Lukas Pitschl of GPGTools", "description": "An inconsistent user interface issue was addressed with improved state management.", "id": "CVE-2017-13871", "impact": "A S/MIME encrypted email may be inadvertently sent unencrypted if the receiver's S/MIME certificate is not installed", "links": [ "https://support.apple.com/en-us/HT208331" ], "module": "Mail", "rsr": "", "update": "December 21, 2017" }, { "available": [ "macOS High Sierra 10.13 and macOS High Sierra 10.13.1", "macOS Sierra 10.12.6, macOS High Sierra 10.13.1" ], "credit": "", "description": "A logic error existed in the validation of credentials. This was addressed with improved credential validation.", "id": "CVE-2017-13872", "impact": "An attacker may be able to bypass administrator authentication without supplying the administrator\u2019s password", "links": [ "https://support.apple.com/en-us/HT208315", "https://support.apple.com/en-us/HT208331" ], "module": "Directory Utility", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Mountain Lion 10.8 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Xiaokuan Zhang and Yinqian Zhang of The Ohio State University, Xueqiang Wang and XiaoFeng Wang of Indiana University Bloomington, and Xiaolong Bai of Tsinghua University", "description": "An application was able to access network activity information maintained by the operating system unrestricted. This issue was addressed by reducing the information available to third party applications.", "id": "CVE-2017-13873", "impact": "A malicious application may be able to learn information about the presence and operation of other applications on the device.", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208115", "https://support.apple.com/en-us/HT208144" ], "module": "Kernel", "rsr": "", "update": "November 30, 2017" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Nicolas Devillard", "description": "A S/MIME issue existed in the handling of encrypted email. This issue was addressed through improved selection of the encryption certificate.", "id": "CVE-2017-13874", "impact": "Incorrect certificate is used for encryption", "links": [ "https://support.apple.com/en-us/HT208334" ], "module": "Mail", "rsr": "", "update": "April 9, 2018" }, { "available": [ "macOS High Sierra 10.13.1" ], "credit": "Ian Beer of Google Project Zero", "description": "An out-of-bounds read was addressed through improved bounds checking.", "id": "CVE-2017-13875", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT208331" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.1" ], "credit": "Ian Beer of Google Project Zero", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-13876", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT208325", "https://support.apple.com/en-us/HT208327", "https://support.apple.com/en-us/HT208331", "https://support.apple.com/en-us/HT208334" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Xiaokuan Zhang and Yinqian Zhang of The Ohio State University, Xueqiang Wang and XiaoFeng Wang of Indiana University Bloomington, and Xiaolong Bai of Tsinghua University", "description": "An application was able to determine the existence of files outside of its sandbox. This issue was addressed through additional sandbox checks.", "id": "CVE-2017-13877", "impact": "A malicious application may be able to learn information about the presence of other applications on the device.", "links": [ "https://support.apple.com/en-us/HT208112" ], "module": "Sandbox Profiles", "rsr": "", "update": "November 30, 2017" }, { "available": [ "macOS High Sierra 10.13.1" ], "credit": "Ian Beer of Google Project Zero", "description": "An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed through improved input validation.", "id": "CVE-2017-13878", "impact": "A local user may be able to cause unexpected system termination or read kernel memory", "links": [ "https://support.apple.com/en-us/HT208331" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Apple", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-13879", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT208334" ], "module": "IOMobileFrameBuffer", "rsr": "", "update": "October 24, 2018" }, { "available": [ "All Apple Watch models", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Apple", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-13880", "impact": "An application may be able to execute arbitrary code with kernel privilege", "links": [ "https://support.apple.com/en-us/HT208325", "https://support.apple.com/en-us/HT208334" ], "module": "Kernel", "rsr": "", "update": "October 18, 2018" }, { "available": [ "macOS High Sierra 10.13.1" ], "credit": "Yu Wang of Didi Research America", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-13883", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT208331" ], "module": "Intel Graphics Driver", "rsr": "", "update": "December 21, 2017" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.2", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "360 Security working with Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-13884", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208324", "https://support.apple.com/en-us/HT208325", "https://support.apple.com/en-us/HT208326", "https://support.apple.com/en-us/HT208327", "https://support.apple.com/en-us/HT208328", "https://support.apple.com/en-us/HT208334" ], "module": "WebKit", "rsr": "", "update": "January 22, 2018" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.2", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "360 Security working with Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-13885", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208324", "https://support.apple.com/en-us/HT208326", "https://support.apple.com/en-us/HT208327", "https://support.apple.com/en-us/HT208328", "https://support.apple.com/en-us/HT208334" ], "module": "WebKit", "rsr": "", "update": "January 22, 2018" }, { "available": [ "macOS High Sierra 10.13.1" ], "credit": "David Kreitschmann and Matthias Schulz of Secure Mobile Networking Lab at TU Darmstadt", "description": "An access issue existed with privileged Wi-Fi system configuration. This issue was addressed with additional restrictions.", "id": "CVE-2017-13886", "impact": "An unprivileged user may change Wi-Fi system parameters leading to denial of service", "links": [ "https://support.apple.com/en-us/HT208331" ], "module": "Wi-Fi", "rsr": "", "update": "May 2, 2018" }, { "available": [ "macOS High Sierra 10.13.1" ], "credit": "David Ryskalczyk", "description": "A logic issue existed in APFS when deleting keys during hibernation. This was addressed with improved state management.", "id": "CVE-2017-13887", "impact": "APFS encryption keys may not be securely deleted after hibernating", "links": [ "https://support.apple.com/en-us/HT208331" ], "module": "APFS", "rsr": "", "update": "June 21, 2018" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Dan Niemeyer of Microsoft, Peter Pau (ArcanaArt.com)", "description": "A type confusion issue was addressed with improved memory handling.", "id": "CVE-2017-13888", "impact": "A user may not have control over their screen broadcast", "links": [ "https://support.apple.com/en-us/HT208334" ], "module": "ReplayKit", "rsr": "", "update": "June 21, 2018, updated September 8, 2020" }, { "available": [ "OS X Mountain Lion 10.8 and later" ], "credit": "Apple, Theodor Ragnar Gislason of Syndis", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2017-13890", "impact": "Processing a maliciously crafted webpage may result in the mounting of a disk image", "links": [ "https://support.apple.com/en-us/HT208144" ], "module": "CoreTypes", "rsr": "", "update": "March 29, 2018" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Janne Raiskila (@raiskila)", "description": "An inconsistent user interface issue was addressed through improved state management.", "id": "CVE-2017-13891", "impact": "Visiting a malicious website may lead to address bar spoofing", "links": [ "https://support.apple.com/en-us/HT208334" ], "module": "SafariViewController", "rsr": "", "update": "June 21, 2018" }, { "available": [ "macOS High Sierra 10.13.1" ], "credit": "Ryan Manly of Glenbrook High School District 225", "description": "An issue existed in the handling of Contact sharing. This issue was addressed with improved handling of user information.", "id": "CVE-2017-13892", "impact": "Sharing contact information may lead to unexpected data sharing", "links": [ "https://support.apple.com/en-us/HT208331" ], "module": "Contacts", "rsr": "", "update": "October 18, 2018" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Tian Zhang", "description": "A message handling issue was addressed with improved input validation.", "id": "CVE-2017-13903", "impact": "A remote attacker may be able to unexpectedly alter application state", "links": [ "https://support.apple.com/en-us/HT208357", "https://support.apple.com/en-us/HT208359" ], "module": "HomeKit", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.1", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Kevin Backhouse of Semmle Ltd.", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-13904", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT208325", "https://support.apple.com/en-us/HT208327", "https://support.apple.com/en-us/HT208331", "https://support.apple.com/en-us/HT208334" ], "module": "Kernel", "rsr": "", "update": "February 14, 2018" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.1" ], "credit": "Samuel Gro\u00df (@5aelo)", "description": "A race condition was addressed with additional validation.", "id": "CVE-2017-13905", "impact": "An application may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT208325", "https://support.apple.com/en-us/HT208327", "https://support.apple.com/en-us/HT208331", "https://support.apple.com/en-us/HT208334" ], "module": "Auto Unlock", "rsr": "", "update": "October 18, 2018" }, { "available": [ "OS X Mountain Lion 10.8 and later", "macOS Sierra 10.12.6" ], "credit": "", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-13906", "impact": "A malicious application may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/HT208144", "https://support.apple.com/en-us/HT208221" ], "module": "IOAcceleratorFamily", "rsr": "", "update": "October 18, 2018" }, { "available": [ "macOS High Sierra 10.13" ], "credit": "an anonymous researcher", "description": "A state management issue was addressed with improved state validation.", "id": "CVE-2017-13907", "impact": "The screen lock may unexpectedly remain unlocked", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "Login Window", "rsr": "", "update": "October 18, 2018" }, { "available": [ "OS X El Capitan 10.11.6, macOS Sierra 10.12.6", "OS X Mountain Lion 10.8 and later" ], "credit": "an anonymous researcher", "description": "An issue in handling file permissions was addressed with improved validation.", "id": "CVE-2017-13908", "impact": "A local attacker may be able to execute non-executable text files via an SMB share", "links": [ "https://support.apple.com/en-us/HT208144", "https://support.apple.com/en-us/HT208221" ], "module": "SMB", "rsr": "", "update": "October 18, 2018" }, { "available": [ "OS X Mountain Lion 10.8 and later" ], "credit": "Andreas Nilsson", "description": "An issue existed in the storage of sensitive tokens. This issue was addressed by placing the tokens in Keychain.", "id": "CVE-2017-13909", "impact": "A local attacker may gain access to iCloud authentication tokens", "links": [ "https://support.apple.com/en-us/HT208144" ], "module": "Apple Account Settings", "rsr": "", "update": "October 18, 2018" }, { "available": [ "OS X Mountain Lion 10.8 and later" ], "credit": "", "description": "An access issue was addressed with additional sandbox restrictions on applications.", "id": "CVE-2017-13910", "impact": "An application may be able to access restricted files", "links": [ "https://support.apple.com/en-us/HT208144" ], "module": "Spotlight", "rsr": "", "update": "October 18, 2018" }, { "available": [ "macOS High Sierra 10.13.1" ], "credit": "Timothy Perfitt of Twocanoes Software", "description": "A configuration issue was addressed with additional restrictions.", "id": "CVE-2017-13911", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT208331" ], "module": "SIP", "rsr": "", "update": "August 8, 2018, updated September 25, 2018" }, { "available": [ "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.1", "Windows 7 and later" ], "credit": "Yuan Deng of Ant-financial Light-Year Security Lab", "description": "An integer overflow was addressed through improved input validation.", "id": "CVE-2017-15422", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT208326", "https://support.apple.com/en-us/HT208331" ], "module": "ICU", "rsr": "", "update": "March 14, 2018" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.3", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Gareth Heyes of Portswigger Web Security", "description": "A prototype access issue was addressed through improved exception handling.", "id": "CVE-2017-2350", "impact": "Processing maliciously crafted web content may exfiltrate data cross-origin", "links": [ "https://support.apple.com/en-us/HT207482", "https://support.apple.com/en-us/HT207484", "https://support.apple.com/en-us/HT207485" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Hemanth Joseph, Sriram (@Sri_Hxor) of Primefort Pvt. Ltd., Mohamd Imran", "description": "An issue existed with handling user input that caused a device to present the home screen even when activation locked. This was addressed through improved input validation.", "id": "CVE-2017-2351", "impact": "An activation-locked device can be manipulated to briefly present the home screen", "links": [ "https://support.apple.com/en-us/HT207482" ], "module": "Wi-Fi", "rsr": "", "update": "February 21, 2017" }, { "available": [ "All Apple Watch models", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Ashley Fernandez of raptAware Pty Ltd", "description": "A logic issue was addressed through improved state management.", "id": "CVE-2017-2352", "impact": "Apple Watch may unlock when off the user\u2019s wrist", "links": [ "https://support.apple.com/en-us/HT207482", "https://support.apple.com/en-us/HT207487" ], "module": "Unlock with iPhone", "rsr": "", "update": "January 25, 2017" }, { "available": [ "macOS Sierra 10.12.2" ], "credit": "Ian Beer of Google Project Zero", "description": "A use after free issue was addressed through improved memory management.", "id": "CVE-2017-2353", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207483" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.3", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Neymar of Tencent's Xuanwu Lab (tencent.com) working with Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2017-2354", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207481", "https://support.apple.com/en-us/HT207482", "https://support.apple.com/en-us/HT207484", "https://support.apple.com/en-us/HT207485", "https://support.apple.com/en-us/HT207486" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.3", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Team Pangu and lokihardt at PwnFest 2016", "description": "A memory initialization issue was addressed through improved memory handling.", "id": "CVE-2017-2355", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207481", "https://support.apple.com/en-us/HT207482", "https://support.apple.com/en-us/HT207484", "https://support.apple.com/en-us/HT207485", "https://support.apple.com/en-us/HT207486" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.3", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Team Pangu and lokihardt at PwnFest 2016", "description": "Multiple memory corruption issues were addressed through improved input validation.", "id": "CVE-2017-2356", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207481", "https://support.apple.com/en-us/HT207482", "https://support.apple.com/en-us/HT207484", "https://support.apple.com/en-us/HT207485", "https://support.apple.com/en-us/HT207486" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.2" ], "credit": "Team Pangu and lokihardt at PwnFest 2016", "description": "An uninitialized memory issue was addressed through improved memory management.", "id": "CVE-2017-2357", "impact": "An application may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT207483" ], "module": "IOAudioFamily", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.2" ], "credit": "Team Pangu and lokihardt at PwnFest 2016", "description": "A memory corruption issue was addressed through improved input validation.", "id": "CVE-2017-2358", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207483" ], "module": "Graphics Drivers", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.3" ], "credit": "xisigr of Tencent's Xuanwu Lab (tencent.com)", "description": "A state management issue in the address bar was addressed through improved URL handling.", "id": "CVE-2017-2359", "impact": "Visiting a malicious website may lead to address bar spoofing", "links": [ "https://support.apple.com/en-us/HT207484" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.2" ], "credit": "Ian Beer of Google Project Zero", "description": "A use after free issue was addressed through improved memory management.", "id": "CVE-2017-2360", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207482", "https://support.apple.com/en-us/HT207483", "https://support.apple.com/en-us/HT207485", "https://support.apple.com/en-us/HT207487" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.2" ], "credit": "lokihardt of Google Project Zero", "description": "A cross-site scripting issue was addressed through improved URL validation.", "id": "CVE-2017-2361", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207483" ], "module": "Help Viewer", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.3", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Ivan Fratric of Google Project Zero", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2017-2362", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207482", "https://support.apple.com/en-us/HT207484", "https://support.apple.com/en-us/HT207485" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.3", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "lokihardt of Google Project Zero", "description": "Multiple validation issues existed in the handling of page loading. This issue was addressed through improved logic.", "id": "CVE-2017-2363", "impact": "Processing maliciously crafted web content may exfiltrate data cross-origin", "links": [ "https://support.apple.com/en-us/HT207482", "https://support.apple.com/en-us/HT207484", "https://support.apple.com/en-us/HT207485", "https://support.apple.com/en-us/HT207487" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.3", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.4", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "lokihardt of Google Project Zero", "description": "Multiple validation issues existed in the handling of page loading. This issue was addressed through improved logic.", "id": "CVE-2017-2364", "impact": "Processing maliciously crafted web content may exfiltrate data cross-origin", "links": [ "https://support.apple.com/en-us/HT207482", "https://support.apple.com/en-us/HT207484", "https://support.apple.com/en-us/HT207600", "https://support.apple.com/en-us/HT207617" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.3", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "lokihardt of Google Project Zero", "description": "A validation issue existed in variable handling. This issue was addressed through improved validation.", "id": "CVE-2017-2365", "impact": "Processing maliciously crafted web content may exfiltrate data cross-origin", "links": [ "https://support.apple.com/en-us/HT207482", "https://support.apple.com/en-us/HT207484", "https://support.apple.com/en-us/HT207485" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.3", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Kai Kang of Tencent's Xuanwu Lab (tencent.com)", "description": "Multiple memory corruption issues were addressed through improved input validation.", "id": "CVE-2017-2366", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207481", "https://support.apple.com/en-us/HT207482", "https://support.apple.com/en-us/HT207484", "https://support.apple.com/en-us/HT207486" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.4", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "lokihardt of Google Project Zero", "description": "A validation issue existed in the handling of page loading. This issue was addressed through improved logic.", "id": "CVE-2017-2367", "impact": "A malicious website may exfiltrate data cross-origin", "links": [ "https://support.apple.com/en-us/HT207600", "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207617" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Vincent Desmurs (vincedes3)", "description": "An input validation issue existed in the parsing of contact cards. This issue was addressed through improved input validation.", "id": "CVE-2017-2368", "impact": "Processing a maliciously crafted contact card may lead to unexpected application termination", "links": [ "https://support.apple.com/en-us/HT207482" ], "module": "Contacts", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.3", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Ivan Fratric of Google Project Zero", "description": "Multiple memory corruption issues were addressed through improved input validation.", "id": "CVE-2017-2369", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207482", "https://support.apple.com/en-us/HT207484", "https://support.apple.com/en-us/HT207485" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.2" ], "credit": "Ian Beer of Google Project Zero", "description": "A buffer overflow issue was addressed through improved memory handling.", "id": "CVE-2017-2370", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207482", "https://support.apple.com/en-us/HT207483", "https://support.apple.com/en-us/HT207485", "https://support.apple.com/en-us/HT207487" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "lokihardt of Google Project Zero", "description": "An issue existed in the handling of blocking popups. This was addressed through improved input validation.", "id": "CVE-2017-2371", "impact": "A malicious website can open popups", "links": [ "https://support.apple.com/en-us/HT207482" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later (64 bit)", "OS X Yosemite v10.10 and later" ], "credit": "Tyler Bohan of Cisco Talos", "description": "A memory corruption issue was addressed through improved memory handling.", "id": "CVE-2017-2372", "impact": "Opening a maliciously crafted GarageBand project file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207476", "https://support.apple.com/en-us/HT207477" ], "module": "Projects", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.3", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Ivan Fratric of Google Project Zero", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2017-2373", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207482", "https://support.apple.com/en-us/HT207484", "https://support.apple.com/en-us/HT207485" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan v10.11 and later (64 bit)", "OS X Yosemite v10.10 and later" ], "credit": "Tyler Bohan of Cisco Talos", "description": "A memory corruption issue was addressed through improved memory handling.", "id": "CVE-2017-2374", "impact": "Opening a maliciously crafted GarageBand project file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207518", "https://support.apple.com/en-us/HT207519" ], "module": "Projects", "rsr": "", "update": "" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Elcomsoft", "description": "An issue existed in preventing the uploading of CallKit call history to iCloud. This issue was addressed through improved logic.", "id": "CVE-2017-2375", "impact": "Updates for CallKit call history are sent to iCloud", "links": [ "https://support.apple.com/en-us/HT207482" ], "module": "Call History", "rsr": "", "update": "February 21, 2017" }, { "available": [ "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.4", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "an anonymous researcher, Michal Zalewski of Google Inc, Muneaki Nishimura (nishimunea) of Recruit Technologies Co., Ltd., Chris Hlady of Google Inc, an anonymous researcher, Yuyang Zhou of Tencent Security Platform Department (security.tencent.com)", "description": "A state management issue was addressed by disabling text input until the destination page loads.", "id": "CVE-2017-2376", "impact": "Visiting a malicious website may lead to address bar spoofing", "links": [ "https://support.apple.com/en-us/HT207600", "https://support.apple.com/en-us/HT207617" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.4", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Vicki Pfau", "description": "A memory corruption issue was addressed through improved input validation.", "id": "CVE-2017-2377", "impact": "Closing a window while paused in the debugger may lead to unexpected application termination", "links": [ "https://support.apple.com/en-us/HT207600", "https://support.apple.com/en-us/HT207617" ], "module": "WebKit Web Inspector", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.4", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "xisigr of Tencent's Xuanwu Lab (tencent.com)", "description": "A validation issue existed in bookmark creation. This issue was addressed through improved input validation.", "id": "CVE-2017-2378", "impact": "Dragging and dropping a maliciously crafted link may lead to bookmark spoofing or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207600", "https://support.apple.com/en-us/HT207617" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.3" ], "credit": "John Villamil, Doyensec, riusksk (\u6cc9\u54e5) of Tencent Security Platform Department", "description": "A buffer overflow existed in the handling of font files. This issue was addressed through improved bounds checking.", "id": "CVE-2017-2379", "impact": "Processing a maliciously crafted .dfont file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207602", "https://support.apple.com/en-us/HT207615", "https://support.apple.com/en-us/HT207617" ], "module": "Carbon", "rsr": "", "update": "" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "an anonymous researcher", "description": "Support for the 3DES cryptographic algorithm was added to the SCEP client and DES was deprecated.", "id": "CVE-2017-2380", "impact": "An attacker may be able to exploit weaknesses in the DES cryptographic algorithm", "links": [ "https://support.apple.com/en-us/HT207617" ], "module": "Profiles", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "An access issue existed in sudo. This issue was addressed through improved permissions checking.", "id": "CVE-2017-2381", "impact": "A user in an group named \"admin\" on a network directory server may be able to unexpectedly escalate privileges using sudo", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "sudo", "rsr": "", "update": "" }, { "available": [ "macOS 10.12.4 and later" ], "credit": "Maris Kocins of SEMTEXX LTD", "description": "An access issue was addressed through improved permissions checking.", "id": "CVE-2017-2382", "impact": "A remote attacker may be able to enumerate users", "links": [ "https://support.apple.com/en-us/HT207604" ], "module": "Wiki Server", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.2" ], "credit": "Matthias Wachs and Quirin Scheitle of Technical University Munich (TUM)", "description": "A client certificate was sent in plaintext. This issue was addressed through improved certificate handling.", "id": "CVE-2017-2383", "impact": "An attacker in a privileged network position can track a user's activity", "links": [ "https://support.apple.com/en-us/HT207482", "https://support.apple.com/en-us/HT207483", "https://support.apple.com/en-us/HT207485", "https://support.apple.com/en-us/HT207487", "https://support.apple.com/en-us/HT207599", "https://support.apple.com/en-us/HT207607" ], "module": "APNs Server", "rsr": "", "update": "" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "", "description": "An issue existed in SQLite deletion. This issue was addressed through improved SQLite cleanup.", "id": "CVE-2017-2384", "impact": "A local user may be able to discover websites a user has visited in Private Browsing", "links": [ "https://support.apple.com/en-us/HT207617" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.4" ], "credit": "Simon Woodside of MedStack", "description": "A keychain handling issue was addressed through improved keychain item management.", "id": "CVE-2017-2385", "impact": "A local user may be able to access locked keychain items", "links": [ "https://support.apple.com/en-us/HT207600" ], "module": "Safari Login AutoFill", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.4", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Andr\u00e9 Bargull", "description": "A prototype access issue was addressed through improved exception handling.", "id": "CVE-2017-2386", "impact": "Processing maliciously crafted web content may exfiltrate data cross-origin", "links": [ "https://support.apple.com/en-us/HT207600", "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207617" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Android version 4.3 and later" ], "credit": "David Coomber of Info-Sec.CA", "description": "A certificate validation issue existed in Apple Music for Android. This issue was addressed through improved certificate validation.", "id": "CVE-2017-2387", "impact": "An attacker in a privileged network position may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT207605" ], "module": "Apple Music", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "Brandon Azad, an anonymous researcher", "description": "A null pointer dereference was addressed through improved input validation.", "id": "CVE-2017-2388", "impact": "An application may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "IOFireWireFamily", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.4", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "ShenYeYinJiu of Tencent Security Response Center, TSRC", "description": "A spoofing and denial-of-service issue existed in the handling of HTTP authentication. This issue was addressed through making HTTP authentication sheets non-modal.", "id": "CVE-2017-2389", "impact": "Processing maliciously crafted web content may present authentication sheets over arbitrary web sites", "links": [ "https://support.apple.com/en-us/HT207600", "https://support.apple.com/en-us/HT207617" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.3" ], "credit": "Omer Medan of enSilo Ltd", "description": "A validation issue existed in the handling of symlinks. This issue was addressed through improved validation of symlinks.", "id": "CVE-2017-2390", "impact": "A local attacker may be able to change file system permissions on arbitrary directories", "links": [ "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207602", "https://support.apple.com/en-us/HT207615", "https://support.apple.com/en-us/HT207617" ], "module": "libarchive", "rsr": "", "update": "" }, { "available": [ "macOS 10.12 or later, iOS 10.0 or later" ], "credit": "Philipp Eckel of ThoughtWorks", "description": "iWork used weak 40-bit RC4 encryption for password-protected PDF exports. This issue was addressed by changing iWork export to use AES-128.", "id": "CVE-2017-2391", "impact": "The contents of password-protected PDFs exported from iWork may be exposed", "links": [ "https://support.apple.com/en-us/HT207595" ], "module": "Export", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.4" ], "credit": "Max Bazaliy of Lookout", "description": "A memory corruption issue was addressed through improved memory handling.", "id": "CVE-2017-2392", "impact": "An application may be able to execute arbitrary code", "links": [ "https://support.apple.com/en-us/HT207600" ], "module": "WebKit", "rsr": "", "update": "March 30, 2017" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Erling Ellingsen", "description": "Multiple validation issues were addressed through improved input sanitization.", "id": "CVE-2017-2393", "impact": "Enabling the Safari Reader feature on a maliciously crafted webpage may lead to universal cross site scripting", "links": [ "https://support.apple.com/en-us/HT207617" ], "module": "Safari Reader", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.4", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Apple", "description": "Multiple memory corruption issues were addressed through improved input validation.", "id": "CVE-2017-2394", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207600", "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207617" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.4", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Apple", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2017-2395", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207600", "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207617" ], "module": "WebKit", "rsr": "", "update": "June 20, 2017" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.4", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Apple", "description": "Multiple memory corruption issues were addressed through improved input validation.", "id": "CVE-2017-2396", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207600", "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207617" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Suprovici Vadim of UniApps team, an anonymous researcher", "description": "A prompt management issue was addressed by removing iCloud authentication prompts from the lock screen.", "id": "CVE-2017-2397", "impact": "A user may be able to view an Apple ID from the lock screen", "links": [ "https://support.apple.com/en-us/HT207617" ], "module": "Accounts", "rsr": "", "update": "" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.3" ], "credit": "Lufeng Li of Qihoo 360 Vulcan Team", "description": "A memory corruption issue was addressed through improved input validation.", "id": "CVE-2017-2398", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207615", "https://support.apple.com/en-us/HT207617" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "", "description": "The pasteboard was encrypted with a key protected only by the hardware UID. This issue was addressed by encrypting the pasteboard with a key protected by the hardware UID and the user's passcode.", "id": "CVE-2017-2399", "impact": "A person with physical access to an iOS device may read the pasteboard", "links": [ "https://support.apple.com/en-us/HT207617" ], "module": "Pasteboard", "rsr": "", "update": "" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Abhinav Bansal of Zscaler, Inc.", "description": "An issue existed in clearing Safari cache information from SafariViewController. This issue was addressed by improving cache state handling.", "id": "CVE-2017-2400", "impact": "Cache state is not properly kept in sync between Safari and SafariViewController when a user clears Safari cache", "links": [ "https://support.apple.com/en-us/HT207617" ], "module": "SafariViewController", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.3" ], "credit": "Lufeng Li of Qihoo 360 Vulcan Team", "description": "A memory corruption issue was addressed through improved input validation.", "id": "CVE-2017-2401", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207602", "https://support.apple.com/en-us/HT207615", "https://support.apple.com/en-us/HT207617" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "an anonymous researcher", "description": "An issue existed in profile uninstallation. This issue was addressed through improved cleanup.", "id": "CVE-2017-2402", "impact": "Removing a configuration profile with multiple payloads may not remove Active Directory certificate trust", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "MCX Client", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "beist of GrayHash", "description": "An uncontrolled format string issue was addressed through improved input validation.", "id": "CVE-2017-2403", "impact": "Clicking a malicious IPP(S) link may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "Printing", "rsr": "", "update": "" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Tuan Anh Ngo (Melbourne, Australia), Christoph Nehring", "description": "An issue existed when checking the tel URL before initiating calls. This issue was addressed with the addition of a confirmation prompt.", "id": "CVE-2017-2404", "impact": "Tapping a tel link in a PDF document could trigger a call without prompting the user", "links": [ "https://support.apple.com/en-us/HT207617" ], "module": "Quick Look", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.4", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Apple", "description": "A memory corruption issue was addressed through improved input validation.", "id": "CVE-2017-2405", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207600", "https://support.apple.com/en-us/HT207617" ], "module": "WebKit Web Inspector", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.3" ], "credit": "riusksk (\u6cc9\u54e5) of Tencent Security Platform Department", "description": "Multiple memory corruption issues were addressed through improved input validation.", "id": "CVE-2017-2406", "impact": "Processing a maliciously crafted font file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207602", "https://support.apple.com/en-us/HT207615", "https://support.apple.com/en-us/HT207617" ], "module": "FontParser", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.3" ], "credit": "riusksk (\u6cc9\u54e5) of Tencent Security Platform Department", "description": "Multiple memory corruption issues were addressed through improved input validation.", "id": "CVE-2017-2407", "impact": "Parsing a maliciously crafted font file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207602", "https://support.apple.com/en-us/HT207615", "https://support.apple.com/en-us/HT207617" ], "module": "FontParser", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "Yangkang (@dnpushme) of Qihoo360 Qex Team", "description": "A memory corruption issue was addressed through improved memory handling.", "id": "CVE-2017-2408", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "IOATAFamily", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "Sergey Bylokhov", "description": "An out-of-bounds read was addressed through improved input validation.", "id": "CVE-2017-2409", "impact": "An application may be able to disclose process memory", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "Menus", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "Apple", "description": "An input validation issue existed in the kernel. This issue was addressed through improved input validation.", "id": "CVE-2017-2410", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Richard Shupak (linkedin.com/in/rshupak), Seth Vargo (@sethvargo) of Google, and an anonymous researcher", "description": "Exchange rates were retrieved from HTTP rather than HTTPS. This was addressed by enabling HTTPS for exchange rates.", "id": "CVE-2017-2411", "impact": "An attacker with a privileged network position may be able to alter currency conversion rates", "links": [ "https://support.apple.com/en-us/HT208334" ], "module": "Calculator", "rsr": "", "update": "May 2, 2018, updated June 14, 2018" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Richard Shupak (linkedin.com/in/rshupak)", "description": "Requests to iTunes sandbox web services were sent in cleartext. This was addressed by enabling HTTPS.", "id": "CVE-2017-2412", "impact": "An attacker in a privileged network position may be able to tamper with iTunes network traffic", "links": [ "https://support.apple.com/en-us/HT207617" ], "module": "iTunes Store", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "Simon Huang(@HuangShaomang) and pjf of IceSword Lab of Qihoo 360", "description": "A memory corruption issue existed in QuickTime. This issue was addressed through improved memory handling.", "id": "CVE-2017-2413", "impact": "Viewing a maliciously crafted media file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "QuickTime", "rsr": "", "update": "" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Ilya Nesterov and Maxim Goncharov", "description": "An input validation issue existed in the handling of Exchange email addresses. This issue was addressed through improved input validation.", "id": "CVE-2017-2414", "impact": "Configuring an Exchange account with a mistyped email address may resolve to an unexpected server", "links": [ "https://support.apple.com/en-us/HT207617" ], "module": "DataAccess", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.4", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Kai Kang of Tencent's Xuanwu Lab (tentcent.com)", "description": "A type confusion issue was addressed through improved memory handling.", "id": "CVE-2017-2415", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207600", "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207602", "https://support.apple.com/en-us/HT207617" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.3" ], "credit": "Qidan He (\u4f55\u6dc7\u4e39, @flanker_hqd) of KeenLab, Tencent", "description": "A memory corruption issue was addressed through improved input validation.", "id": "CVE-2017-2416", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207602", "https://support.apple.com/en-us/HT207615", "https://support.apple.com/en-us/HT207617" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.3" ], "credit": "riusksk (\u6cc9\u54e5) of Tencent Security Platform Department", "description": "An infinite recursion was addressed through improved state management.", "id": "CVE-2017-2417", "impact": "Processing a maliciously crafted image may lead to a denial of service", "links": [ "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207602", "https://support.apple.com/en-us/HT207615", "https://support.apple.com/en-us/HT207617" ], "module": "CoreGraphics", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "Alex Fishman and Izik Eidus of Veertu Inc.", "description": "An information leakage issue was addressed through improved state management.", "id": "CVE-2017-2418", "impact": "Applications using the Hypervisor framework may unexpectedly leak the CR8 control register between guest and host", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "Hypervisor", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.4", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Nicolai Gr\u00f8dum of Cisco Systems", "description": "An access issue existed in Content Security Policy. This issue was addressed through improved access restrictions.", "id": "CVE-2017-2419", "impact": "Processing maliciously crafted web content may lead to unexpectedly unenforced Content Security Policy", "links": [ "https://support.apple.com/en-us/HT207600", "https://support.apple.com/en-us/HT207617" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "Pekka Oikarainen, Matias Karhumaa and Marko Laakso of Synopsys Software Integrity Group", "description": "A memory corruption issue was addressed through improved memory handling.", "id": "CVE-2017-2420", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "@cocoahuke", "description": "A race condition was addressed through improved memory handling.", "id": "CVE-2017-2421", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "AppleGraphicsPowerManagement", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "@cocoahuke", "description": "A memory corruption issue was addressed through improved memory handling.", "id": "CVE-2017-2422", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "Multi-Touch", "rsr": "", "update": "" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.3" ], "credit": "an anonymous researcher", "description": "An validation issue existed with cryptographic API calls. This issue was addressed through improved parameter validation.", "id": "CVE-2017-2423", "impact": "Validating empty signatures with SecKeyRawVerify() may unexpectedly succeed", "links": [ "https://support.apple.com/en-us/HT207615", "https://support.apple.com/en-us/HT207617" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.4", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Paul Thomson (using the GLFuzz tool) of the Multicore Programming Group, Imperial College London", "description": "An information disclosure issue existed in the processing of OpenGL shaders. This issue was addressed through improved memory management.", "id": "CVE-2017-2424", "impact": "Processing maliciously crafted web content may result in the disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT207600", "https://support.apple.com/en-us/HT207617" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "kimyok of Tencent Security Platform Department", "description": "A double free issue was addressed through improved memory management.", "id": "CVE-2017-2425", "impact": "Processing a maliciously crafted certificate may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "SecurityFoundation", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "Craig Arendt of Stratum Security, Jun Kokatsu (@shhnjk)", "description": "An information leak existed in the handling of file URLs. This issue was addressed through improved URL handling.", "id": "CVE-2017-2426", "impact": "Parsing a maliciously crafted iBooks file may lead to local file disclosure", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "iBooks", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "Axis and sss of Qihoo 360 Nirvan Team", "description": "A memory corruption issue was addressed through improved memory handling.", "id": "CVE-2017-2427", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.3" ], "credit": "", "description": "Multiple issues existed in nghttp2 before 1.17.0. These were addressed by updating nghttp2 to version 1.17.0.", "id": "CVE-2017-2428", "impact": "A malicious HTTP/2 server may be able to cause undefined behavior", "links": [ "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207602", "https://support.apple.com/en-us/HT207615", "https://support.apple.com/en-us/HT207617" ], "module": "HTTPProtocol", "rsr": "", "update": "March 28, 2017" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "Raymond Wong DO of Arnot Ogden Medical Center", "description": "A permission issue existed in the handling of the Send Link feature of iCloud Sharing. This issue was addressed through improved permission controls.", "id": "CVE-2017-2429", "impact": "Permissions may unexpectedly reset when sending links", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "FinderKit", "rsr": "", "update": "August 23, 2017" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.3" ], "credit": "an anonymous researcher working with Trend Micro\u2019s Zero Day Initiative", "description": "A memory corruption issue was addressed through improved input validation.", "id": "CVE-2017-2430", "impact": "Processing a maliciously crafted audio file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207602", "https://support.apple.com/en-us/HT207615", "https://support.apple.com/en-us/HT207617" ], "module": "Audio", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "kimyok of Tencent Security Platform Department", "description": "A memory corruption issue existed in the handling of .mov files. This issue was addressed through improved memory management.", "id": "CVE-2017-2431", "impact": "Processing a maliciously crafted .mov file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "CoreMedia", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.3, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5" ], "credit": "an anonymous researcher working with Trend Micro's Zero Day Initiative", "description": "A memory corruption issue was addressed through improved input validation.", "id": "CVE-2017-2432", "impact": "Viewing a maliciously crafted JPEG file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207602", "https://support.apple.com/en-us/HT207615", "https://support.apple.com/en-us/HT207617" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.4", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Apple", "description": "A memory corruption issue was addressed through improved input validation.", "id": "CVE-2017-2433", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207600", "https://support.apple.com/en-us/HT207617" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Suyash Narain of India", "description": "A state issue existed in the handling of Home Control. This issue was addressed through improved validation.", "id": "CVE-2017-2434", "impact": "Home Control may unexpectedly appear on Control Center", "links": [ "https://support.apple.com/en-us/HT207617" ], "module": "HomeKit", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.3" ], "credit": "John Villamil, Doyensec", "description": "A memory corruption issue was addressed through improved input validation.", "id": "CVE-2017-2435", "impact": "Processing a maliciously crafted font file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207602", "https://support.apple.com/en-us/HT207615", "https://support.apple.com/en-us/HT207617" ], "module": "CoreText", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "Orr A, IBM Security", "description": "A memory corruption issue was addressed through improved input validation.", "id": "CVE-2017-2436", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "IOFireWireAVC", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "Benjamin Gnahm (@mitp0sh) of Blue Frost Security", "description": "A memory corruption issue was addressed through improved input validation.", "id": "CVE-2017-2437", "impact": "A local attacker may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "IOFireWireAVC", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "sss and Axis of 360Nirvanteam", "description": "A use after free issue was addressed through improved memory management.", "id": "CVE-2017-2438", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "AppleRAID", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.3" ], "credit": "John Villamil, Doyensec", "description": "An out-of-bounds read was addressed through improved input validation.", "id": "CVE-2017-2439", "impact": "Processing a maliciously crafted font may result in the disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207602", "https://support.apple.com/en-us/HT207615", "https://support.apple.com/en-us/HT207617" ], "module": "FontParser", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.3" ], "credit": "an anonymous researcher", "description": "An integer overflow was addressed through improved input validation.", "id": "CVE-2017-2440", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207602", "https://support.apple.com/en-us/HT207615", "https://support.apple.com/en-us/HT207617" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.3" ], "credit": "", "description": "A use after free issue was addressed through improved memory management.", "id": "CVE-2017-2441", "impact": "Demangling a malicious C++ application may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207602", "https://support.apple.com/en-us/HT207615", "https://support.apple.com/en-us/HT207617" ], "module": "libc++abi", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.4", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "lokihardt of Google Project Zero", "description": "Multiple validation issues existed in the handling of page loading. This issue was addressed through improved logic.", "id": "CVE-2017-2442", "impact": "Processing maliciously crafted web content may exfiltrate data cross-origin", "links": [ "https://support.apple.com/en-us/HT207600", "https://support.apple.com/en-us/HT207617" ], "module": "WebKit JavaScript Bindings", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "Ian Beer of Google Project Zero", "description": "A memory corruption issue was addressed through improved input validation.", "id": "CVE-2017-2443", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.4", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Mei Wang of 360 GearTeam", "description": "Multiple memory corruption issues were addressed through improved input validation.", "id": "CVE-2017-2444", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207600", "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207602", "https://support.apple.com/en-us/HT207617" ], "module": "CoreGraphics", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.4", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "lokihardt of Google Project Zero", "description": "A logic issue existed in the handling of frame objects. This issue was addressed with improved state management.", "id": "CVE-2017-2445", "impact": "Processing maliciously crafted web content may lead to universal cross site scripting", "links": [ "https://support.apple.com/en-us/HT207600", "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207617" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.4", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "natashenka of Google Project Zero", "description": "A logic issue existed in the handling of strict mode functions. This issue was addressed with improved state management.", "id": "CVE-2017-2446", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207600", "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207617" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.4", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "natashenka of Google Project Zero", "description": "A memory corruption issue was addressed through improved memory handling.", "id": "CVE-2017-2447", "impact": "Visiting a maliciously crafted website may compromise user information", "links": [ "https://support.apple.com/en-us/HT207600", "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207617" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.3" ], "credit": "Alex Radocea of Longterm Security, Inc.", "description": "In certain circumstances, iCloud Keychain failed to validate the authenticity of OTR packets. This issue was addressed through improved validation.", "id": "CVE-2017-2448", "impact": "An attacker who is able to intercept TLS connections may be able to read secrets protected by iCloud Keychain.", "links": [ "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207615", "https://support.apple.com/en-us/HT207617" ], "module": "Keychain", "rsr": "", "update": "March 30, 2017" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "sss and Axis from 360NirvanTeam", "description": "A use after free issue was addressed through improved memory management.", "id": "CVE-2017-2449", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.3" ], "credit": "John Villamil, Doyensec", "description": "An out-of-bounds read was addressed through improved input validation.", "id": "CVE-2017-2450", "impact": "Processing a maliciously crafted font may result in the disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207602", "https://support.apple.com/en-us/HT207615", "https://support.apple.com/en-us/HT207617" ], "module": "CoreText", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.3" ], "credit": "Alex Radocea of Longterm Security, Inc.", "description": "A buffer overflow was addressed through improved bounds checking.", "id": "CVE-2017-2451", "impact": "An application may be able to execute arbitrary code with root privileges", "links": [ "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207602", "https://support.apple.com/en-us/HT207615", "https://support.apple.com/en-us/HT207617" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Hunter Byrnes", "description": "An insufficient locking issue was addressed with improved state management.", "id": "CVE-2017-2452", "impact": "Siri might reveal text message contents while the device is locked", "links": [ "https://support.apple.com/en-us/HT207617" ], "module": "Siri", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.4", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "xisigr of Tencent's Xuanwu Lab (tencent.com)", "description": "A spoofing issue existed in the handling of FaceTime prompts. This issue was addressed through improved input validation.", "id": "CVE-2017-2453", "impact": "Visiting a malicious website by clicking a link may lead to user interface spoofing", "links": [ "https://support.apple.com/en-us/HT207600", "https://support.apple.com/en-us/HT207617" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.4", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Ivan Fratric of Google Project Zero, Zheng Huang of the Baidu Security Lab working with Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2017-2454", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207600", "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207617" ], "module": "WebKit", "rsr": "", "update": "June 20, 2017" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.4", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Ivan Fratric of Google Project Zero", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2017-2455", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207600", "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207617" ], "module": "WebKit", "rsr": "", "update": "June 20, 2017" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.3" ], "credit": "lokihardt of Google Project Zero", "description": "A race condition was addressed through improved memory handling.", "id": "CVE-2017-2456", "impact": "A malicious application may be able to execute arbitrary code with root privileges", "links": [ "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207602", "https://support.apple.com/en-us/HT207615", "https://support.apple.com/en-us/HT207617" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.4", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "lokihardt of Google Project Zero", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2017-2457", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207600", "https://support.apple.com/en-us/HT207617" ], "module": "WebKit", "rsr": "", "update": "June 20, 2017" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.3" ], "credit": "Shashank (@cyberboyIndia)", "description": "A buffer overflow was addressed through improved bounds checking.", "id": "CVE-2017-2458", "impact": "An application may be able to execute arbitrary code", "links": [ "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207602", "https://support.apple.com/en-us/HT207615", "https://support.apple.com/en-us/HT207617" ], "module": "Keyboards", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.4", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Ivan Fratric of Google Project Zero", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2017-2459", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207600", "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207617" ], "module": "WebKit", "rsr": "", "update": "June 20, 2017" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.4", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Ivan Fratric of Google Project Zero", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2017-2460", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207600", "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207617" ], "module": "WebKit", "rsr": "", "update": "June 20, 2017" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.3" ], "credit": "an anonymous researcher, Isaac Archambault of IDAoADI", "description": "A resource exhaustion issue was addressed through improved input validation.", "id": "CVE-2017-2461", "impact": "Processing a maliciously crafted text message may lead to application denial of service", "links": [ "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207602", "https://support.apple.com/en-us/HT207615", "https://support.apple.com/en-us/HT207617" ], "module": "CoreText", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.3" ], "credit": "an anonymous researcher working with Trend Micro\u2019s Zero Day Initiative", "description": "A memory corruption issue was addressed through improved input validation.", "id": "CVE-2017-2462", "impact": "Processing a maliciously crafted audio file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207602", "https://support.apple.com/en-us/HT207615", "https://support.apple.com/en-us/HT207617" ], "module": "Audio", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.4", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Kai Kang (4B5F5F4B) of Tencent's Xuanwu Lab (tencent.com) working with Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2017-2463", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207599", "https://support.apple.com/en-us/HT207600", "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207607", "https://support.apple.com/en-us/HT207617" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.4", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "natashenka of Google Project Zero, Jeonghoon Shin", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2017-2464", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207600", "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207617" ], "module": "WebKit", "rsr": "", "update": "June 20, 2017" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.4", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Zheng Huang and Wei Yuan of Baidu Security Lab", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2017-2465", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207600", "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207617" ], "module": "WebKit", "rsr": "", "update": "June 20, 2017" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.4", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Ivan Fratric of Google Project Zero", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2017-2466", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207600", "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207617" ], "module": "WebKit", "rsr": "", "update": "June 20, 2017" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.3" ], "credit": "", "description": "A memory corruption issue was addressed through improved input validation.", "id": "CVE-2017-2467", "impact": "Processing a maliciously crafted file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207602", "https://support.apple.com/en-us/HT207615", "https://support.apple.com/en-us/HT207617" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.4", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "lokihardt of Google Project Zero", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2017-2468", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207600", "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207617" ], "module": "WebKit", "rsr": "", "update": "June 20, 2017" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.4", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "lokihardt of Google Project Zero", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2017-2469", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207600", "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207617" ], "module": "WebKit", "rsr": "", "update": "June 20, 2017" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.4", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "lokihardt of Google Project Zero", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2017-2470", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207600", "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207617" ], "module": "WebKit", "rsr": "", "update": "June 20, 2017" }, { "available": [ "All Apple Watch models", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.4", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Ivan Fratric of Google Project Zero", "description": "A use after free issue was addressed through improved memory management.", "id": "CVE-2017-2471", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207600", "https://support.apple.com/en-us/HT207602", "https://support.apple.com/en-us/HT207617" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.3" ], "credit": "Ian Beer of Google Project Zero", "description": "A use after free issue was addressed through improved memory management.", "id": "CVE-2017-2472", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207602", "https://support.apple.com/en-us/HT207615", "https://support.apple.com/en-us/HT207617" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.3" ], "credit": "Ian Beer of Google Project Zero", "description": "A memory corruption issue was addressed through improved input validation.", "id": "CVE-2017-2473", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207602", "https://support.apple.com/en-us/HT207615", "https://support.apple.com/en-us/HT207617" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.3" ], "credit": "Ian Beer of Google Project Zero", "description": "An off-by-one issue was addressed through improved bounds checking.", "id": "CVE-2017-2474", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207602", "https://support.apple.com/en-us/HT207615", "https://support.apple.com/en-us/HT207617" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.4", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "lokihardt of Google Project Zero", "description": "A logic issue existed in frame handling. This issue was addressed through improved state management.", "id": "CVE-2017-2475", "impact": "Processing maliciously crafted web content may lead to universal cross site scripting", "links": [ "https://support.apple.com/en-us/HT207600", "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207617" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.4", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Ivan Fratric of Google Project Zero", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2017-2476", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207600", "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207617" ], "module": "WebKit", "rsr": "", "update": "June 20, 2017" }, { "available": [ "OS X El Capitan v10.11.6" ], "credit": "", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2017-2477", "impact": "Multiple vulnerabilities in libxslt", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "libxslt", "rsr": "", "update": "March 30, 2017" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.3" ], "credit": "Ian Beer of Google Project Zero", "description": "A race condition was addressed through improved locking.", "id": "CVE-2017-2478", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207602", "https://support.apple.com/en-us/HT207615", "https://support.apple.com/en-us/HT207617" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.4", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "lokihardt of Google Project Zero", "description": "A validation issue existed in element handling. This issue was addressed through improved validation.", "id": "CVE-2017-2479", "impact": "Processing maliciously crafted web content may exfiltrate data cross-origin", "links": [ "https://support.apple.com/en-us/HT207599", "https://support.apple.com/en-us/HT207600", "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207607", "https://support.apple.com/en-us/HT207617" ], "module": "WebKit", "rsr": "", "update": "April 24, 2017" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.4", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "lokihardt of Google Project Zero", "description": "A validation issue existed in element handling. This issue was addressed through improved validation.", "id": "CVE-2017-2480", "impact": "Processing maliciously crafted web content may exfiltrate data cross-origin", "links": [ "https://support.apple.com/en-us/HT207599", "https://support.apple.com/en-us/HT207600", "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207607", "https://support.apple.com/en-us/HT207617" ], "module": "WebKit", "rsr": "", "update": "April 24, 2017" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.4", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "0011 working with Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2017-2481", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207600", "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207617" ], "module": "WebKit", "rsr": "", "update": "June 20, 2017" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.3" ], "credit": "Ian Beer of Google Project Zero", "description": "A buffer overflow issue was addressed through improved memory handling.", "id": "CVE-2017-2482", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207602", "https://support.apple.com/en-us/HT207615", "https://support.apple.com/en-us/HT207617" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.3" ], "credit": "Ian Beer of Google Project Zero", "description": "A buffer overflow issue was addressed through improved memory handling.", "id": "CVE-2017-2483", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207602", "https://support.apple.com/en-us/HT207615", "https://support.apple.com/en-us/HT207617" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "", "description": "An issue existed in iOS allowing for calls without prompting. This issue was addressed by prompting a user to confirm call initiation.", "id": "CVE-2017-2484", "impact": "A third party app can initiate a phone call without user interaction", "links": [ "https://support.apple.com/en-us/HT207617" ], "module": "Phone", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.3" ], "credit": "Aleksandar Nikolic of Cisco Talos", "description": "A memory corruption issue existed in the parsing of certificates. This issue was addressed through improved input validation.", "id": "CVE-2017-2485", "impact": "Processing a maliciously crafted x509 certificate may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207602", "https://support.apple.com/en-us/HT207615", "https://support.apple.com/en-us/HT207617" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.4", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "redrain of light4freedom", "description": "An inconsistent user interface issue was addressed through improved state management.", "id": "CVE-2017-2486", "impact": "Visiting a malicious website may lead to address bar spoofing", "links": [ "https://support.apple.com/en-us/HT207600", "https://support.apple.com/en-us/HT207617" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.3" ], "credit": "riusksk (\u6cc9\u54e5) of Tencent Security Platform Department", "description": "Multiple memory corruption issues were addressed through improved input validation.", "id": "CVE-2017-2487", "impact": "Processing a maliciously crafted font file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207602", "https://support.apple.com/en-us/HT207615", "https://support.apple.com/en-us/HT207617" ], "module": "FontParser", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite v10.10.5 and later" ], "credit": "", "description": "A cryptographic weakness existed in the authentication protocol of Remote Desktop. This issue was addressed by implementing the Secure Remote Password authentication protocol.", "id": "CVE-2017-2488", "impact": "An attacker may be able to capture cleartext passwords", "links": [ "https://support.apple.com/en-us/HT207622" ], "module": "Authentication", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "Ian Beer of Google Project Zero", "description": "A validation issue was addressed through improved input sanitization.", "id": "CVE-2017-2489", "impact": "An application may be able to disclose kernel memory", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "Intel Graphics Driver", "rsr": "", "update": "March 31, 2017" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.3" ], "credit": "Ian Beer of Google Project Zero, The UK's National Cyber Security Centre (NCSC)", "description": "A memory corruption issue was addressed through improved memory handling.", "id": "CVE-2017-2490", "impact": "An application may be able to execute arbitrary code with elevated privileges", "links": [ "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207602", "https://support.apple.com/en-us/HT207615", "https://support.apple.com/en-us/HT207617" ], "module": "Kernel", "rsr": "", "update": "March 31, 2017" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.4", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Apple", "description": "A use after free issue was addressed through improved memory management.", "id": "CVE-2017-2491", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207600", "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207617" ], "module": "JavaScriptCore", "rsr": "", "update": "May 2, 2017" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.4", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "lokihardt of Google Project Zero", "description": "A prototype issue was addressed through improved logic.", "id": "CVE-2017-2492", "impact": "Processing a maliciously crafted web page may lead to universal cross site scripting", "links": [ "https://support.apple.com/en-us/HT207600", "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207617" ], "module": "JavaScriptCore", "rsr": "", "update": "April 24, 2017" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.4", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "lokihardt of Google Project Zero", "description": "A validation issue existed in element handling. This issue was addressed through improved validation.", "id": "CVE-2017-2493", "impact": "Processing maliciously crafted web content may exfiltrate data cross-origin", "links": [ "https://support.apple.com/en-us/HT207599", "https://support.apple.com/en-us/HT207600", "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207607", "https://support.apple.com/en-us/HT207617" ], "module": "WebKit", "rsr": "", "update": "April 24, 2017" }, { "available": [ "macOS Sierra 10.12.4" ], "credit": "Jann Horn of Google Project Zero", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-2494", "impact": "An application may be able to gain kernel privileges", "links": [ "https://support.apple.com/en-us/HT207797" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.5", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "Tubasa Iinuma (@llamakko_cafe) of Gehirn Inc.", "description": "An issue in Safari's history menu was addressed through improved memory handling.", "id": "CVE-2017-2495", "impact": "Visiting a maliciously crafted webpage may lead to an application denial of service", "links": [ "https://support.apple.com/en-us/HT207798", "https://support.apple.com/en-us/HT207804" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.5", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "Apple", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-2496", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207798", "https://support.apple.com/en-us/HT207804" ], "module": "WebKit", "rsr": "", "update": "June 20, 2017" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation", "macOS Sierra 10.12.4" ], "credit": "Jun Kokatsu (@shhnjk)", "description": "A URL handling issue was addressed through improved state management.", "id": "CVE-2017-2497", "impact": "A maliciously crafted book may open arbitrary websites without user permission", "links": [ "https://support.apple.com/en-us/HT207797", "https://support.apple.com/en-us/HT207798" ], "module": "iBooks", "rsr": "", "update": "" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "Andrew Jerman", "description": "A certificate validation issue existed in the handling of untrusted certificates. This issue was addressed through improved user handling of trust acceptance.", "id": "CVE-2017-2498", "impact": "Update to the certificate trust policy", "links": [ "https://support.apple.com/en-us/HT207798" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.5", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "George Dan (@theninjaprawn)", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-2499", "impact": "An application may be able to execute unsigned code", "links": [ "https://support.apple.com/en-us/HT207798", "https://support.apple.com/en-us/HT207801", "https://support.apple.com/en-us/HT207804" ], "module": "WebKit Web Inspector", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.5" ], "credit": "Zhiyang Zeng and Yuyang Zhou of Tencent Security Platform Department", "description": "An inconsistent user interface issue was addressed with improved state management.", "id": "CVE-2017-2500", "impact": "Visiting a malicious website may lead to address bar spoofing", "links": [ "https://support.apple.com/en-us/HT207804" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation", "macOS Sierra 10.12.4" ], "credit": "Ian Beer of Google Project Zero", "description": "A race condition was addressed through improved locking.", "id": "CVE-2017-2501", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207797", "https://support.apple.com/en-us/HT207798", "https://support.apple.com/en-us/HT207800", "https://support.apple.com/en-us/HT207801" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation", "macOS Sierra 10.12.4" ], "credit": "Yangkang (@dnpushme) of Qihoo360 Qex Team", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2017-2502", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT207797", "https://support.apple.com/en-us/HT207798", "https://support.apple.com/en-us/HT207800", "https://support.apple.com/en-us/HT207801" ], "module": "CoreAudio", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.4" ], "credit": "sss and Axis of 360Nirvan team", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-2503", "impact": "An application may be able to gain kernel privileges", "links": [ "https://support.apple.com/en-us/HT207797" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.5", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "lokihardt of Google Project Zero", "description": "A logic issue existed in the handling of WebKit Editor commands. This issue was addressed with improved state management.", "id": "CVE-2017-2504", "impact": "Processing maliciously crafted web content may lead to universal cross site scripting", "links": [ "https://support.apple.com/en-us/HT207798", "https://support.apple.com/en-us/HT207801", "https://support.apple.com/en-us/HT207804" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.5", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "lokihardt of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-2505", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207798", "https://support.apple.com/en-us/HT207801", "https://support.apple.com/en-us/HT207804" ], "module": "WebKit", "rsr": "", "update": "June 20, 2017" }, { "available": [ "OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.5", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "Zheng Huang of the Baidu Security Lab working with Trend Micro\u2019s Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-2506", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207798", "https://support.apple.com/en-us/HT207804" ], "module": "WebKit", "rsr": "", "update": "June 20, 2017" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation", "macOS Sierra 10.12.4" ], "credit": "Ian Beer of Google Project Zero", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2017-2507", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT207797", "https://support.apple.com/en-us/HT207798", "https://support.apple.com/en-us/HT207800", "https://support.apple.com/en-us/HT207801" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.5", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "lokihardt of Google Project Zero", "description": "A logic issue existed in the handling of WebKit container nodes. This issue was addressed with improved state management.", "id": "CVE-2017-2508", "impact": "Processing maliciously crafted web content may lead to universal cross site scripting", "links": [ "https://support.apple.com/en-us/HT207798", "https://support.apple.com/en-us/HT207804" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.4" ], "credit": "Jann Horn of Google Project Zero", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2017-2509", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT207797" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.5", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "lokihardt of Google Project Zero", "description": "A logic issue existed in the handling of pageshow events. This issue was addressed with improved state management.", "id": "CVE-2017-2510", "impact": "Processing maliciously crafted web content may lead to universal cross site scripting", "links": [ "https://support.apple.com/en-us/HT207798", "https://support.apple.com/en-us/HT207804" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.5" ], "credit": "Zhiyang Zeng of Tencent Security Platform Department", "description": "An inconsistent user interface issue was addressed with improved state management.", "id": "CVE-2017-2511", "impact": "Visiting a malicious website may lead to address bar spoofing", "links": [ "https://support.apple.com/en-us/HT207804" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.4, OS X El Capitan 10.11.6, and OS X Yosemite 10.10.5" ], "credit": "Federico Bento of Faculty of Sciences, University of Porto", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-2512", "impact": "An application may be able to escape its sandbox", "links": [ "https://support.apple.com/en-us/HT207797" ], "module": "Sandbox", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation", "macOS Sierra 10.12.4" ], "credit": "found by OSS-Fuzz", "description": "A use after free issue was addressed through improved memory management.", "id": "CVE-2017-2513", "impact": "A maliciously crafted SQL query may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207797", "https://support.apple.com/en-us/HT207798", "https://support.apple.com/en-us/HT207800", "https://support.apple.com/en-us/HT207801" ], "module": "SQLite", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.5", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "lokihardt of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-2514", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207798", "https://support.apple.com/en-us/HT207804" ], "module": "WebKit", "rsr": "", "update": "June 20, 2017" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.5", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "lokihardt of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-2515", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207798", "https://support.apple.com/en-us/HT207801", "https://support.apple.com/en-us/HT207804" ], "module": "WebKit", "rsr": "", "update": "June 20, 2017" }, { "available": [ "macOS Sierra 10.12.4, OS X El Capitan 10.11.6, and OS X Yosemite 10.10.5" ], "credit": "Jann Horn of Google Project Zero", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2017-2516", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT207797" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "xisigr of Tencent's Xuanwu Lab (tencent.com)", "description": "An inconsistent user interface issue was addressed with improved state management.", "id": "CVE-2017-2517", "impact": "Visiting a malicious website may lead to address bar spoofing", "links": [ "https://support.apple.com/en-us/HT207923" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation", "macOS Sierra 10.12.4" ], "credit": "found by OSS-Fuzz", "description": "A buffer overflow issue was addressed through improved memory handling.", "id": "CVE-2017-2518", "impact": "A maliciously crafted SQL query may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207797", "https://support.apple.com/en-us/HT207798", "https://support.apple.com/en-us/HT207800", "https://support.apple.com/en-us/HT207801" ], "module": "SQLite", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation", "macOS Sierra 10.12.4" ], "credit": "found by OSS-Fuzz", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-2519", "impact": "A maliciously crafted SQL query may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207797", "https://support.apple.com/en-us/HT207798", "https://support.apple.com/en-us/HT207800", "https://support.apple.com/en-us/HT207801" ], "module": "SQLite", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation", "macOS Sierra 10.12.4" ], "credit": "found by OSS-Fuzz", "description": "A buffer overflow issue was addressed through improved memory handling.", "id": "CVE-2017-2520", "impact": "A maliciously crafted SQL query may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207797", "https://support.apple.com/en-us/HT207798", "https://support.apple.com/en-us/HT207800", "https://support.apple.com/en-us/HT207801" ], "module": "SQLite", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.5", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "lokihardt of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-2521", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207798", "https://support.apple.com/en-us/HT207800", "https://support.apple.com/en-us/HT207801", "https://support.apple.com/en-us/HT207804" ], "module": "WebKit", "rsr": "", "update": "June 20, 2017" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation", "macOS Sierra 10.12.4, OS X El Capitan 10.11.6, and OS X Yosemite 10.10.5" ], "credit": "Ian Beer of Google Project Zero", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-2522", "impact": "Parsing maliciously crafted data may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207797", "https://support.apple.com/en-us/HT207798", "https://support.apple.com/en-us/HT207800", "https://support.apple.com/en-us/HT207801" ], "module": "CoreFoundation", "rsr": "", "update": "May 19, 2017" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation", "macOS Sierra 10.12.4, OS X El Capitan 10.11.6, and OS X Yosemite 10.10.5" ], "credit": "Ian Beer of Google Project Zero", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-2523", "impact": "Parsing maliciously crafted data may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207797", "https://support.apple.com/en-us/HT207798", "https://support.apple.com/en-us/HT207800", "https://support.apple.com/en-us/HT207801" ], "module": "Foundation", "rsr": "", "update": "May 19, 2017" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation", "macOS Sierra 10.12.4, OS X El Capitan 10.11.6, and OS X Yosemite 10.10.5" ], "credit": "Ian Beer of Google Project Zero", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-2524", "impact": "Parsing maliciously crafted data may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207797", "https://support.apple.com/en-us/HT207798", "https://support.apple.com/en-us/HT207800", "https://support.apple.com/en-us/HT207801" ], "module": "TextInput", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.5", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "Kai Kang (4B5F5F4B) of Tencent\u2019s Xuanwu Lab (tencent.com) working with Trend Micro\u2019s Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-2525", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207798", "https://support.apple.com/en-us/HT207801", "https://support.apple.com/en-us/HT207804" ], "module": "WebKit", "rsr": "", "update": "June 20, 2017" }, { "available": [ "OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.5", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "Kai Kang (4B5F5F4B) of Tencent\u2019s Xuanwu Lab (tencent.com) working with Trend Micro\u2019s Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-2526", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207798", "https://support.apple.com/en-us/HT207804" ], "module": "WebKit", "rsr": "", "update": "June 20, 2017" }, { "available": [ "macOS Sierra 10.12.4, OS X El Capitan 10.11.6, and OS X Yosemite 10.10.5" ], "credit": "Ian Beer of Google Project Zero", "description": "A memory consumption issue was addressed through improved memory handling.", "id": "CVE-2017-2527", "impact": "Processing maliciously crafted data may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207797" ], "module": "CoreAnimation", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.5", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "lokihardt of Google Project Zero", "description": "A logic issue existed in the handling of WebKit cached frames. This issue was addressed with improved state management.", "id": "CVE-2017-2528", "impact": "Processing maliciously crafted web content may lead to universal cross site scripting", "links": [ "https://support.apple.com/en-us/HT207798", "https://support.apple.com/en-us/HT207804" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.5", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "Wei Yuan of Baidu Security Lab, Zheng Huang of the Baidu Security Lab working with Trend Micro\u2019s Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-2530", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207798", "https://support.apple.com/en-us/HT207801", "https://support.apple.com/en-us/HT207803", "https://support.apple.com/en-us/HT207804" ], "module": "WebKit", "rsr": "", "update": "June 20, 2017" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.5", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "lokihardt of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-2531", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207798", "https://support.apple.com/en-us/HT207801", "https://support.apple.com/en-us/HT207804" ], "module": "WebKit", "rsr": "", "update": "June 20, 2017" }, { "available": [ "macOS Sierra 10.12.4 and OS X El Capitan 10.11.6" ], "credit": "Samuel Gro\u00df and Niklas Baumstark working with Trend Micro's Zero Day Initiative", "description": "A race condition was addressed with additional filesystem restrictions.", "id": "CVE-2017-2533", "impact": "An application may be able to gain system privileges", "links": [ "https://support.apple.com/en-us/HT207797" ], "module": "DiskArbitration", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.4" ], "credit": "Samuel Gro\u00df and Niklas Baumstark working with Trend Micro's Zero Day Initiative", "description": "An access issue was addressed through additional sandbox restrictions.", "id": "CVE-2017-2534", "impact": "An application may be able to escape its sandbox", "links": [ "https://support.apple.com/en-us/HT207797" ], "module": "Speech Framework", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.4, OS X El Capitan 10.11.6, and OS X Yosemite 10.10.5" ], "credit": "Samuel Gro\u00df and Niklas Baumstark working with Trend Micro's Zero Day Initiative", "description": "A resource exhaustion issue was addressed through improved input validation.", "id": "CVE-2017-2535", "impact": "An application may be able to escape its sandbox", "links": [ "https://support.apple.com/en-us/HT207797" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.5", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "Samuel Gro\u00df and Niklas Baumstark working with Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues with addressed through improved memory handling.", "id": "CVE-2017-2536", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207798", "https://support.apple.com/en-us/HT207801", "https://support.apple.com/en-us/HT207804" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.4, OS X El Capitan 10.11.6, and OS X Yosemite 10.10.5" ], "credit": "Chaitin Security Research Lab (@ChaitinTech) working with Trend Micro's Zero Day Initiative", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-2537", "impact": "An application may be able to gain system privileges", "links": [ "https://support.apple.com/en-us/HT207797" ], "module": "WindowServer", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.5", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "Richard Zhu (fluorescence) working with Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-2538", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207798", "https://support.apple.com/en-us/HT207804" ], "module": "WebKit", "rsr": "", "update": "June 20, 2017" }, { "available": [ "OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.5", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "Richard Zhu (fluorescence) working with Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-2539", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207798", "https://support.apple.com/en-us/HT207804" ], "module": "WebKit", "rsr": "", "update": "June 20, 2017" }, { "available": [ "macOS Sierra 10.12.4, OS X El Capitan 10.11.6, and OS X Yosemite 10.10.5" ], "credit": "Richard Zhu (fluorescence) working with Trend Micro's Zero Day Initiative", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2017-2540", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT207797" ], "module": "WindowServer", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.4, OS X El Capitan 10.11.6, and OS X Yosemite 10.10.5" ], "credit": "Richard Zhu (fluorescence) working with Trend Micro's Zero Day Initiative", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-2541", "impact": "An application may be able to gain system privileges", "links": [ "https://support.apple.com/en-us/HT207797" ], "module": "WindowServer", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.4" ], "credit": "360 Security (@mj0011sec) working with Trend Micro's Zero Day Initiative", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-2542", "impact": "An application may be able to gain kernel privileges", "links": [ "https://support.apple.com/en-us/HT207797" ], "module": "Multi-Touch", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.4" ], "credit": "360 Security (@mj0011sec) working with Trend Micro's Zero Day Initiative", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-2543", "impact": "An application may be able to gain kernel privileges", "links": [ "https://support.apple.com/en-us/HT207797" ], "module": "Multi-Touch", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.5", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "360 Security (@mj0011sec) working with Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-2544", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207798", "https://support.apple.com/en-us/HT207804" ], "module": "WebKit", "rsr": "", "update": "June 20, 2017" }, { "available": [ "macOS Sierra 10.12.4" ], "credit": "360 Security (@mj0011sec) working with Trend Micro's Zero Day Initiative", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-2545", "impact": "An application may be able to gain kernel privileges", "links": [ "https://support.apple.com/en-us/HT207797" ], "module": "IOGraphics", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.4, OS X El Capitan 10.11.6, and OS X Yosemite 10.10.5" ], "credit": "Chaitin Security Research Lab (@ChaitinTech) working with Trend Micro's Zero Day Initiative", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-2546", "impact": "An application may be able to gain kernel privileges", "links": [ "https://support.apple.com/en-us/HT207797" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.5", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "lokihardt of Google Project Zero, Team Sniper (Keen Lab and PC Mgr) working with Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-2547", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207798", "https://support.apple.com/en-us/HT207804" ], "module": "WebKit", "rsr": "", "update": "June 20, 2017" }, { "available": [ "macOS Sierra 10.12.4, OS X El Capitan 10.11.6, and OS X Yosemite 10.10.5" ], "credit": "Team Sniper (Keen Lab and PC Mgr) working with Trend Micro's Zero Day Initiative", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-2548", "impact": "An application may be able to gain system privileges", "links": [ "https://support.apple.com/en-us/HT207797" ], "module": "WindowServer", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.5", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "lokihardt of Google Project Zero", "description": "A logic issue existed in frame loading. This issue was addressed with improved state management.", "id": "CVE-2017-2549", "impact": "Processing maliciously crafted web content may lead to universal cross site scripting", "links": [ "https://support.apple.com/en-us/HT207798", "https://support.apple.com/en-us/HT207801", "https://support.apple.com/en-us/HT207804" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.5" ], "credit": "", "description": "Multiple issues were addressed by updating to version 7.54.0.", "id": "CVE-2017-2629", "impact": "Multiple issues in curl", "links": [ "https://support.apple.com/en-us/HT207922" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.6, OS X El Capitan 10.11.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 2.4.27.", "id": "CVE-2017-3167", "impact": "Multiple issues in Apache", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "apache", "rsr": "", "update": "November 14, 2017" }, { "available": [ "macOS Sierra 10.12.6, OS X El Capitan 10.11.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 2.4.27.", "id": "CVE-2017-3169", "impact": "Multiple issues in Apache", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "apache", "rsr": "", "update": "November 14, 2017" }, { "available": [ "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.1" ], "credit": "found by OSS-Fuzz", "description": "An out-of-bounds read issue existed in X.509 IPAddressFamily parsing. This issue was addressed with improved bounds checking.", "id": "CVE-2017-3735", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT208331" ], "module": "OpenSSL", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later", "macOS Sierra 10.12.3, OS X El Capitan v10.11.6, and Yosemite v10.10.5" ], "credit": "Holger Fuhrmannek", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2017-5029", "impact": "Multiple vulnerabilities in libxslt", "links": [ "https://support.apple.com/en-us/HT207599", "https://support.apple.com/en-us/HT207601", "https://support.apple.com/en-us/HT207602", "https://support.apple.com/en-us/HT207607", "https://support.apple.com/en-us/HT207615", "https://support.apple.com/en-us/HT207617" ], "module": "libxslt", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X El Capitan 10.11.6", "OS X Mountain Lion 10.8 and later", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "an anonymous researcher", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2017-5130", "impact": "Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208115", "https://support.apple.com/en-us/HT208141", "https://support.apple.com/en-us/HT208142", "https://support.apple.com/en-us/HT208144", "https://support.apple.com/en-us/HT208221" ], "module": "libxml2", "rsr": "", "update": "October 18, 2018" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "Multiple issues existed in tcpdump before 4.9.0. These were addressed by updating tcpdump to version 4.9.0.", "id": "CVE-2017-5202", "impact": "An attacker in a privileged network position may be able to execute arbitrary code with user assistance", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "Multiple issues existed in tcpdump before 4.9.0. These were addressed by updating tcpdump to version 4.9.0.", "id": "CVE-2017-5203", "impact": "An attacker in a privileged network position may be able to execute arbitrary code with user assistance", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "Multiple issues existed in tcpdump before 4.9.0. These were addressed by updating tcpdump to version 4.9.0.", "id": "CVE-2017-5204", "impact": "An attacker in a privileged network position may be able to execute arbitrary code with user assistance", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "Multiple issues existed in tcpdump before 4.9.0. These were addressed by updating tcpdump to version 4.9.0.", "id": "CVE-2017-5205", "impact": "An attacker in a privileged network position may be able to execute arbitrary code with user assistance", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "Multiple issues existed in tcpdump before 4.9.0. These were addressed by updating tcpdump to version 4.9.0.", "id": "CVE-2017-5341", "impact": "An attacker in a privileged network position may be able to execute arbitrary code with user assistance", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "Multiple issues existed in tcpdump before 4.9.0. These were addressed by updating tcpdump to version 4.9.0.", "id": "CVE-2017-5342", "impact": "An attacker in a privileged network position may be able to execute arbitrary code with user assistance", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "Multiple issues existed in tcpdump before 4.9.0. These were addressed by updating tcpdump to version 4.9.0.", "id": "CVE-2017-5482", "impact": "An attacker in a privileged network position may be able to execute arbitrary code with user assistance", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "Multiple issues existed in tcpdump before 4.9.0. These were addressed by updating tcpdump to version 4.9.0.", "id": "CVE-2017-5483", "impact": "An attacker in a privileged network position may be able to execute arbitrary code with user assistance", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "Multiple issues existed in tcpdump before 4.9.0. These were addressed by updating tcpdump to version 4.9.0.", "id": "CVE-2017-5484", "impact": "An attacker in a privileged network position may be able to execute arbitrary code with user assistance", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "Multiple issues existed in tcpdump before 4.9.0. These were addressed by updating tcpdump to version 4.9.0.", "id": "CVE-2017-5485", "impact": "An attacker in a privileged network position may be able to execute arbitrary code with user assistance", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "", "description": "Multiple issues existed in tcpdump before 4.9.0. These were addressed by updating tcpdump to version 4.9.0.", "id": "CVE-2017-5486", "impact": "An attacker in a privileged network position may be able to execute arbitrary code with user assistance", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch (1st Generation) and Apple Watch Series 3", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.1" ], "credit": "Jann Horn of Google Project Zero; Moritz Lipp of Graz University of Technology; Michael Schwarz of Graz University of Technology; Daniel Gruss of Graz University of Technology; Thomas Prescher of Cyberus Technology GmbH; Werner Haas of Cyberus Technology GmbH; Stefan Mangard of Graz University of Technology; Paul Kocher; Daniel Genkin of University of Pennsylvania and University of Maryland; Yuval Yarom of University of Adelaide and Data61; and Mike Hamburg of Rambus (Cryptography Research Division)", "description": "Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.", "id": "CVE-2017-5754", "impact": "An application may be able to read kernel memory (Meltdown)", "links": [ "https://support.apple.com/en-us/HT208325", "https://support.apple.com/en-us/HT208327", "https://support.apple.com/en-us/HT208331", "https://support.apple.com/en-us/HT208334" ], "module": "Kernel", "rsr": "", "update": "January 5, 2018" }, { "available": [ "OS X El Capitan 10.11.6, macOS Sierra 10.12.6" ], "credit": "Gustavo Grieco", "description": "A null pointer dereference was addressed with improved validation.", "id": "CVE-2017-5969", "impact": "Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "libxml2", "rsr": "", "update": "October 18, 2018" }, { "available": [ "iPhone 5s and later, and Wi-Fi + Cellular models of iPad Air generation and later" ], "credit": "Matthew Spisak of ENDGAME (endgame.com)", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-6211", "impact": "An attacker within range may be able to execute arbitrary code", "links": [ "https://support.apple.com/en-us/HT208112" ], "module": "Telephony", "rsr": "", "update": "December 4, 2017" }, { "available": [ "OS X Mountain Lion 10.8 and later" ], "credit": "Cure53", "description": "Multiple issues were addressed by updating to version 4.2.8p10", "id": "CVE-2017-6451", "impact": "Multiple issues in ntp", "links": [ "https://support.apple.com/en-us/HT208144" ], "module": "ntp", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion 10.8 and later" ], "credit": "Cure53", "description": "Multiple issues were addressed by updating to version 4.2.8p10", "id": "CVE-2017-6452", "impact": "Multiple issues in ntp", "links": [ "https://support.apple.com/en-us/HT208144" ], "module": "ntp", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion 10.8 and later" ], "credit": "Cure53", "description": "Multiple issues were addressed by updating to version 4.2.8p10", "id": "CVE-2017-6455", "impact": "Multiple issues in ntp", "links": [ "https://support.apple.com/en-us/HT208144" ], "module": "ntp", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion 10.8 and later" ], "credit": "Cure53", "description": "Multiple issues were addressed by updating to version 4.2.8p10", "id": "CVE-2017-6458", "impact": "Multiple issues in ntp", "links": [ "https://support.apple.com/en-us/HT208144" ], "module": "ntp", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion 10.8 and later" ], "credit": "Cure53", "description": "Multiple issues were addressed by updating to version 4.2.8p10", "id": "CVE-2017-6459", "impact": "Multiple issues in ntp", "links": [ "https://support.apple.com/en-us/HT208144" ], "module": "ntp", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion 10.8 and later" ], "credit": "Cure53", "description": "Multiple issues were addressed by updating to version 4.2.8p10", "id": "CVE-2017-6460", "impact": "Multiple issues in ntp", "links": [ "https://support.apple.com/en-us/HT208144" ], "module": "ntp", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion 10.8 and later" ], "credit": "Cure53", "description": "Multiple issues were addressed by updating to version 4.2.8p10", "id": "CVE-2017-6462", "impact": "Multiple issues in ntp", "links": [ "https://support.apple.com/en-us/HT208144" ], "module": "ntp", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion 10.8 and later" ], "credit": "Cure53", "description": "Multiple issues were addressed by updating to version 4.2.8p10", "id": "CVE-2017-6463", "impact": "Multiple issues in ntp", "links": [ "https://support.apple.com/en-us/HT208144" ], "module": "ntp", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion 10.8 and later" ], "credit": "Cure53", "description": "Multiple issues were addressed by updating to version 4.2.8p10", "id": "CVE-2017-6464", "impact": "Multiple issues in ntp", "links": [ "https://support.apple.com/en-us/HT208144" ], "module": "ntp", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "Patrick Wardle of Synack", "description": "A validation issue existed in the handling of system installation. This issue was addressed through improved handling and validation during the installation process.", "id": "CVE-2017-6974", "impact": "A malicious application may be able to modify protected disk locations", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "System Integrity Protection", "rsr": "", "update": "" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later" ], "credit": "Gal Beniamini of Google Project Zero", "description": "A stack buffer overflow was addressed through improved input validation.", "id": "CVE-2017-6975", "impact": "An attacker within range may be able to execute arbitrary code on the Wi-Fi chip", "links": [ "https://support.apple.com/en-us/HT207688" ], "module": "Wi-Fi", "rsr": "", "update": "" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "George Dan (@theninjaprawn)", "description": "An access issue was addressed through additional sandbox restrictions on third party applications.", "id": "CVE-2017-6976", "impact": "A malicious application may be able to access the iCloud user record of a signed in user", "links": [ "https://support.apple.com/en-us/HT207617" ], "module": "Sandbox Profiles", "rsr": "", "update": "August 1, 2017" }, { "available": [ "macOS Sierra 10.12.4" ], "credit": "Samuel Gro\u00df and Niklas Baumstark working with Trend Micro's Zero Day Initiative", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-6977", "impact": "An application may be able to escape its sandbox", "links": [ "https://support.apple.com/en-us/HT207797" ], "module": "Speech Framework", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.4" ], "credit": "Ian Beer of Google Project Zero", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-6978", "impact": "An application may be able to gain system privileges", "links": [ "https://support.apple.com/en-us/HT207797" ], "module": "Accessibility Framework", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation", "macOS Sierra 10.12.4, OS X El Capitan 10.11.6, and OS X Yosemite 10.10.5" ], "credit": "Adam Donenfeld (@doadam) of the Zimperium zLabs Team", "description": "A race condition was addressed through improved locking.", "id": "CVE-2017-6979", "impact": "An application may be able to gain kernel privileges", "links": [ "https://support.apple.com/en-us/HT207797", "https://support.apple.com/en-us/HT207798", "https://support.apple.com/en-us/HT207800", "https://support.apple.com/en-us/HT207801" ], "module": "IOSurface", "rsr": "", "update": "May 17, 2017" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.5", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "lokihardt of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-6980", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207798", "https://support.apple.com/en-us/HT207801", "https://support.apple.com/en-us/HT207804" ], "module": "WebKit", "rsr": "", "update": "June 20, 2017" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation", "macOS Sierra 10.12.4" ], "credit": "evi1m0 of YSRC (sec.ly.com)", "description": "An issue existed within the path validation logic for symlinks. This issue was addressed through improved path sanitization.", "id": "CVE-2017-6981", "impact": "An application may be able to execute arbitrary code with root privileges", "links": [ "https://support.apple.com/en-us/HT207797", "https://support.apple.com/en-us/HT207798" ], "module": "iBooks", "rsr": "", "update": "" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "Vincent Desmurs (vincedes3), Sem Voigtlander (OxFEEDFACE), and Joseph Shenton of CoffeeBreakers", "description": "A denial of service issue was addressed through improved memory handling.", "id": "CVE-2017-6982", "impact": "An application may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT207798" ], "module": "Notifications", "rsr": "", "update": "" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation", "macOS Sierra 10.12.4" ], "credit": "Chaitin Security Research Lab (@ChaitinTech) working with Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved input validation.", "id": "CVE-2017-6983", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207797", "https://support.apple.com/en-us/HT207798" ], "module": "SQLite", "rsr": "", "update": "May 24, 2017" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.5", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "lokihardt of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-6984", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207798", "https://support.apple.com/en-us/HT207801", "https://support.apple.com/en-us/HT207804", "https://support.apple.com/en-us/HT207805" ], "module": "WebKit", "rsr": "", "update": "June 20, 2017" }, { "available": [ "macOS Sierra 10.12.4" ], "credit": "Axis and sss of Nirvan Team of Qihoo 360 and Simon Huang (@HuangShaomang) of IceSword Lab of Qihoo 360", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-6985", "impact": "An application may be able to gain kernel privileges", "links": [ "https://support.apple.com/en-us/HT207797" ], "module": "NVIDIA Graphics Drivers", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.4" ], "credit": "evi1m0 of YSRC (sec.ly.com) & Heige (SuperHei) of Knownsec 404 Security Team", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-6986", "impact": "An application may be able to escape its sandbox", "links": [ "https://support.apple.com/en-us/HT207797" ], "module": "iBooks", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation", "macOS Sierra 10.12.4" ], "credit": "Patrick Wardle of Synack", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2017-6987", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT207797", "https://support.apple.com/en-us/HT207798", "https://support.apple.com/en-us/HT207800", "https://support.apple.com/en-us/HT207801" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.4" ], "credit": "Tim Cappalli of Aruba, a Hewlett Packard Enterprise company", "description": "A certificate validation issue existed in EAP-TLS when a certificate changed. This issue was addressed through improved certificate validation.", "id": "CVE-2017-6988", "impact": "A malicious network with 802.1X authentication may be able to capture user network credentials", "links": [ "https://support.apple.com/en-us/HT207797" ], "module": "802.1X", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "Adam Donenfeld (@doadam) of the Zimperium zLabs Team", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-6989", "impact": "An application may be able to gain kernel privileges", "links": [ "https://support.apple.com/en-us/HT207798", "https://support.apple.com/en-us/HT207800", "https://support.apple.com/en-us/HT207801" ], "module": "AVEVideoEncoder", "rsr": "", "update": "May 17, 2017" }, { "available": [ "macOS Sierra 10.12.4, OS X El Capitan 10.11.6, and OS X Yosemite 10.10.5" ], "credit": "Chaitin Security Research Lab (@ChaitinTech) working with Trend Micro's Zero Day Initiative", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2017-6990", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT207797" ], "module": "HFS", "rsr": "", "update": "" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation", "macOS Sierra 10.12.4" ], "credit": "Chaitin Security Research Lab (@ChaitinTech) working with Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved input validation.", "id": "CVE-2017-6991", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207797", "https://support.apple.com/en-us/HT207798" ], "module": "SQLite", "rsr": "", "update": "May 24, 2017" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "Adam Donenfeld (@doadam) of the Zimperium zLabs Team", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-6994", "impact": "An application may be able to gain kernel privileges", "links": [ "https://support.apple.com/en-us/HT207798", "https://support.apple.com/en-us/HT207800", "https://support.apple.com/en-us/HT207801" ], "module": "AVEVideoEncoder", "rsr": "", "update": "May 17, 2017" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "Adam Donenfeld (@doadam) of the Zimperium zLabs Team", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-6995", "impact": "An application may be able to gain kernel privileges", "links": [ "https://support.apple.com/en-us/HT207798", "https://support.apple.com/en-us/HT207800", "https://support.apple.com/en-us/HT207801" ], "module": "AVEVideoEncoder", "rsr": "", "update": "May 17, 2017" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "Adam Donenfeld (@doadam) of the Zimperium zLabs Team", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-6996", "impact": "An application may be able to gain kernel privileges", "links": [ "https://support.apple.com/en-us/HT207798", "https://support.apple.com/en-us/HT207800", "https://support.apple.com/en-us/HT207801" ], "module": "AVEVideoEncoder", "rsr": "", "update": "May 17, 2017" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "Adam Donenfeld (@doadam) of the Zimperium zLabs Team", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-6997", "impact": "An application may be able to gain kernel privileges", "links": [ "https://support.apple.com/en-us/HT207798", "https://support.apple.com/en-us/HT207800", "https://support.apple.com/en-us/HT207801" ], "module": "AVEVideoEncoder", "rsr": "", "update": "May 17, 2017" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "Adam Donenfeld (@doadam) of the Zimperium zLabs Team", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-6998", "impact": "An application may be able to gain kernel privileges", "links": [ "https://support.apple.com/en-us/HT207798", "https://support.apple.com/en-us/HT207800", "https://support.apple.com/en-us/HT207801" ], "module": "AVEVideoEncoder", "rsr": "", "update": "May 17, 2017" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "Adam Donenfeld (@doadam) of the Zimperium zLabs Team", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-6999", "impact": "An application may be able to gain kernel privileges", "links": [ "https://support.apple.com/en-us/HT207798", "https://support.apple.com/en-us/HT207800", "https://support.apple.com/en-us/HT207801" ], "module": "AVEVideoEncoder", "rsr": "", "update": "May 17, 2017" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation", "macOS Sierra 10.12.4" ], "credit": "Chaitin Security Research Lab (@ChaitinTech) working with Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved input validation.", "id": "CVE-2017-7000", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207797", "https://support.apple.com/en-us/HT207798" ], "module": "SQLite", "rsr": "", "update": "May 24, 2017" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation", "macOS Sierra 10.12.4" ], "credit": "Chaitin Security Research Lab (@ChaitinTech) working with Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved input validation.", "id": "CVE-2017-7001", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207797", "https://support.apple.com/en-us/HT207798" ], "module": "SQLite", "rsr": "", "update": "May 24, 2017" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation", "macOS Sierra 10.12.4" ], "credit": "Chaitin Security Research Lab (@ChaitinTech) working with Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved input validation.", "id": "CVE-2017-7002", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207797", "https://support.apple.com/en-us/HT207798" ], "module": "SQLite", "rsr": "", "update": "May 24, 2017" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation", "macOS Sierra 10.12.4, OS X El Capitan 10.11.6, and OS X Yosemite 10.10.5" ], "credit": "Jake Davis of SPYSCAPE (@DoubleJake), Jo\u00e3o Henrique Neves and Stephen Goldberg of Salesforce", "description": "A denial of service issue was addressed through improved validation.", "id": "CVE-2017-7003", "impact": "Processing a maliciously crafted file may lead to application termination", "links": [ "https://support.apple.com/en-us/HT207797", "https://support.apple.com/en-us/HT207798", "https://support.apple.com/en-us/HT207800", "https://support.apple.com/en-us/HT207801" ], "module": "CoreText", "rsr": "", "update": "June 7, 2017" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation", "macOS Sierra 10.12.4" ], "credit": "Ian Beer of Google Project Zero", "description": "A race condition was addressed with improved consistency checks.", "id": "CVE-2017-7004", "impact": "A local application may be able to send privileged XPC messages without entitlements", "links": [ "https://support.apple.com/en-us/HT207797", "https://support.apple.com/en-us/HT207798" ], "module": "Security", "rsr": "", "update": "June 8, 2017" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.5", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "lokihardt of Google Project Zero", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2017-7005", "impact": "Processing maliciously crafted web content may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207798", "https://support.apple.com/en-us/HT207801", "https://support.apple.com/en-us/HT207804" ], "module": "JavaScriptCore", "rsr": "", "update": "June 9, 2017" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "David Kohlbrenner of UC San Diego, an anonymous researcher", "description": "Processing maliciously crafted web content may allow cross-origin data to be exfiltrated by using SVG filters to conduct a timing side-channel attack. This issue was addressed by not painting the cross-origin buffer into the frame that gets filtered.", "id": "CVE-2017-7006", "impact": "A malicious website may exfiltrate data cross-origin", "links": [ "https://support.apple.com/en-us/HT207921", "https://support.apple.com/en-us/HT207923", "https://support.apple.com/en-us/HT207924" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "Jos\u00e9 Antonio Esteban (@Erratum_) of Sapsi Consultores", "description": "A resource exhaustion issue was addressed through improved input validation.", "id": "CVE-2017-7007", "impact": "A remote attacker may cause an unexpected application termination", "links": [ "https://support.apple.com/en-us/HT207923" ], "module": "EventKitUI", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation", "macOS Sierra 10.12.5" ], "credit": "Yangkang (@dnpushme) of Qihoo 360 Qex Team", "description": "A memory corruption issue was addressed with improved bounds checking.", "id": "CVE-2017-7008", "impact": "Processing a maliciously crafted movie file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207922", "https://support.apple.com/en-us/HT207923", "https://support.apple.com/en-us/HT207924" ], "module": "CoreAudio", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation", "macOS Sierra 10.12.5, OS X El Capitan 10.11.6, and OS X Yosemite 10.10.5" ], "credit": "shrek_wzw of Qihoo 360 Nirvan Team", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-7009", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207922", "https://support.apple.com/en-us/HT207923", "https://support.apple.com/en-us/HT207924", "https://support.apple.com/en-us/HT207925" ], "module": "IOUSBFamily", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation", "macOS Sierra 10.12.5, OS X El Capitan 10.11.6, and OS X Yosemite 10.10.5" ], "credit": "Apple", "description": "An out-of-bounds read was addressed through improved bounds checking.", "id": "CVE-2017-7010", "impact": "Parsing a maliciously crafted XML document may lead to disclosure of user information", "links": [ "https://support.apple.com/en-us/HT207922", "https://support.apple.com/en-us/HT207923", "https://support.apple.com/en-us/HT207924", "https://support.apple.com/en-us/HT207927", "https://support.apple.com/en-us/HT207928" ], "module": "libxml2", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "xisigr of Tencent's Xuanwu Lab (tencent.com)", "description": "A state management issue was addressed with improved frame handling.", "id": "CVE-2017-7011", "impact": "Visiting a malicious website may lead to address bar spoofing", "links": [ "https://support.apple.com/en-us/HT207921", "https://support.apple.com/en-us/HT207923" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "Apple", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-7012", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207921", "https://support.apple.com/en-us/HT207923", "https://support.apple.com/en-us/HT207927", "https://support.apple.com/en-us/HT207928" ], "module": "WebKit Web Inspector", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation", "macOS Sierra 10.12.5, OS X El Capitan 10.11.6, and OS X Yosemite 10.10.5" ], "credit": "found by OSS-Fuzz", "description": "An out-of-bounds read was addressed through improved bounds checking.", "id": "CVE-2017-7013", "impact": "Parsing a maliciously crafted XML document may lead to disclosure of user information", "links": [ "https://support.apple.com/en-us/HT207922", "https://support.apple.com/en-us/HT207923", "https://support.apple.com/en-us/HT207924", "https://support.apple.com/en-us/HT207925", "https://support.apple.com/en-us/HT207927", "https://support.apple.com/en-us/HT207928" ], "module": "libxml2", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.5" ], "credit": "Lee of Minionz, Axis and sss of Qihoo 360 Nirvan Team", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-7014", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT207922" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.5" ], "credit": "riusksk (\u6cc9\u54e5) of Tencent Security Platform Department", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-7015", "impact": "Processing a maliciously crafted audio file may disclose restricted memory", "links": [ "https://support.apple.com/en-us/HT207922" ], "module": "Audio", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.5" ], "credit": "riusksk (\u6cc9\u54e5) of Tencent Security Platform Department", "description": "A memory corruption issue was addressed through improved input validation.", "id": "CVE-2017-7016", "impact": "Processing a maliciously crafted audio file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207922" ], "module": "afclip", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.5" ], "credit": "chenqin of Ant-financial Light-Year Security Lab (\u8682\u8681\u91d1\u670d\u5df4\u65af\u5149\u5e74\u5b89\u5168\u5b9e\u9a8c\u5ba4)", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-7017", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT207922" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "lokihardt of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-7018", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207921", "https://support.apple.com/en-us/HT207923", "https://support.apple.com/en-us/HT207924", "https://support.apple.com/en-us/HT207927", "https://support.apple.com/en-us/HT207928" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "Zhiyang Zeng of Tencent Security Platform Department", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-7019", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207921", "https://support.apple.com/en-us/HT207923", "https://support.apple.com/en-us/HT207924", "https://support.apple.com/en-us/HT207927", "https://support.apple.com/en-us/HT207928" ], "module": "WebKit Page Loading", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "likemeng of Baidu Security Lab", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-7020", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207921", "https://support.apple.com/en-us/HT207923", "https://support.apple.com/en-us/HT207924", "https://support.apple.com/en-us/HT207927", "https://support.apple.com/en-us/HT207928" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.5, OS X El Capitan 10.11.6, and OS X Yosemite 10.10.5" ], "credit": "sss and Axis of Qihoo 360 Nirvan Team", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-7021", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT207922" ], "module": "AppleGraphicsPowerManagement", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation", "macOS Sierra 10.12.5, OS X El Capitan 10.11.6, and OS X Yosemite 10.10.5" ], "credit": "an anonymous researcher", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-7022", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT207922", "https://support.apple.com/en-us/HT207923", "https://support.apple.com/en-us/HT207924", "https://support.apple.com/en-us/HT207925" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation", "macOS Sierra 10.12.5, OS X El Capitan 10.11.6, and OS X Yosemite 10.10.5" ], "credit": "an anonymous researcher", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-7023", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207922", "https://support.apple.com/en-us/HT207923", "https://support.apple.com/en-us/HT207924", "https://support.apple.com/en-us/HT207925" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation", "macOS Sierra 10.12.5, OS X El Capitan 10.11.6, and OS X Yosemite 10.10.5" ], "credit": "an anonymous researcher", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-7024", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT207922", "https://support.apple.com/en-us/HT207923", "https://support.apple.com/en-us/HT207924", "https://support.apple.com/en-us/HT207925" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation", "macOS Sierra 10.12.5" ], "credit": "an anonymous researcher", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-7025", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207922", "https://support.apple.com/en-us/HT207923", "https://support.apple.com/en-us/HT207924", "https://support.apple.com/en-us/HT207925" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation", "macOS Sierra 10.12.5" ], "credit": "an anonymous researcher", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-7026", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT207922", "https://support.apple.com/en-us/HT207923", "https://support.apple.com/en-us/HT207924", "https://support.apple.com/en-us/HT207925" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation", "macOS Sierra 10.12.5" ], "credit": "an anonymous researcher", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-7027", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207922", "https://support.apple.com/en-us/HT207923", "https://support.apple.com/en-us/HT207924", "https://support.apple.com/en-us/HT207925" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation", "macOS Sierra 10.12.5, OS X El Capitan 10.11.6, and OS X Yosemite 10.10.5" ], "credit": "an anonymous researcher", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2017-7028", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT207922", "https://support.apple.com/en-us/HT207923", "https://support.apple.com/en-us/HT207924", "https://support.apple.com/en-us/HT207925" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation", "macOS Sierra 10.12.5, OS X El Capitan 10.11.6, and OS X Yosemite 10.10.5" ], "credit": "an anonymous researcher", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2017-7029", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT207922", "https://support.apple.com/en-us/HT207923", "https://support.apple.com/en-us/HT207924", "https://support.apple.com/en-us/HT207925" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "chenqin of Ant-financial Light-Year Security Lab (\u8682\u8681\u91d1\u670d\u5df4\u65af\u5149\u5e74\u5b89\u5168\u5b9e\u9a8c\u5ba4)", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-7030", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207921", "https://support.apple.com/en-us/HT207923", "https://support.apple.com/en-us/HT207924", "https://support.apple.com/en-us/HT207927", "https://support.apple.com/en-us/HT207928" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.5, OS X El Capitan 10.11.6, and OS X Yosemite 10.10.5" ], "credit": "HappilyCoded (ant4g0nist and r3dsm0k3)", "description": "A memory corruption issue was addressed through improved input validation.", "id": "CVE-2017-7031", "impact": "Processing a maliciously crafted file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207922" ], "module": "Foundation", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.5, OS X El Capitan 10.11.6, and OS X Yosemite 10.10.5" ], "credit": "Axis and sss of Qihoo 360 Nirvan Team", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-7032", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT207922" ], "module": "kext tools", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.5" ], "credit": "riusksk (\u6cc9\u54e5) of Tencent Security Platform Department", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-7033", "impact": "Processing a maliciously crafted audio file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207922" ], "module": "afclip", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "chenqin of Ant-financial Light-Year Security Lab (\u8682\u8681\u91d1\u670d\u5df4\u65af\u5149\u5e74\u5b89\u5168\u5b9e\u9a8c\u5ba4)", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-7034", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207921", "https://support.apple.com/en-us/HT207923", "https://support.apple.com/en-us/HT207924", "https://support.apple.com/en-us/HT207927", "https://support.apple.com/en-us/HT207928" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.5" ], "credit": "shrek_wzw of Qihoo 360 Nirvan Team", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-7035", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT207922" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.5" ], "credit": "shrek_wzw of Qihoo 360 Nirvan Team", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2017-7036", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT207922" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "lokihardt of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-7037", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207921", "https://support.apple.com/en-us/HT207923", "https://support.apple.com/en-us/HT207924", "https://support.apple.com/en-us/HT207927", "https://support.apple.com/en-us/HT207928" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "Egor Karbutov (@ShikariSenpai) of Digital Security and Egor Saltykov (@ansjdnakjdnajkd) of Digital Security, Neil Jenkins of FastMail Pty Ltd", "description": "A logic issue existed in the handling of DOMParser. This issue was addressed with improved state management.", "id": "CVE-2017-7038", "impact": "Processing maliciously crafted web content with DOMParser may lead to cross site scripting", "links": [ "https://support.apple.com/en-us/HT207921", "https://support.apple.com/en-us/HT207923", "https://support.apple.com/en-us/HT207924" ], "module": "WebKit", "rsr": "", "update": "July 28, 2017" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "Ivan Fratric of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-7039", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207921", "https://support.apple.com/en-us/HT207923", "https://support.apple.com/en-us/HT207924", "https://support.apple.com/en-us/HT207927", "https://support.apple.com/en-us/HT207928" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "Ivan Fratric of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-7040", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207921", "https://support.apple.com/en-us/HT207923", "https://support.apple.com/en-us/HT207924", "https://support.apple.com/en-us/HT207927", "https://support.apple.com/en-us/HT207928" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "Ivan Fratric of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-7041", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207921", "https://support.apple.com/en-us/HT207923", "https://support.apple.com/en-us/HT207924", "https://support.apple.com/en-us/HT207927", "https://support.apple.com/en-us/HT207928" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "Ivan Fratric of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-7042", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207921", "https://support.apple.com/en-us/HT207923", "https://support.apple.com/en-us/HT207924", "https://support.apple.com/en-us/HT207927", "https://support.apple.com/en-us/HT207928" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "Ivan Fratric of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-7043", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207921", "https://support.apple.com/en-us/HT207923", "https://support.apple.com/en-us/HT207924", "https://support.apple.com/en-us/HT207927", "https://support.apple.com/en-us/HT207928" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.5" ], "credit": "shrek_wzw of Qihoo 360 Nirvan Team", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-7044", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT207922" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.5" ], "credit": "shrek_wzw of Qihoo 360 Nirvan Team", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2017-7045", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT207922" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "Ivan Fratric of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-7046", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207921", "https://support.apple.com/en-us/HT207923", "https://support.apple.com/en-us/HT207924", "https://support.apple.com/en-us/HT207927", "https://support.apple.com/en-us/HT207928" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation", "macOS Sierra 10.12.5 and OS X El Capitan 10.11.6" ], "credit": "Ian Beer of Google Project Zero", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-7047", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT207922", "https://support.apple.com/en-us/HT207923", "https://support.apple.com/en-us/HT207924", "https://support.apple.com/en-us/HT207925" ], "module": "libxpc", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "Ivan Fratric of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-7048", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207921", "https://support.apple.com/en-us/HT207923", "https://support.apple.com/en-us/HT207924", "https://support.apple.com/en-us/HT207927", "https://support.apple.com/en-us/HT207928" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "Ivan Fratric of Google Project Zero", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2017-7049", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207921", "https://support.apple.com/en-us/HT207923", "https://support.apple.com/en-us/HT207924", "https://support.apple.com/en-us/HT207927", "https://support.apple.com/en-us/HT207928" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.5" ], "credit": "Min (Spark) Zheng of Alibaba Inc.", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-7050", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT207922" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.5" ], "credit": "Alex Plaskett of MWR InfoSecurity", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-7051", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT207922" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "cc working with Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-7052", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207921", "https://support.apple.com/en-us/HT207923", "https://support.apple.com/en-us/HT207924", "https://support.apple.com/en-us/HT207927", "https://support.apple.com/en-us/HT207928" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Windows 7 and later" ], "credit": "an anonymous researcher working with Trend Micro's Zero Day Initiative", "description": "An access issue was addressed with additional restrictions.", "id": "CVE-2017-7053", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT207928" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.5" ], "credit": "Alex Plaskett of MWR InfoSecurity, Lufeng Li of Qihoo 360 Vulcan Team", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-7054", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207922" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "The UK's National Cyber Security Centre (NCSC)", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-7055", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207921", "https://support.apple.com/en-us/HT207923", "https://support.apple.com/en-us/HT207924", "https://support.apple.com/en-us/HT207927", "https://support.apple.com/en-us/HT207928" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "lokihardt of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-7056", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207921", "https://support.apple.com/en-us/HT207923", "https://support.apple.com/en-us/HT207924", "https://support.apple.com/en-us/HT207927", "https://support.apple.com/en-us/HT207928" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "Beyza Sevin\u00e7 of S\u00fcleyman Demirel \u00dcniversitesi", "description": "A lock screen issue was addressed with improved state management.", "id": "CVE-2017-7058", "impact": "Notifications may appear on the lock screen when disabled", "links": [ "https://support.apple.com/en-us/HT207923" ], "module": "Notifications", "rsr": "", "update": "July 28, 2017" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "Masato Kinugawa and Mario Heiderich of Cure53", "description": "A logic issue existed in the handling of DOMParser. This issue was addressed with improved state management.", "id": "CVE-2017-7059", "impact": "Processing maliciously crafted web content with DOMParser may lead to cross site scripting", "links": [ "https://support.apple.com/en-us/HT207921", "https://support.apple.com/en-us/HT207923", "https://support.apple.com/en-us/HT207924" ], "module": "WebKit", "rsr": "", "update": "July 28, 2017" }, { "available": [ "OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "Travis Kelley of City of Mishawaka, Indiana", "description": "An issue existed where a malicious or compromised website could show infinite print dialogs and make users believe their browser was locked. The issue was addressed through throttling of print dialogs.", "id": "CVE-2017-7060", "impact": "Processing maliciously crafted web content may lead to an infinite number of print dialogs", "links": [ "https://support.apple.com/en-us/HT207921", "https://support.apple.com/en-us/HT207923" ], "module": "Safari Printing", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "lokihardt of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-7061", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207921", "https://support.apple.com/en-us/HT207923", "https://support.apple.com/en-us/HT207924", "https://support.apple.com/en-us/HT207927", "https://support.apple.com/en-us/HT207928" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation", "macOS Sierra 10.12.5" ], "credit": "Shashank (@cyberboyIndia)", "description": "A buffer overflow issue was addressed through improved memory handling.", "id": "CVE-2017-7062", "impact": "A remote attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207922", "https://support.apple.com/en-us/HT207923", "https://support.apple.com/en-us/HT207924", "https://support.apple.com/en-us/HT207925" ], "module": "Contacts", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "Shashank (@cyberboyIndia)", "description": "A memory consumption issue was addressed through improved memory handling.", "id": "CVE-2017-7063", "impact": "A remote attacker may cause an unexpected application termination", "links": [ "https://support.apple.com/en-us/HT207923", "https://support.apple.com/en-us/HT207925" ], "module": "Messages", "rsr": "", "update": "" }, { "available": [ "OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6", "Windows 7 and later", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "lokihardt of Google Project Zero", "description": "A memory initialization issue was addressed through improved memory handling.", "id": "CVE-2017-7064", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT207921", "https://support.apple.com/en-us/HT207923", "https://support.apple.com/en-us/HT207927", "https://support.apple.com/en-us/HT207928" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation", "macOS Sierra 10.12.5" ], "credit": "Gal Beniamini of Google Project Zero", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-7065", "impact": "An attacker within range may be able to execute arbitrary code on the Wi-Fi chip", "links": [ "https://support.apple.com/en-us/HT207922", "https://support.apple.com/en-us/HT207923", "https://support.apple.com/en-us/HT207924" ], "module": "Wi-Fi", "rsr": "", "update": "September 25, 2017" }, { "available": [ "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation" ], "credit": "Gal Beniamini of Google Project Zero", "description": "A memory corruption issue was addressed with improved validation.", "id": "CVE-2017-7066", "impact": "An attacker in Wi-Fi range may be able to cause a denial of service on the Wi-Fi chip", "links": [ "https://support.apple.com/en-us/HT207923", "https://support.apple.com/en-us/HT207924" ], "module": "Wi-Fi", "rsr": "", "update": "September 26, 2017" }, { "available": [ "macOS Sierra 10.12.5, OS X El Capitan 10.11.6, and OS X Yosemite 10.10.5" ], "credit": "shrek_wzw of Qihoo 360 Nirvan Team", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2017-7067", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT207922" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation", "macOS Sierra 10.12.5" ], "credit": "found by OSS-Fuzz", "description": "A buffer overflow was addressed through improved bounds checking.", "id": "CVE-2017-7068", "impact": "Unpacking a maliciously crafted archive may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207922", "https://support.apple.com/en-us/HT207923", "https://support.apple.com/en-us/HT207924", "https://support.apple.com/en-us/HT207925" ], "module": "libarchive", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation", "macOS Sierra 10.12.5" ], "credit": "Proteas of Qihoo 360 Nirvan Team", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-7069", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT207922", "https://support.apple.com/en-us/HT207923", "https://support.apple.com/en-us/HT207924", "https://support.apple.com/en-us/HT207925" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.3" ], "credit": "Ed McKenzie", "description": "An insufficient locking issue was addressed with improved state management.", "id": "CVE-2017-7070", "impact": "The screen may unexpectedly remain unlocked when the lid is closed", "links": [ "https://support.apple.com/en-us/HT207615" ], "module": "Kernel", "rsr": "", "update": "August 10, 2017" }, { "available": [ "OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.4" ], "credit": "Kai Kang (4B5F5F4B) of Tencent's Xuanwu Lab (tencent.com) working with Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-7071", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT207600" ], "module": "WebKit", "rsr": "", "update": "August 23, 2017" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "J\u0119drzej Krysztofiak", "description": "Multiple denial of service issues were addressed through improved memory handling.", "id": "CVE-2017-7072", "impact": "Parsing a maliciously crafted iBooks file may lead to a persistent denial-of-service", "links": [ "https://support.apple.com/en-us/HT208112" ], "module": "iBooks", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion 10.8 and later" ], "credit": "Daniel Jalkut of Red Sweater Software", "description": "Multiple denial of service issues were addressed through improved memory handling.", "id": "CVE-2017-7074", "impact": "An application may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT208144" ], "module": "AppSandbox", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Richard Will of Marathon Oil Company", "description": "The contents of locked notes sometimes appeared in search results. This issue was addressed through improved data cleanup.", "id": "CVE-2017-7075", "impact": "A local user may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT208112" ], "module": "Notes", "rsr": "", "update": "November 10, 2017" }, { "available": [ "macOS Sierra 10.12.6 or later" ], "credit": "riusksk (\u6cc9\u54e5) of Tencent Security Platform Department", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-7076", "impact": "Parsing a maliciously crafted Mach-O file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208103" ], "module": "ld64", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.6 or later" ], "credit": "riusksk (\u6cc9\u54e5) of Tencent Security Platform Department", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-7076, CVE-2017-7134, CVE-2017-7135, CVE-2017-7136, CVE-2017-7137", "impact": "Parsing a maliciously crafted Mach-O file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208103" ], "module": "ld64", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion 10.8 and later" ], "credit": "Brandon Azad", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-7077", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT208144" ], "module": "IOFireWireFamily", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion 10.8 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Petter Flink, Pierre ALBAR\u00c8DE from Marseille (France), an anonymous researcher", "description": "An encryption issue existed in the handling of mail drafts. This issue was addressed with improved handling of mail drafts meant to be sent encrypted.", "id": "CVE-2017-7078", "impact": "An attacker with a privileged network position may be able to intercept mail contents", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208144" ], "module": "Mail Drafts", "rsr": "", "update": "October 3, 2017" }, { "available": [ "OS X Yosemite 10.10.5 and later" ], "credit": "Pi Delta", "description": "An access control issue was addressed by restricting access to iOS backups to iTunes.", "id": "CVE-2017-7079", "impact": "An application may be able to access iOS backups performed through iTunes", "links": [ "https://support.apple.com/en-us/HT208140" ], "module": "Data Sync", "rsr": "", "update": "September 25, 2017" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Mountain Lion 10.8 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Sven Driemecker of adesso mobile solutions gmbh, Rune Darrud (@theflyingcorpse) of B\u00e6rum kommune, an anonymous researcher, an anonymous researcher", "description": "A certificate validation issue existed in the handling of revocation data. This issue was addressed through improved validation.", "id": "CVE-2017-7080", "impact": "A revoked certificate may be trusted", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208115", "https://support.apple.com/en-us/HT208144" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Apple", "description": "A memory corruption issue was addressed through improved input validation.", "id": "CVE-2017-7081", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208116", "https://support.apple.com/en-us/HT208141", "https://support.apple.com/en-us/HT208142" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion 10.8 and later" ], "credit": "Tim Kingman", "description": "A window management issue was addressed through improved state management.", "id": "CVE-2017-7082", "impact": "Application Firewall prompts may appear over Login Window", "links": [ "https://support.apple.com/en-us/HT208144" ], "module": "Screen Lock", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Mountain Lion 10.8 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Abhinav Bansal of Zscaler Inc.", "description": "Multiple denial of service issues were addressed through improved memory handling.", "id": "CVE-2017-7083", "impact": "An attacker in a privileged network position may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208115", "https://support.apple.com/en-us/HT208144" ], "module": "CFNetwork Proxies", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion 10.8 and later" ], "credit": "an anonymous researcher", "description": "An upgrade issue existed in the handling of firewall settings. This issue was addressed through improved handling of firewall settings during upgrades.", "id": "CVE-2017-7084", "impact": "A previously denied application firewall setting may take effect after upgrading", "links": [ "https://support.apple.com/en-us/HT208144" ], "module": "Application Firewall", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "xisigr of Tencent's Xuanwu Lab (tencent.com)", "description": "An inconsistent user interface issue was addressed with improved state management.", "id": "CVE-2017-7085", "impact": "Visiting a malicious website may lead to address bar spoofing", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208116" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Mountain Lion 10.8 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Russ Cox of Google", "description": "A resource exhaustion issue in glob() was addressed through an improved algorithm.", "id": "CVE-2017-7086", "impact": "A remote attacker may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208115", "https://support.apple.com/en-us/HT208144" ], "module": "libc", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Apple", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-7087", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208116", "https://support.apple.com/en-us/HT208141", "https://support.apple.com/en-us/HT208142" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Ilya Nesterov, Maxim Goncharov", "description": "A validation issue existed in AutoDiscover V1. This was addressed by requiring TLS for AutoDiscover V1. AutoDiscover V2 is now supported.", "id": "CVE-2017-7088", "impact": "An attacker in a privileged network position may be able to erase a device during Exchange account setup", "links": [ "https://support.apple.com/en-us/HT208112" ], "module": "Exchange ActiveSync", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Frans Ros\u00e9n of Detectify, Anton Lopanitsyn of ONSEC", "description": "A logic issue existed in the handling of parent-tab. This issue was addressed with improved state management.", "id": "CVE-2017-7089", "impact": "Processing maliciously crafted web content may lead to universal cross site scripting", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208116", "https://support.apple.com/en-us/HT208142" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Apple", "description": "A permissions issue existed in the handling of web browser cookies. This issue was addressed by no longer returning cookies for custom URL schemes.", "id": "CVE-2017-7090", "impact": "Cookies belonging to one origin may be sent to another origin", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208116", "https://support.apple.com/en-us/HT208141", "https://support.apple.com/en-us/HT208142" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Wei Yuan of Baidu Security Lab working with Trend Micro\u2019s Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-7091", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208116", "https://support.apple.com/en-us/HT208141", "https://support.apple.com/en-us/HT208142" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Samuel Gro and Niklas Baumstark working with Trend Micro's Zero Day Initiative, Qixun Zhao (@S0rryMybad) of Qihoo 360 Vulcan Team", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-7092", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208116", "https://support.apple.com/en-us/HT208141", "https://support.apple.com/en-us/HT208142" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Samuel Gro and Niklas Baumstark working with Trend Micro\u2019s Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-7093", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208116", "https://support.apple.com/en-us/HT208141", "https://support.apple.com/en-us/HT208142" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Tim Michaud (@TimGMichaud) of Leviathan Security Group", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-7094", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208116", "https://support.apple.com/en-us/HT208141", "https://support.apple.com/en-us/HT208142" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Wang Junjie, Wei Lei, and Liu Yang of Nanyang Technological University working with Trend Micro\u2019s Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-7095", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208116", "https://support.apple.com/en-us/HT208141", "https://support.apple.com/en-us/HT208142" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Wei Yuan of Baidu Security Lab", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-7096", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208116", "https://support.apple.com/en-us/HT208141", "https://support.apple.com/en-us/HT208142" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Xinshu Dong and Jun Hao Tan of Anquan Capital", "description": "A memory corruption issue was addressed with improved validation.", "id": "CVE-2017-7097", "impact": "Processing a maliciously crafted image may lead to a denial of service", "links": [ "https://support.apple.com/en-us/HT208112" ], "module": "Mail MessageUI", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Felipe Freitas of Instituto Tecnol\u00f3gico de Aeron\u00e1utica", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-7098", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208116", "https://support.apple.com/en-us/HT208141", "https://support.apple.com/en-us/HT208142" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Apple", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-7099", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208116", "https://support.apple.com/en-us/HT208141", "https://support.apple.com/en-us/HT208142" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Masato Kinugawa and Mario Heiderich of Cure53", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-7100", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208116", "https://support.apple.com/en-us/HT208141", "https://support.apple.com/en-us/HT208142" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Wang Junjie, Wei Lei, and Liu Yang of Nanyang Technological University", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-7102", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208116", "https://support.apple.com/en-us/HT208141", "https://support.apple.com/en-us/HT208142" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Gal Beniamini of Google Project Zero", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-7103", "impact": "Malicious code executing on the Wi-Fi chip may be able to execute arbitrary code with kernel privileges on the application processor", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208115" ], "module": "Wi-Fi", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "likemeng of Baidu Secutity Lab", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-7104", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208116", "https://support.apple.com/en-us/HT208141", "https://support.apple.com/en-us/HT208142" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Gal Beniamini of Google Project Zero", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-7105", "impact": "Malicious code executing on the Wi-Fi chip may be able to execute arbitrary code with kernel privileges on the application processor", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208115" ], "module": "Wi-Fi", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Oliver Paukstadt of Thinking Objects GmbH (to.com)", "description": "An inconsistent user interface issue was addressed with improved state management.", "id": "CVE-2017-7106", "impact": "Visiting a malicious website may lead to address bar spoofing", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208116", "https://support.apple.com/en-us/HT208142" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Wang Junjie, Wei Lei, and Liu Yang of Nanyang Technological University", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-7107", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208116", "https://support.apple.com/en-us/HT208141", "https://support.apple.com/en-us/HT208142" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Gal Beniamini of Google Project Zero", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-7108", "impact": "Malicious code executing on the Wi-Fi chip may be able to execute arbitrary code with kernel privileges on the application processor", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208115" ], "module": "Wi-Fi", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "avlidienbrunn", "description": "Application Cache policy may be unexpectedly applied.", "id": "CVE-2017-7109", "impact": "Processing maliciously crafted web content may lead to a cross site scripting attack", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208116", "https://support.apple.com/en-us/HT208141", "https://support.apple.com/en-us/HT208142" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Gal Beniamini of Google Project Zero", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-7110", "impact": "Malicious code executing on the Wi-Fi chip may be able to execute arbitrary code with kernel privileges on the application processor", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208115" ], "module": "Wi-Fi", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "likemeng of Baidu Security Lab (xlab.baidu.com) working with Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-7111", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208116", "https://support.apple.com/en-us/HT208141", "https://support.apple.com/en-us/HT208142" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Gal Beniamini of Google Project Zero", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-7112", "impact": "Malicious code executing on the Wi-Fi chip may be able to execute arbitrary code with kernel privileges on the application processor", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208115" ], "module": "Wi-Fi", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "an anonymous researcher, Duraiamuthan Harikrishnan of Tech Mahindra, Ricardo Sampayo of Bemo Ltd", "description": "The characters in a secure text field were revealed during focus change events. This issue was addressed through improved state management.", "id": "CVE-2017-7113", "impact": "Characters in a secure text field might be revealed", "links": [ "https://support.apple.com/en-us/HT208222" ], "module": "UIKit", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Mountain Lion 10.8 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Alex Plaskett of MWR InfoSecurity", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-7114", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208115", "https://support.apple.com/en-us/HT208144" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Gal Beniamini of Google Project Zero", "description": "Multiple race conditions were addressed through improved validation.", "id": "CVE-2017-7115", "impact": "Malicious code executing on the Wi-Fi chip may be able to execute arbitrary code with kernel privileges on the application processor", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113" ], "module": "Wi-Fi", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Gal Beniamini of Google Project Zero", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2017-7116", "impact": "Malicious code executing on the Wi-Fi chip may be able to read restricted kernel memory", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208115" ], "module": "Wi-Fi", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "lokihardt of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-7117", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208116", "https://support.apple.com/en-us/HT208141", "https://support.apple.com/en-us/HT208142" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Kiki Jiang and Jason Tokoph", "description": "A denial of service issue was addressed through improved validation.", "id": "CVE-2017-7118", "impact": "Processing a maliciously crafted image may lead to a denial of service", "links": [ "https://support.apple.com/en-us/HT208112" ], "module": "Messages", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion 10.8 and later" ], "credit": "Xiaolong Bai, Min (Spark) Zheng of Alibaba Inc., Benjamin Gnahm (@mitp0sh) of PDX", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2017-7119", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT208144" ], "module": "IOFireWireFamily", "rsr": "", "update": "" }, { "available": [ "Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "chenqin (\u9648\u94a6) of Ant-financial Light-Year Security Lab", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-7120", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208116", "https://support.apple.com/en-us/HT208141", "https://support.apple.com/en-us/HT208142" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion 10.8 and later" ], "credit": "found by OSS-Fuzz", "description": "Multiple issues were addressed by updating to version 5.30.", "id": "CVE-2017-7121", "impact": "Multiple issues in file", "links": [ "https://support.apple.com/en-us/HT208144" ], "module": "file", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion 10.8 and later" ], "credit": "found by OSS-Fuzz", "description": "Multiple issues were addressed by updating to version 5.30.", "id": "CVE-2017-7122", "impact": "Multiple issues in file", "links": [ "https://support.apple.com/en-us/HT208144" ], "module": "file", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion 10.8 and later" ], "credit": "found by OSS-Fuzz", "description": "Multiple issues were addressed by updating to version 5.30.", "id": "CVE-2017-7123", "impact": "Multiple issues in file", "links": [ "https://support.apple.com/en-us/HT208144" ], "module": "file", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion 10.8 and later" ], "credit": "found by OSS-Fuzz", "description": "Multiple issues were addressed by updating to version 5.30.", "id": "CVE-2017-7124", "impact": "Multiple issues in file", "links": [ "https://support.apple.com/en-us/HT208144" ], "module": "file", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion 10.8 and later" ], "credit": "found by OSS-Fuzz", "description": "Multiple issues were addressed by updating to version 5.30.", "id": "CVE-2017-7125", "impact": "Multiple issues in file", "links": [ "https://support.apple.com/en-us/HT208144" ], "module": "file", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion 10.8 and later" ], "credit": "found by OSS-Fuzz", "description": "Multiple issues were addressed by updating to version 5.30.", "id": "CVE-2017-7126", "impact": "Multiple issues in file", "links": [ "https://support.apple.com/en-us/HT208144" ], "module": "file", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Mountain Lion 10.8 and later", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "an anonymous researcher", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-7127", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208115", "https://support.apple.com/en-us/HT208142", "https://support.apple.com/en-us/HT208144" ], "module": "SQLite", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Mountain Lion 10.8 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "found by OSS-Fuzz", "description": "Multiple issues were addressed by updating to version 3.19.3.", "id": "CVE-2017-7128", "impact": "Multiple issues in SQLite", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208115", "https://support.apple.com/en-us/HT208144" ], "module": "SQLite", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Mountain Lion 10.8 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "found by OSS-Fuzz", "description": "Multiple issues were addressed by updating to version 3.19.3.", "id": "CVE-2017-7129", "impact": "Multiple issues in SQLite", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208115", "https://support.apple.com/en-us/HT208144" ], "module": "SQLite", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Mountain Lion 10.8 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "found by OSS-Fuzz", "description": "Multiple issues were addressed by updating to version 3.19.3.", "id": "CVE-2017-7130", "impact": "Multiple issues in SQLite", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208115", "https://support.apple.com/en-us/HT208144" ], "module": "SQLite", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Dominik Conrads of Federal Office for Information Security, an anonymous researcher, Anand Kathapurkar of India, Elvis (@elvisimprsntr)", "description": "A privacy issue existed in the handling of Contact cards. This was addressed with improved state management.", "id": "CVE-2017-7131", "impact": "An application may be able to access restricted files", "links": [ "https://support.apple.com/en-us/HT208112" ], "module": "Bluetooth", "rsr": "", "update": "October 9, 2017" }, { "available": [ "OS X Mountain Lion 10.8 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, OS X El Capitan 10.11.6" ], "credit": "Australian Cyber Security Centre \u2013 Australian Signals Directorate", "description": "A memory consumption issue was addressed with improved memory handling.", "id": "CVE-2017-7132", "impact": "Parsing a maliciously crafted office document may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208144", "https://support.apple.com/en-us/HT208221" ], "module": "Quick Look", "rsr": "", "update": "January 22, 2019" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Don Sparks of HackediOS.com", "description": "A permissions issue existed. This issue was addressed with improved permission validation.", "id": "CVE-2017-7133", "impact": "Backup may perform an unencrypted backup despite a requirement to perform only encrypted backups", "links": [ "https://support.apple.com/en-us/HT208112" ], "module": "MobileBackup", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.6 or later" ], "credit": "riusksk (\u6cc9\u54e5) of Tencent Security Platform Department", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-7134", "impact": "Parsing a maliciously crafted Mach-O file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208103" ], "module": "ld64", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.6 or later" ], "credit": "riusksk (\u6cc9\u54e5) of Tencent Security Platform Department", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-7135", "impact": "Parsing a maliciously crafted Mach-O file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208103" ], "module": "ld64", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.6 or later" ], "credit": "riusksk (\u6cc9\u54e5) of Tencent Security Platform Department", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-7136", "impact": "Parsing a maliciously crafted Mach-O file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208103" ], "module": "ld64", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.6 or later" ], "credit": "riusksk (\u6cc9\u54e5) of Tencent Security Platform Department", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-7137", "impact": "Parsing a maliciously crafted Mach-O file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208103" ], "module": "ld64", "rsr": "", "update": "" }, { "available": [ "OS X Mountain Lion 10.8 and later" ], "credit": "Daniel Kvak of Masaryk University", "description": "A permissions issue existed in the handling of the Apple ID. This issue was addressed with improved access controls.", "id": "CVE-2017-7138", "impact": "A local attacker may be able to determine the Apple ID of the owner of the computer", "links": [ "https://support.apple.com/en-us/HT208144" ], "module": "Directory Utility", "rsr": "", "update": "October 3, 2017" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "an anonymous researcher", "description": "A timing issue existed in the handling of locking. This issue was addressed by disabling screenshots while locking.", "id": "CVE-2017-7139", "impact": "A screenshot of secure content may be taken when locking an iOS device", "links": [ "https://support.apple.com/en-us/HT208112" ], "module": "Phone", "rsr": "", "update": "September 25, 2017" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Agim Allkanjari of Stream in Motion Inc.", "description": "The iOS keyboard was inadvertently caching sensitive information. This issue was addressed with improved heuristics.", "id": "CVE-2017-7140", "impact": "Keyboard autocorrect suggestions may reveal sensitive information", "links": [ "https://support.apple.com/en-us/HT208112" ], "module": "Keyboard Suggestions", "rsr": "", "update": "October 9, 2017" }, { "available": [ "OS X Mountain Lion 10.8 and later" ], "credit": "John Whitehead of The New York Times", "description": "Turning off \"Load remote content in messages\" did not apply to all mailboxes. This issue was addressed with improved setting propagation.", "id": "CVE-2017-7141", "impact": "The sender of an email may be able to determine the IP address of the recipient", "links": [ "https://support.apple.com/en-us/HT208144" ], "module": "Mail", "rsr": "", "update": "October 3, 2017" }, { "available": [ "OS X El Capitan 10.11.6, and macOS Sierra 10.12.6, macOS High Sierra 10.13", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Rich Shawn O\u2019Connell, an anonymous researcher, an anonymous researcher", "description": "An information leakage issue existed in the handling of website data in Safari Private windows. This issue was addressed with improved data handling.", "id": "CVE-2017-7142", "impact": "Website data may persist after a Safari Private browsing session", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208116" ], "module": "WebKit Storage", "rsr": "", "update": "September 25, 2017, updated November 10, 2017" }, { "available": [ "OS X Mountain Lion 10.8 and later" ], "credit": "Matthew Green of Johns Hopkins University", "description": "The security state of the captive portal browser was not obvious. This issue was addressed with improved visibility of the captive portal browser security state.", "id": "CVE-2017-7143", "impact": "A local user may unknowingly send a password unencrypted over the network", "links": [ "https://support.apple.com/en-us/HT208144" ], "module": "Captive Network Assistant", "rsr": "", "update": "October 3, 2017" }, { "available": [ "OS X El Capitan 10.11.6, and macOS Sierra 10.12.6, macOS High Sierra 10.13", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Mohammad Ghasemisharif of UIC\u2019s BITS Lab", "description": "A permissions issue existed in the handling of web browser cookies. This issue was addressed with improved restrictions.", "id": "CVE-2017-7144", "impact": "A malicious website may be able to track users in Safari private browsing mode", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208116" ], "module": "WebKit", "rsr": "", "update": "October 9, 2017" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Chris Lawrence", "description": "A permissions issue existed in the process that handles time zone information. The issue was resolved by modifying permissions.", "id": "CVE-2017-7145", "impact": "\"Setting Time Zone\" may incorrectly indicate that it is using location", "links": [ "https://support.apple.com/en-us/HT208112" ], "module": "Time", "rsr": "", "update": "October 9, 2017" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "an anonymous researcher", "description": "A permission checking issue existed in the handling of an app's Keychain data. This issue was addressed with improved permission checking.", "id": "CVE-2017-7146", "impact": "A malicious app may be able to track users between installs", "links": [ "https://support.apple.com/en-us/HT208112" ], "module": "Security", "rsr": "", "update": "September 25, 2017" }, { "available": [ "iOS 9.0 and later" ], "credit": "David Coomber of Info-Sec.CA", "description": "Analytics data was sent using HTTP rather than HTTPS. This was addressed by sending analytics data using HTTPS.", "id": "CVE-2017-7147", "impact": "An attacker in a privileged network position may be able to intercept analytics data sent to Apple", "links": [ "https://support.apple.com/en-us/HT208201" ], "module": "Analytics", "rsr": "", "update": "October 17, 2017" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Igor Makarov from Moovit, Will McGinty and Shawnna Rodriguez of Bottle Rocket Studios", "description": "A permissions issue existed in the handling of the location variable. This was addressed with additional ownership checks.", "id": "CVE-2017-7148", "impact": "An application may be able to read sensitive location information", "links": [ "https://support.apple.com/en-us/HT208112" ], "module": "Location Framework", "rsr": "", "update": "October 9, 2017" }, { "available": [ "macOS High Sierra 10.13" ], "credit": "Matheus Mariano of Leet Tech", "description": "If a hint was set in Disk Utility when creating an APFS encrypted volume, the password was stored as the hint. This was addressed by clearing hint storage if the hint was the password, and by improving the logic for storing hints.", "id": "CVE-2017-7149", "impact": "A local attacker may gain access to an encrypted APFS volume", "links": [ "https://support.apple.com/en-us/HT208165" ], "module": "StorageKit", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13", "macOS Sierra 10.12.6, OS X El Capitan 10.11.6" ], "credit": "Patrick Wardle of Synack", "description": "A method existed for applications to bypass the keychain access prompt with a synthetic click. This was addressed by requiring the user password when prompting for keychain access.", "id": "CVE-2017-7150", "impact": "A malicious application can extract keychain passwords", "links": [ "https://support.apple.com/en-us/HT208165", "https://support.apple.com/en-us/HT208221" ], "module": "Security", "rsr": "", "update": "November 17, 2017" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.1" ], "credit": "Samuel Gro\u00df (@5aelo)", "description": "A race condition was addressed with additional validation.", "id": "CVE-2017-7151", "impact": "An application may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT208325", "https://support.apple.com/en-us/HT208326", "https://support.apple.com/en-us/HT208327", "https://support.apple.com/en-us/HT208331", "https://support.apple.com/en-us/HT208334" ], "module": "CoreFoundation", "rsr": "", "update": "October 18, 2018" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Oliver Paukstadt of Thinking Objects GmbH (to.com)", "description": "An inconsistent user interface issue was addressed with improved state management.", "id": "CVE-2017-7152", "impact": "Visiting a malicious website may lead to address bar spoofing", "links": [ "https://support.apple.com/en-us/HT208334" ], "module": "Mail Message Framework", "rsr": "", "update": "December 21, 2017" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.2", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Jerry Decime", "description": "Redirect responses to 401 Unauthorized may allow a malicious website to incorrectly display the lock icon on mixed content. This issue was addressed through improved URL display logic.", "id": "CVE-2017-7153", "impact": "Visiting a malicious website may lead to user interface spoofing", "links": [ "https://support.apple.com/en-us/HT208324", "https://support.apple.com/en-us/HT208325", "https://support.apple.com/en-us/HT208326", "https://support.apple.com/en-us/HT208327", "https://support.apple.com/en-us/HT208328", "https://support.apple.com/en-us/HT208334" ], "module": "WebKit", "rsr": "", "update": "January 11, 2018" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.1", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Jann Horn of Google Project Zero", "description": "An input validation issue existed in the kernel. This issue was addressed through improved input validation.", "id": "CVE-2017-7154", "impact": "A local user may be able to cause unexpected system termination or read kernel memory", "links": [ "https://support.apple.com/en-us/HT208325", "https://support.apple.com/en-us/HT208327", "https://support.apple.com/en-us/HT208331", "https://support.apple.com/en-us/HT208334" ], "module": "Kernel", "rsr": "", "update": "December 21, 2017" }, { "available": [ "macOS High Sierra 10.13.1" ], "credit": "Yu Wang of Didi Research America", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-7155", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT208331" ], "module": "Intel Graphics Driver", "rsr": "", "update": "December 21, 2017" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.2", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Yuan Deng of Ant-financial Light-Year Security Lab", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-7156", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208324", "https://support.apple.com/en-us/HT208326", "https://support.apple.com/en-us/HT208327", "https://support.apple.com/en-us/HT208328", "https://support.apple.com/en-us/HT208334" ], "module": "WebKit", "rsr": "", "update": "January 10, 2018" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.2", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "an anonymous researcher", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-7157", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208324", "https://support.apple.com/en-us/HT208326", "https://support.apple.com/en-us/HT208327", "https://support.apple.com/en-us/HT208328", "https://support.apple.com/en-us/HT208334" ], "module": "WebKit", "rsr": "", "update": "January 10, 2018" }, { "available": [ "macOS Sierra 10.12.6, macOS High Sierra 10.13.1" ], "credit": "Trevor Jacques of Toronto", "description": "A permissions issue existed in the handling of screen sharing sessions. This issue was addressed with improved permissions handling.", "id": "CVE-2017-7158", "impact": "A user with screen sharing access may be able to access any file readable by root", "links": [ "https://support.apple.com/en-us/HT208331" ], "module": "Screen Sharing Server", "rsr": "", "update": "December 21, 2017" }, { "available": [ "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.1" ], "credit": "found by IMF developed by HyungSeok Han (daramg.gift) of SoftSec, KAIST (softsec.kaist.ac.kr)", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-7159", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT208331" ], "module": "IOAcceleratorFamily", "rsr": "", "update": "December 21, 2017" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.2", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Richard Zhu (fluorescence) working with Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-7160", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208324", "https://support.apple.com/en-us/HT208326", "https://support.apple.com/en-us/HT208327", "https://support.apple.com/en-us/HT208328", "https://support.apple.com/en-us/HT208334" ], "module": "WebKit", "rsr": "", "update": "January 10, 2018" }, { "available": [ "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.2" ], "credit": "Mitin Svyat", "description": "A command injection issue existed in Web Inspector. This issue was addressed through improved escaping of special characters.", "id": "CVE-2017-7161", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208324" ], "module": "WebKit Web Inspector", "rsr": "", "update": "January 10, 2018" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.1", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Tencent Keen Security Lab (@keen_lab) working with Trend Micro's Zero Day Initiative", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-7162", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT208325", "https://support.apple.com/en-us/HT208327", "https://support.apple.com/en-us/HT208331", "https://support.apple.com/en-us/HT208334" ], "module": "IOKit", "rsr": "", "update": "January 10, 2018" }, { "available": [ "macOS High Sierra 10.13.1" ], "credit": "Yu Wang of Didi Research America", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-7163", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT208331" ], "module": "Intel Graphics Driver", "rsr": "", "update": "December 21, 2017" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Jerry Decime", "description": "An input validation issue was addressed through improved input validation.", "id": "CVE-2017-7164", "impact": "An attacker in a privileged network position may be able to spoof password prompts in App Store", "links": [ "https://support.apple.com/en-us/HT208327", "https://support.apple.com/en-us/HT208334" ], "module": "App Store", "rsr": "", "update": "January 11, 2018" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.2", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "360 Security working with Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed through improved memory handling.", "id": "CVE-2017-7165", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208324", "https://support.apple.com/en-us/HT208325", "https://support.apple.com/en-us/HT208326", "https://support.apple.com/en-us/HT208327", "https://support.apple.com/en-us/HT208328", "https://support.apple.com/en-us/HT208334" ], "module": "WebKit", "rsr": "", "update": "January 22, 2018" }, { "available": [ "macOS Sierra 10.12.6 or later" ], "credit": "sss of Qihoo 360 Nirvan Team", "description": "A buffer overflow was addressed with improved bounds checking.", "id": "CVE-2017-7167", "impact": "Compiling with untrusted sources may lead to arbitrary code execution with user privileges", "links": [ "https://support.apple.com/en-us/HT208456" ], "module": "ld64", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13, macOS Sierra 10.12.6, OS X El Capitan 10.11.6" ], "credit": "Patrick Wardle of Synack", "description": "An authorization issue was addressed with improved state management.", "id": "CVE-2017-7170", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "Security", "rsr": "", "update": "January 11, 2018" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.1" ], "credit": "360 Security working with Trend Micro's Zero Day Initiative, and Tencent Keen Security Lab (@keen_lab) working with Trend Micro's Zero Day Initiative", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-7171", "impact": "An application may be able to execute arbitrary code with elevated privileges", "links": [ "https://support.apple.com/en-us/HT208325", "https://support.apple.com/en-us/HT208327", "https://support.apple.com/en-us/HT208331", "https://support.apple.com/en-us/HT208334" ], "module": "CoreAnimation", "rsr": "", "update": "January 22, 2018" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.1", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Richard Zhu (fluorescence) working with Trend Micro's Zero Day Initiative", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-7172", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT208325", "https://support.apple.com/en-us/HT208326", "https://support.apple.com/en-us/HT208327", "https://support.apple.com/en-us/HT208328", "https://support.apple.com/en-us/HT208331", "https://support.apple.com/en-us/HT208334" ], "module": "CFNetwork Session", "rsr": "", "update": "January 22, 2018" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.1", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Brandon Azad", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2017-7173", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT208325", "https://support.apple.com/en-us/HT208327", "https://support.apple.com/en-us/HT208331", "https://support.apple.com/en-us/HT208334" ], "module": "Kernel", "rsr": "", "update": "January 11, 2018" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X El Capitan 10.11.6", "OS X Mountain Lion 10.8 and later", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "an anonymous researcher", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2017-7376", "impact": "Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208115", "https://support.apple.com/en-us/HT208141", "https://support.apple.com/en-us/HT208142", "https://support.apple.com/en-us/HT208144", "https://support.apple.com/en-us/HT208221" ], "module": "libxml2", "rsr": "", "update": "October 18, 2018" }, { "available": [ "macOS Sierra 10.12.5" ], "credit": "", "description": "Multiple issues were addressed by updating to version 7.54.0.", "id": "CVE-2017-7468", "impact": "Multiple issues in curl", "links": [ "https://support.apple.com/en-us/HT207922" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.6, OS X El Capitan 10.11.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 2.4.27.", "id": "CVE-2017-7659", "impact": "Multiple issues in Apache", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "apache", "rsr": "", "update": "November 14, 2017" }, { "available": [ "macOS Sierra 10.12.6, OS X El Capitan 10.11.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 2.4.27.", "id": "CVE-2017-7668", "impact": "Multiple issues in Apache", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "apache", "rsr": "", "update": "November 14, 2017" }, { "available": [ "macOS Sierra 10.12.6, OS X El Capitan 10.11.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 2.4.27.", "id": "CVE-2017-7679", "impact": "Multiple issues in Apache", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "apache", "rsr": "", "update": "November 14, 2017" }, { "available": [ "iPhone 5 and later, and Wi-Fi + Cellular models of iPad 4th generation and later" ], "credit": "", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-8248", "impact": "An attacker in a privileged network position may be able to execute arbitrary code", "links": [ "https://support.apple.com/en-us/HT207923" ], "module": "Telephony", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Mountain Lion 10.8 and later", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6" ], "credit": "Wei Lei and Liu Yang - Nanyang Technological University in Singapore", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2017-9049", "impact": "Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208115", "https://support.apple.com/en-us/HT208141", "https://support.apple.com/en-us/HT208142", "https://support.apple.com/en-us/HT208144", "https://support.apple.com/en-us/HT208221" ], "module": "libxml2", "rsr": "", "update": "October 18, 2018" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Mountain Lion 10.8 and later", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6" ], "credit": "Mateusz Jurczyk (j00ru) of Google Project Zero", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2017-9050", "impact": "Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208115", "https://support.apple.com/en-us/HT208141", "https://support.apple.com/en-us/HT208142", "https://support.apple.com/en-us/HT208144", "https://support.apple.com/en-us/HT208221" ], "module": "libxml2", "rsr": "", "update": "October 18, 2018" }, { "available": [ "All Apple Watch models", "Apple TV (4th generation)", "OS X Mountain Lion 10.8 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "", "description": "Multiple issues were addressed by updating to version 2.2.1", "id": "CVE-2017-9233", "impact": "Multiple issues in expat", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208113", "https://support.apple.com/en-us/HT208115", "https://support.apple.com/en-us/HT208144" ], "module": "libexpat", "rsr": "", "update": "" }, { "available": [ "AirPort Extreme and AirPort Time Capsule base stations with 802.11ac", "All Apple Watch models", "Apple TV (4th generation)", "MacBook Air (Late 2010 and later), MacBook Pro (Late 2010 and later), Mac mini (Mid 2010 and later), iMac (Mid 2010 and later), MacBook (Mid 2010 and later)", "iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation", "macOS Sierra 10.12.5" ], "credit": "Nitay Artenstein of Exodus Intelligence", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-9417", "impact": "An attacker within range may be able to execute arbitrary code on the Wi-Fi chip", "links": [ "https://support.apple.com/en-us/HT207922", "https://support.apple.com/en-us/HT207923", "https://support.apple.com/en-us/HT207924", "https://support.apple.com/en-us/HT207925", "https://support.apple.com/en-us/HT207940", "https://support.apple.com/en-us/HT208354" ], "module": "AirPort Base Station Firmware", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.6, OS X El Capitan 10.11.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 2.4.27.", "id": "CVE-2017-9788", "impact": "Multiple issues in Apache", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "apache", "rsr": "", "update": "November 14, 2017" }, { "available": [ "macOS Sierra 10.12.6, OS X El Capitan 10.11.6" ], "credit": "", "description": "Multiple issues were addressed by updating to version 2.4.27.", "id": "CVE-2017-9789", "impact": "Multiple issues in Apache", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "apache", "rsr": "", "update": "November 14, 2017" }, { "available": [ "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.1" ], "credit": "Hanno B\u00f6ck", "description": "Multiple issues were addressed by updating to version 2.4.28.", "id": "CVE-2017-9798", "impact": "Processing a maliciously crafted Apache configuration directive may result in the disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT208331" ], "module": "apache", "rsr": "", "update": "December 18, 2018" }, { "available": [ "macOS Sierra 10.12.6 or later" ], "credit": "", "description": "An input validation issue was addressed through improved input validation.", "id": "CVE-2017-9800", "impact": "Checking out a maliciously crafted repository may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208103" ], "module": "subversion", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "OS X Mountain Lion 10.8 and later", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Gustavo Grieco", "description": "A null pointer dereference was addressed with improved validation.", "id": "CVE-2018-4302", "impact": "Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208112", "https://support.apple.com/en-us/HT208115", "https://support.apple.com/en-us/HT208141", "https://support.apple.com/en-us/HT208142", "https://support.apple.com/en-us/HT208144" ], "module": "libxml2", "rsr": "", "update": "October 18, 2018" }, { "available": [ "macOS High Sierra 10.13" ], "credit": "Rayyan Bijoora (@Bijoora) of The City School, PAF Chapter", "description": "An inconsistent user interface issue was addressed with improved state management.", "id": "CVE-2018-4390", "impact": "Visiting a malicious website may lead to address bar spoofing", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "LinkPresentation", "rsr": "", "update": "November 16, 2018" }, { "available": [ "macOS High Sierra 10.13" ], "credit": "Rayyan Bijoora (@Bijoora) of The City School, PAF Chapter", "description": "An inconsistent user interface issue was addressed with improved state management.", "id": "CVE-2018-4391", "impact": "Visiting a malicious website may lead to address bar spoofing", "links": [ "https://support.apple.com/en-us/HT208221" ], "module": "LinkPresentation", "rsr": "", "update": "November 16, 2018" } ] ================================================ FILE: 2017/README.md ================================================ # Apple CVE 2017 * data source: https://support.apple.com/en-us/HT201222 * [2017.json](2017.json) ## Modules | Index | Module Name | CVE Count | |:-----:|:------------------ |:---------:| | 1 | WebKit | 140 | | 2 | tcpdump | 131 | | 3 | Kernel | 67 | | 4 | iTunes | 18 | | 5 | Wi-Fi | 15 | | 6 | SQLite | 14 | | 7 | Intel Graphics Driver | 14 | | 8 | apache | 13 | | 9 | Security | 13 | | 10 | Safari | 12 | | 11 | ntp | 10 | | 12 | apache_mod_php | 8 | | 13 | libarchive | 8 | | 14 | Bluetooth | 8 | | 15 | libxml2 | 8 | | 16 | ImageIO | 7 | | 17 | CoreText | 7 | | 18 | tiffutil | 7 | | 19 | curl | 7 | | 20 | file | 7 | | 21 | AVEVideoEncoder | 7 | | 22 | ld64 | 7 | | 23 | FontParser | 6 | | 24 | IOKit | 6 | | 25 | Audio | 6 | | 26 | WebKit Web Inspector | 5 | | 27 | iBooks | 5 | | 28 | OpenSSH | 4 | | 29 | zlib | 4 | | 30 | AirPort Base Station Firmware | 4 | | 31 | WindowServer | 4 | | 32 | Profiles | 3 | | 33 | CoreGraphics | 3 | | 34 | CoreFoundation | 3 | | 35 | CoreAudio | 3 | | 36 | APFS | 3 | | 37 | Quick Look | 3 | | 38 | Messages | 3 | | 39 | Mail | 3 | | 40 | Contacts | 3 | | 41 | IOFireWireFamily | 3 | | 42 | Multi-Touch | 3 | | 43 | JavaScriptCore | 3 | | 44 | ICU | 2 | | 45 | Accounts | 2 | | 46 | libexpat | 2 | | 47 | libc | 2 | | 48 | Postfix | 2 | | 49 | FreeRadius | 2 | | 50 | Siri | 2 | | 51 | fsck_msdos | 2 | | 52 | QuickTime | 2 | | 53 | kext tools | 2 | | 54 | CFNetwork | 2 | | 55 | HFS | 2 | | 56 | 802.1X | 2 | | 57 | Sandbox | 2 | | 58 | Spotlight | 2 | | 59 | Mail Drafts | 2 | | 60 | IOSurface | 2 | | 61 | APNs Server | 2 | | 62 | Directory Utility | 2 | | 63 | Sandbox Profiles | 2 | | 64 | SafariViewController | 2 | | 65 | HomeKit | 2 | | 66 | IOAcceleratorFamily | 2 | | 67 | Projects | 2 | | 68 | AppleGraphicsPowerManagement | 2 | | 69 | IOFireWireAVC | 2 | | 70 | libxslt | 2 | | 71 | Phone | 2 | | 72 | Foundation | 2 | | 73 | CoreAnimation | 2 | | 74 | Speech Framework | 2 | | 75 | Telephony | 2 | | 76 | Notifications | 2 | | 77 | afclip | 2 | | 78 | LinkPresentation | 2 | | 79 | Web Server | 1 | | 80 | Profile Manager | 1 | | 81 | Vim | 1 | | 82 | python | 1 | | 83 | LibreSSL | 1 | | 84 | EFI | 1 | | 85 | CoreMedia Playback | 1 | | 86 | IOHIDFamily | 1 | | 87 | Disk Images | 1 | | 88 | syslog | 1 | | 89 | Git | 1 | | 90 | Heimdal | 1 | | 91 | Perl | 1 | | 92 | Dictionary Widget | 1 | | 93 | StreamingZip | 1 | | 94 | Remote Management | 1 | | 95 | AppleScript | 1 | | 96 | HelpViewer | 1 | | 97 | ATS | 1 | | 98 | CFString | 1 | | 99 | Open Scripting Architecture | 1 | | 100 | Fonts | 1 | | 101 | Installer | 1 | | 102 | PCRE | 1 | | 103 | Font Importer | 1 | | 104 | DesktopServices | 1 | | 105 | AppleGraphicsControl | 1 | | 106 | APNs | 1 | | 107 | IOMobileFrameBuffer | 1 | | 108 | ReplayKit | 1 | | 109 | CoreTypes | 1 | | 110 | Auto Unlock | 1 | | 111 | Login Window | 1 | | 112 | SMB | 1 | | 113 | Apple Account Settings | 1 | | 114 | SIP | 1 | | 115 | Unlock with iPhone | 1 | | 116 | IOAudioFamily | 1 | | 117 | Graphics Drivers | 1 | | 118 | Help Viewer | 1 | | 119 | Call History | 1 | | 120 | Carbon | 1 | | 121 | sudo | 1 | | 122 | Wiki Server | 1 | | 123 | Safari Login AutoFill | 1 | | 124 | Apple Music | 1 | | 125 | Export | 1 | | 126 | Safari Reader | 1 | | 127 | Pasteboard | 1 | | 128 | MCX Client | 1 | | 129 | Printing | 1 | | 130 | IOATAFamily | 1 | | 131 | Menus | 1 | | 132 | Calculator | 1 | | 133 | iTunes Store | 1 | | 134 | DataAccess | 1 | | 135 | Hypervisor | 1 | | 136 | SecurityFoundation | 1 | | 137 | HTTPProtocol | 1 | | 138 | FinderKit | 1 | | 139 | CoreMedia | 1 | | 140 | AppleRAID | 1 | | 141 | libc++abi | 1 | | 142 | WebKit JavaScript Bindings | 1 | | 143 | Keychain | 1 | | 144 | Keyboards | 1 | | 145 | Authentication | 1 | | 146 | TextInput | 1 | | 147 | DiskArbitration | 1 | | 148 | IOGraphics | 1 | | 149 | OpenSSL | 1 | | 150 | System Integrity Protection | 1 | | 151 | Accessibility Framework | 1 | | 152 | NVIDIA Graphics Drivers | 1 | | 153 | EventKitUI | 1 | | 154 | IOUSBFamily | 1 | | 155 | WebKit Page Loading | 1 | | 156 | libxpc | 1 | | 157 | Safari Printing | 1 | | 158 | AppSandbox | 1 | | 159 | Notes | 1 | | 160 | Data Sync | 1 | | 161 | Screen Lock | 1 | | 162 | CFNetwork Proxies | 1 | | 163 | Application Firewall | 1 | | 164 | Exchange ActiveSync | 1 | | 165 | Mail MessageUI | 1 | | 166 | UIKit | 1 | | 167 | MobileBackup | 1 | | 168 | Keyboard Suggestions | 1 | | 169 | WebKit Storage | 1 | | 170 | Captive Network Assistant | 1 | | 171 | Time | 1 | | 172 | Analytics | 1 | | 173 | Location Framework | 1 | | 174 | StorageKit | 1 | | 175 | Mail Message Framework | 1 | | 176 | Screen Sharing Server | 1 | | 177 | App Store | 1 | | 178 | CFNetwork Session | 1 | | 179 | subversion | 1 | ================================================ FILE: 2018/2018.json ================================================ [ { "available": [ "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)" ], "credit": "", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2015-3194", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT209139" ], "module": "Bluetooth", "rsr": "", "update": "October 23, 2018" }, { "available": [ "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)" ], "credit": "", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2015-5333", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT209139" ], "module": "Bluetooth", "rsr": "", "update": "October 23, 2018" }, { "available": [ "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)" ], "credit": "", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2015-5334", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT209139" ], "module": "Bluetooth", "rsr": "", "update": "October 23, 2018" }, { "available": [ "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)" ], "credit": "", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2016-0702", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT209139" ], "module": "Bluetooth", "rsr": "", "update": "October 23, 2018" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Pepi Zawodsky", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2016-1777", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209107", "https://support.apple.com/en-us/HT209108", "https://support.apple.com/en-us/HT209139" ], "module": "Bluetooth", "rsr": "", "update": "October 23, 2018" }, { "available": [ "macOS High Sierra 10.13.5", "macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues in Ruby were addressed in this update.", "id": "CVE-2017-0898", "impact": "A remote attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208937", "https://support.apple.com/en-us/HT209193" ], "module": "Ruby", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.5", "macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues in Ruby were addressed in this update.", "id": "CVE-2017-10784", "impact": "A remote attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208937", "https://support.apple.com/en-us/HT209193" ], "module": "Ruby", "rsr": "", "update": "" }, { "available": [ "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6" ], "credit": "Craig Young of Tripwire VERT", "description": "Multiple issues in Perl were addressed with improved memory handling.", "id": "CVE-2017-12613", "impact": "Multiple buffer overflow issues existed in Perl", "links": [ "https://support.apple.com/en-us/HT209139", "https://support.apple.com/en-us/HT209193" ], "module": "APR", "rsr": "", "update": "February 15, 2019" }, { "available": [ "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6" ], "credit": "Craig Young of Tripwire VERT", "description": "Multiple issues in Perl were addressed with improved memory handling.", "id": "CVE-2017-12618", "impact": "Multiple buffer overflow issues existed in Perl", "links": [ "https://support.apple.com/en-us/HT209139", "https://support.apple.com/en-us/HT209193" ], "module": "APR", "rsr": "", "update": "February 15, 2019" }, { "available": [ "MacBook (Late 2009 and later), MacBook Pro (Mid 2010 and later), MacBook Air (Late 2010 and later), Mac mini (Mid 2010 and later), iMac (Late 2009 and later), and Mac Pro (Mid 2010 and later)" ], "credit": "Mathy Vanhoef of the imec-DistriNet group at KU Leuven", "description": "A logic issue existed in the handling of state transitions. This was addressed with improved state management.", "id": "CVE-2017-13077", "impact": "An attacker in Wi-Fi range may force nonce reuse in WPA unicast/PTK clients (Key Reinstallation Attacks - KRACK)", "links": [ "https://support.apple.com/en-us/HT208847" ], "module": "Wi-Fi", "rsr": "", "update": "" }, { "available": [ "MacBook (Late 2009 and later), MacBook Pro (Mid 2010 and later), MacBook Air (Late 2010 and later), Mac mini (Mid 2010 and later), iMac (Late 2009 and later), and Mac Pro (Mid 2010 and later)" ], "credit": "Mathy Vanhoef of the imec-DistriNet group at KU Leuven", "description": "A logic issue existed in the handling of state transitions. This was addressed with improved state management.", "id": "CVE-2017-13078", "impact": "An attacker in Wi-Fi range may force nonce reuse in WPA unicast/PTK clients (Key Reinstallation Attacks - KRACK)", "links": [ "https://support.apple.com/en-us/HT208847" ], "module": "Wi-Fi", "rsr": "", "update": "" }, { "available": [ "MacBook (Late 2009 and later), MacBook Pro (Mid 2010 and later), MacBook Air (Late 2010 and later), Mac mini (Mid 2010 and later), iMac (Late 2009 and later), and Mac Pro (Mid 2010 and later)", "macOS High Sierra 10.13.3" ], "credit": "Mathy Vanhoef of the imec-DistriNet group at KU Leuven", "description": "A logic issue existed in the handling of state transitions. This was addressed with improved state management.", "id": "CVE-2017-13080", "impact": "An attacker in Wi-Fi range may force nonce reuse in WPA multicast/GTK clients (Key Reinstallation Attacks - KRACK)", "links": [ "https://support.apple.com/en-us/HT208692", "https://support.apple.com/en-us/HT208847" ], "module": "Wi-Fi", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.2" ], "credit": "Glenn G. Bruckno, P.E. of Automation Engineering, James Barnes, Kevin Manca of Computer Engineering Politecnico di Milano, Rene Malenfant of University of New Brunswick", "description": "A logic error existed in the validation of credentials. This was addressed with improved credential validation.", "id": "CVE-2017-13889", "impact": "An attacker may be able to bypass administrator authentication without supplying the administrator\u2019s password", "links": [ "https://support.apple.com/en-us/HT208465" ], "module": "Security", "rsr": "", "update": "June 21, 2018" }, { "available": [ "OS X El Capitan 10.11.6, macOS Sierra 10.12.6" ], "credit": "Apple, Theodor Ragnar Gislason of Syndis", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2017-13890", "impact": "Processing a maliciously crafted webpage may result in the mounting of a disk image", "links": [ "https://support.apple.com/en-us/HT208692" ], "module": "CoreTypes", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan 10.11.6, macOS Sierra 10.12.6" ], "credit": "Timothy Perfitt of Twocanoes Software", "description": "A configuration issue was addressed with additional restrictions.", "id": "CVE-2017-13911", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT208692" ], "module": "SIP", "rsr": "", "update": "August 8, 2018, updated September 25, 2018" }, { "available": [ "macOS High Sierra 10.13.5", "macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues in Ruby were addressed in this update.", "id": "CVE-2017-14033", "impact": "A remote attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208937", "https://support.apple.com/en-us/HT209193" ], "module": "Ruby", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.5", "macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues in Ruby were addressed in this update.", "id": "CVE-2017-14064", "impact": "A remote attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208937", "https://support.apple.com/en-us/HT209193" ], "module": "Ruby", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.3, OS X El Capitan 10.11.6" ], "credit": "Nick Wellnhofer", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2017-15412", "impact": "Processing maliciously crafted web content may lead to an unexpected Safari crash", "links": [ "https://support.apple.com/en-us/HT208692", "https://support.apple.com/en-us/HT208693", "https://support.apple.com/en-us/HT208696", "https://support.apple.com/en-us/HT208698" ], "module": "libxml2", "rsr": "", "update": "October 18, 2018" }, { "available": [ "macOS High Sierra 10.13.5", "macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues in Ruby were addressed in this update.", "id": "CVE-2017-17405", "impact": "A remote attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208937", "https://support.apple.com/en-us/HT209193" ], "module": "Ruby", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.5", "macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues in Ruby were addressed in this update.", "id": "CVE-2017-17742", "impact": "A remote attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208937", "https://support.apple.com/en-us/HT209193" ], "module": "Ruby", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.2, macOS Sierra 10.12.6, OS X El Capitan 10.11.6" ], "credit": "Mark Ermolov and Maxim Goryachy from Positive Technologies", "description": "Multiple buffer overflows in kernel in Intel Manageability Engine Firmware 11.0/11.5/11.6/11.7/11.10/11.20 allow attacker with local access to the system to execute arbitrary code.", "id": "CVE-2017-5705", "impact": "", "links": [ "https://support.apple.com/en-us/HT208465" ], "module": "EFI", "rsr": "", "update": "January 30, 2018" }, { "available": [ "macOS High Sierra 10.13.2, macOS Sierra 10.12.6, OS X El Capitan 10.11.6" ], "credit": "Mark Ermolov and Maxim Goryachy from Positive Technologies", "description": "Multiple privilege escalations in kernel in Intel Manageability Engine Firmware 11.0/11.5/11.6/11.7/11.10/11.20 allow unauthorized process to access privileged content via unspecified vector.", "id": "CVE-2017-5708", "impact": "", "links": [ "https://support.apple.com/en-us/HT208465" ], "module": "EFI", "rsr": "", "update": "January 30, 2018" }, { "available": [ "OS X El Capitan 10.11.6 and macOS Sierra 10.12.6", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.2" ], "credit": "Jann Horn of Google Project Zero; and Paul Kocher in collaboration with Daniel Genkin of University of Pennsylvania and University of Maryland, Daniel Gruss of Graz University of Technology, Werner Haas of Cyberus Technology, Mike Hamburg of Rambus (Cryptography Research Division), Moritz Lipp of Graz University of Technology, Stefan Mangard of Graz University of Technology, Thomas Prescher of Cyberus Technology, Michael Schwarz of Graz University of Technology, and Yuval Yarom of University of Adelaide and Data61", "description": "macOS High Sierra 10.13.2 Supplemental Update includes security improvements to Safari and WebKit to mitigate the effects of Spectre (CVE-2017-5753 and CVE-2017-5715).", "id": "CVE-2017-5715", "impact": "Spectre", "links": [ "https://support.apple.com/en-us/HT208397", "https://support.apple.com/en-us/HT208401", "https://support.apple.com/en-us/HT208403" ], "module": "CPU", "rsr": "", "update": "" }, { "available": [ "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)" ], "credit": "Intel and Eclypsium", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2017-5731", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT209139" ], "module": "Bluetooth", "rsr": "", "update": "October 23, 2018" }, { "available": [ "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)" ], "credit": "Intel and Eclypsium", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2017-5732", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT209139" ], "module": "Bluetooth", "rsr": "", "update": "October 23, 2018" }, { "available": [ "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)" ], "credit": "Intel and Eclypsium", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2017-5733", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT209139" ], "module": "Bluetooth", "rsr": "", "update": "October 23, 2018" }, { "available": [ "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)" ], "credit": "Intel and Eclypsium", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2017-5734", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT209139" ], "module": "Bluetooth", "rsr": "", "update": "October 23, 2018" }, { "available": [ "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)" ], "credit": "Intel and Eclypsium", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2017-5735", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT209139" ], "module": "Bluetooth", "rsr": "", "update": "October 23, 2018" }, { "available": [ "OS X El Capitan 10.11.6 and macOS Sierra 10.12.6", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.2" ], "credit": "Jann Horn of Google Project Zero; and Paul Kocher in collaboration with Daniel Genkin of University of Pennsylvania and University of Maryland, Daniel Gruss of Graz University of Technology, Werner Haas of Cyberus Technology, Mike Hamburg of Rambus (Cryptography Research Division), Moritz Lipp of Graz University of Technology, Stefan Mangard of Graz University of Technology, Thomas Prescher of Cyberus Technology, Michael Schwarz of Graz University of Technology, and Yuval Yarom of University of Adelaide and Data61", "description": "macOS High Sierra 10.13.2 Supplemental Update includes security improvements to Safari and WebKit to mitigate the effects of Spectre (CVE-2017-5753 and CVE-2017-5715).", "id": "CVE-2017-5753", "impact": "Spectre", "links": [ "https://support.apple.com/en-us/HT208397", "https://support.apple.com/en-us/HT208401", "https://support.apple.com/en-us/HT208403" ], "module": "CPU", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.6, OS X El Capitan 10.11.6" ], "credit": "Jann Horn of Google Project Zero; Moritz Lipp of Graz University of Technology; Michael Schwarz of Graz University of Technology; Daniel Gruss of Graz University of Technology; Thomas Prescher of Cyberus Technology GmbH; Werner Haas of Cyberus Technology GmbH; Stefan Mangard of Graz University of Technology; Paul Kocher; Daniel Genkin of University of Pennsylvania and University of Maryland; Yuval Yarom of University of Adelaide and Data61; and Mike Hamburg of Rambus (Cryptography Research Division)", "description": "Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.", "id": "CVE-2017-5754", "impact": "An application may be able to read kernel memory (Meltdown)", "links": [ "https://support.apple.com/en-us/HT208465" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.3" ], "credit": "Samuel Gro\u00df (@5aelo)", "description": "A race condition was addressed with additional validation.", "id": "CVE-2017-7151", "impact": "An application may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT208692" ], "module": "Notes", "rsr": "", "update": "October 18, 2018" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.3", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.2" ], "credit": "Jun Kokatsu (@shhnjk)", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2017-7830", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208462", "https://support.apple.com/en-us/HT208463", "https://support.apple.com/en-us/HT208465", "https://support.apple.com/en-us/HT208473", "https://support.apple.com/en-us/HT208474", "https://support.apple.com/en-us/HT208475" ], "module": "WebKit Page Loading", "rsr": "", "update": "October 18, 2018" }, { "available": [ "OS X El Capitan 10.11.6, macOS Sierra 10.12.6", "macOS High Sierra 10.13.2" ], "credit": "Alex Nichols", "description": "An integer overflow existed in curl. This issue was addressed with improved bounds checking.", "id": "CVE-2017-8816", "impact": "Multiple issues in curl", "links": [ "https://support.apple.com/en-us/HT208465", "https://support.apple.com/en-us/HT208692" ], "module": "curl", "rsr": "", "update": "April 3, 2019" }, { "available": [ "macOS High Sierra 10.13.2" ], "credit": "found by OSS-Fuzz", "description": "An out-of-bounds read issue existed in the curl. This issue was addressed with improved bounds checking.", "id": "CVE-2017-8817", "impact": "Multiple issues in curl", "links": [ "https://support.apple.com/en-us/HT208465" ], "module": "curl", "rsr": "", "update": "November 16, 2018" }, { "available": [ "macOS High Sierra 10.13.2 or later" ], "credit": "", "description": "Multiple issues existed in git. These issues were addressed by updating git to version 2.15.2.", "id": "CVE-2018-11233", "impact": "Multiple issues in git, the most significant of which may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208895" ], "module": "Git", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.2 or later" ], "credit": "Etienne Stalmans", "description": "Multiple issues existed in git. These issues were addressed by updating git to version 2.15.2.", "id": "CVE-2018-11235", "impact": "Multiple issues in git, the most significant of which may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208895" ], "module": "Git", "rsr": "", "update": "" }, { "available": [ "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)", "macOS High Sierra 10.13.6" ], "credit": "Jann Horn (@tehjh) of Google Project Zero (GPZ), Ken Johnson of the Microsoft Security Response Center (MSRC)", "description": "An information disclosure issue was addressed with a microcode update. This ensures that older data read from recently-written-to addresses cannot be read via a speculative side-channel.", "id": "CVE-2018-3639", "impact": "Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis", "links": [ "https://support.apple.com/en-us/HT209139", "https://support.apple.com/en-us/HT209193" ], "module": "EFI", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14" ], "credit": "Innokentiy Sennovskiy from BiZone LLC (bi.zone), Zdenek Sojka, Rudolf Marek and Alex Zuepke from SYSGO AG (sysgo.com)", "description": "An information disclosure issue was addressed with a microcode update. This ensures that implementation specific system registers cannot be leaked via a speculative execution side-channel.", "id": "CVE-2018-3640", "impact": "Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis", "links": [ "https://support.apple.com/en-us/HT209193" ], "module": "Microcode", "rsr": "", "update": "" }, { "available": [ "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6" ], "credit": "Baris Kasikci, Daniel Genkin, Ofir Weisse, and Thomas F. Wenisch of University of Michigan, Mark Silberstein and Marina Minkin of Technion, Raoul Strackx, Jo Van Bulck, and Frank Piessens of KU Leuven, Rodrigo Branco, Henrique Kawakami, Ke Sun, and Kekai Hu of Intel Corporation, Yuval Yarom of The University of Adelaide", "description": "An information disclosure issue was addressed by flushing the L1 data cache at the virtual machine entry.", "id": "CVE-2018-3646", "impact": "Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis", "links": [ "https://support.apple.com/en-us/HT209139", "https://support.apple.com/en-us/HT209193" ], "module": "Hypervisor", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.5" ], "credit": "Julian Stecklina of Amazon Germany, Thomas Prescher of Cyberus Technology GmbH (cyberus-technology.de), Zdenek Sojka of SYSGO AG (sysgo.com), and Colin Percival", "description": "Lazy FP state restore instead of eager save and restore of the state upon a context switch. Lazy restored states are potentially vulnerable to exploits where one process may infer register values of other processes through a speculative execution side channel that infers their value.", "id": "CVE-2018-3665", "impact": "Systems using Intel\u00ae Core-based microprocessors may potentially allow a local process to infer data utilizing Lazy FP state restore from another process through a speculative execution side channel", "links": [ "https://support.apple.com/en-us/HT208937" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.2" ], "credit": "Russ Cox of Google", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2018-4082", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT208462", "https://support.apple.com/en-us/HT208463", "https://support.apple.com/en-us/HT208464", "https://support.apple.com/en-us/HT208465" ], "module": "Kernel", "rsr": "", "update": "November 16, 2018" }, { "available": [ "macOS High Sierra 10.13.2, macOS Sierra 10.12.6" ], "credit": "Ian Beer of Google Project Zero", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2018-4083", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT208465" ], "module": "Touch Bar Support", "rsr": "", "update": "February 9, 2018" }, { "available": [ "macOS High Sierra 10.13.2, macOS Sierra 10.12.6, OS X El Capitan 10.11.6" ], "credit": "Hyung Sup Lee of Minionz, You Chan Lee of Hanyang University", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2018-4084", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT208465" ], "module": "Wi-Fi", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS High Sierra 10.13.2, macOS Sierra 10.12.6", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Ret2 Systems Inc. working with Trend Micro's Zero Day Initiative", "description": "A memory corruption issue existed in the processing of web content. This issue was addressed with improved input validation.", "id": "CVE-2018-4085", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208462", "https://support.apple.com/en-us/HT208463", "https://support.apple.com/en-us/HT208464", "https://support.apple.com/en-us/HT208465" ], "module": "QuartzCore", "rsr": "", "update": "November 16, 2018" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.2, macOS Sierra 10.12.6" ], "credit": "Ian Haken of Netflix", "description": "A certificate evaluation issue existed in the handling of name constraints. This issue was addressed with improved trust evaluation of certificates.", "id": "CVE-2018-4086", "impact": "A certificate may have name constraints applied incorrectly", "links": [ "https://support.apple.com/en-us/HT208462", "https://support.apple.com/en-us/HT208463", "https://support.apple.com/en-us/HT208464", "https://support.apple.com/en-us/HT208465" ], "module": "Security", "rsr": "", "update": "November 16, 2018" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Rani Idan (@raniXCH) of Zimperium zLabs Team", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2018-4087", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT208462", "https://support.apple.com/en-us/HT208463", "https://support.apple.com/en-us/HT208464" ], "module": "Core Bluetooth", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.3", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.2" ], "credit": "Jeonghoon Shin of Theori", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2018-4088", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208462", "https://support.apple.com/en-us/HT208463", "https://support.apple.com/en-us/HT208464", "https://support.apple.com/en-us/HT208465", "https://support.apple.com/en-us/HT208473", "https://support.apple.com/en-us/HT208474", "https://support.apple.com/en-us/HT208475" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.3", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.2" ], "credit": "Ivan Fratric of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2018-4089", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208462", "https://support.apple.com/en-us/HT208463", "https://support.apple.com/en-us/HT208465", "https://support.apple.com/en-us/HT208475" ], "module": "WebKit", "rsr": "", "update": "October 18, 2018" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.2" ], "credit": "Jann Horn of Google Project Zero", "description": "A memory initialization issue was addressed with improved memory handling.", "id": "CVE-2018-4090", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT208462", "https://support.apple.com/en-us/HT208463", "https://support.apple.com/en-us/HT208464", "https://support.apple.com/en-us/HT208465" ], "module": "Kernel", "rsr": "", "update": "November 16, 2018" }, { "available": [ "macOS High Sierra 10.13.2" ], "credit": "Alex Gaynor of Mozilla", "description": "An access issue was addressed with additional sandbox restrictions.", "id": "CVE-2018-4091", "impact": "A sandboxed process may be able to circumvent sandbox restrictions", "links": [ "https://support.apple.com/en-us/HT208465" ], "module": "Sandbox", "rsr": "", "update": "November 16, 2018" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.2" ], "credit": "Stefan Esser of Antid0te UG", "description": "A race condition was addressed with improved locking.", "id": "CVE-2018-4092", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT208462", "https://support.apple.com/en-us/HT208463", "https://support.apple.com/en-us/HT208464", "https://support.apple.com/en-us/HT208465" ], "module": "Kernel", "rsr": "", "update": "November 16, 2018" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.2" ], "credit": "Jann Horn of Google Project Zero", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2018-4093", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT208462", "https://support.apple.com/en-us/HT208463", "https://support.apple.com/en-us/HT208464", "https://support.apple.com/en-us/HT208465" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.2, macOS Sierra 10.12.6" ], "credit": "Mingi Cho, Seoyoung Kim, Young-Ho Lee, MinSik Shin and Taekyoung Kwon of the Information Security Lab, Yonsei University", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2018-4094", "impact": "Processing a maliciously crafted audio file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208462", "https://support.apple.com/en-us/HT208463", "https://support.apple.com/en-us/HT208464", "https://support.apple.com/en-us/HT208465" ], "module": "Audio", "rsr": "", "update": "November 16, 2018" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Rani Idan (@raniXCH) of Zimperium zLabs Team", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2018-4095", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT208462", "https://support.apple.com/en-us/HT208463", "https://support.apple.com/en-us/HT208464" ], "module": "Core Bluetooth", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.3", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.2" ], "credit": "found by OSS-Fuzz", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2018-4096", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208462", "https://support.apple.com/en-us/HT208463", "https://support.apple.com/en-us/HT208464", "https://support.apple.com/en-us/HT208465", "https://support.apple.com/en-us/HT208473", "https://support.apple.com/en-us/HT208474", "https://support.apple.com/en-us/HT208475" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.2, macOS Sierra 10.12.6" ], "credit": "Resecurity, Inc.", "description": "A logic issue was addressed with improved validation.", "id": "CVE-2018-4097", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT208465" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.2, macOS Sierra 10.12.6, OS X El Capitan 10.11.6" ], "credit": "Siguza", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2018-4098", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT208465" ], "module": "IOHIDFamily", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.2, macOS Sierra 10.12.6" ], "credit": "Abraham Masri (@cheesecakeufo)", "description": "A validation issue existed in the handling of phone numbers. This issue was addressed with improved validation of phone numbers.", "id": "CVE-2018-4100", "impact": "Processing a maliciously crafted vcf file may lead to a denial of service", "links": [ "https://support.apple.com/en-us/HT208463", "https://support.apple.com/en-us/HT208464", "https://support.apple.com/en-us/HT208465", "https://support.apple.com/en-us/HT208848" ], "module": "Contacts", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Yuan Deng of Ant-financial Light-Year Security Lab", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2018-4101", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208693", "https://support.apple.com/en-us/HT208694", "https://support.apple.com/en-us/HT208695", "https://support.apple.com/en-us/HT208697", "https://support.apple.com/en-us/HT208698" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4" ], "credit": "Kai Zhao of 3H security team", "description": "An inconsistent user interface issue was addressed with improved state management.", "id": "CVE-2018-4102", "impact": "Visiting a malicious website may lead to address bar spoofing", "links": [ "https://support.apple.com/en-us/HT208695" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.3", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "The UK's National Cyber Security Centre (NCSC)", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2018-4104", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT208692", "https://support.apple.com/en-us/HT208693", "https://support.apple.com/en-us/HT208696", "https://support.apple.com/en-us/HT208698" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.3" ], "credit": "David J Beitey (@davidjb_), Geoffrey Bugniot", "description": "An injection issue was addressed through improved input validation.", "id": "CVE-2018-4105", "impact": "An APFS volume password may be unexpectedly truncated", "links": [ "https://support.apple.com/en-us/HT208692" ], "module": "APFS", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.3" ], "credit": "Simon Hosie", "description": "A command injection issue existed in the handling of Bracketed Paste Mode. This issue was addressed through improved validation of special characters.", "id": "CVE-2018-4106", "impact": "Pasting malicious content may lead to arbitrary command execution", "links": [ "https://support.apple.com/en-us/HT208692" ], "module": "Terminal", "rsr": "", "update": "May 15, 2019" }, { "available": [ "macOS High Sierra 10.13.3" ], "credit": "Nick Safford of Innovia Technology", "description": "An issue existed in the parsing of URLs in PDFs. This issue was addressed through improved input validation.", "id": "CVE-2018-4107", "impact": "Clicking a URL in a PDF may visit a malicious website", "links": [ "https://support.apple.com/en-us/HT208692" ], "module": "PDFKit", "rsr": "", "update": "April 9, 2018" }, { "available": [ "macOS High Sierra 10.13.3" ], "credit": "Kamatham Chaitanya of ShiftLeft Inc., an anonymous researcher", "description": "An injection issue was addressed through improved input validation.", "id": "CVE-2018-4108", "impact": "An APFS volume password may be unexpectedly truncated", "links": [ "https://support.apple.com/en-us/HT208692" ], "module": "Disk Management", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Adam Donenfeld (@doadam) of the Zimperium zLabs Team", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2018-4109", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT208462", "https://support.apple.com/en-us/HT208463", "https://support.apple.com/en-us/HT208464" ], "module": "Graphics Driver", "rsr": "", "update": "February 8, 2018" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Ben Compton and Jason Colley of Cerner Corporation", "description": "A cookie management issue was addressed with improved state management.", "id": "CVE-2018-4110", "impact": "Cookies may unexpectedly persist in web app", "links": [ "https://support.apple.com/en-us/HT208693" ], "module": "Web App", "rsr": "", "update": "November 16, 2018" }, { "available": [ "macOS High Sierra 10.13.3" ], "credit": "Damian Poddebniak of M\u00fcnster University of Applied Sciences, Christian Dresen of M\u00fcnster University of Applied Sciences, Jens M\u00fcller of Ruhr University Bochum, Fabian Ising of M\u00fcnster University of Applied Sciences, Sebastian Schinzel of M\u00fcnster University of Applied Sciences, Simon Friedberger of KU Leuven, Juraj Somorovsky of Ruhr University Bochum, J\u00f6rg Schwenk of Ruhr University Bochum", "description": "An issue existed in the handling of S/MIME HTML e-mail. This issue was addressed by not loading remote resources on S/MIME encrypted messages by default if the message has an invalid or missing S/MIME signature.", "id": "CVE-2018-4111", "impact": "An attacker in a privileged network position may be able to exfiltrate the contents of S/MIME-encrypted e-mail", "links": [ "https://support.apple.com/en-us/HT208692" ], "module": "Mail", "rsr": "", "update": "April 13, 2018" }, { "available": [ "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.3" ], "credit": "Haik Aftandilian of Mozilla", "description": "A validation issue existed in the handling of symlinks. This issue was addressed through improved validation of symlinks.", "id": "CVE-2018-4112", "impact": "Processing a maliciously crafted file might disclose user information", "links": [ "https://support.apple.com/en-us/HT208692" ], "module": "ATS", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "found by OSS-Fuzz", "description": "An array indexing issue existed in the handling of a function in javascript core. This issue was addressed through improved checks.", "id": "CVE-2018-4113", "impact": "Unexpected interaction with indexing types causing an ASSERT failure", "links": [ "https://support.apple.com/en-us/HT208693", "https://support.apple.com/en-us/HT208694", "https://support.apple.com/en-us/HT208695", "https://support.apple.com/en-us/HT208696", "https://support.apple.com/en-us/HT208697", "https://support.apple.com/en-us/HT208698" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "found by OSS-Fuzz", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2018-4114", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208693", "https://support.apple.com/en-us/HT208694", "https://support.apple.com/en-us/HT208695", "https://support.apple.com/en-us/HT208696", "https://support.apple.com/en-us/HT208697", "https://support.apple.com/en-us/HT208698" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.3" ], "credit": "Johann Thalakada, Vladimir Zubkov, and Matt Vlasach of Wandera", "description": "An issue existed in CFPreferences. This issue was addressed with improved preferences cleanup.", "id": "CVE-2018-4115", "impact": "A configuration profile may incorrectly remain in effect after removal", "links": [ "https://support.apple.com/en-us/HT208692", "https://support.apple.com/en-us/HT208693", "https://support.apple.com/en-us/HT208696", "https://support.apple.com/en-us/HT208698" ], "module": "System Preferences", "rsr": "", "update": "April 3, 2019" }, { "available": [ "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4" ], "credit": "@littlelailo, xisigr of Tencent's Xuanwu Lab (tencent.com)", "description": "An inconsistent user interface issue was addressed with improved state management.", "id": "CVE-2018-4116", "impact": "Visiting a malicious website may lead to address bar spoofing", "links": [ "https://support.apple.com/en-us/HT208695" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "an anonymous researcher, an anonymous researcher", "description": "A cross-origin issue existed with the fetch API. This was addressed through improved input validation.", "id": "CVE-2018-4117", "impact": "A malicious website may exfiltrate data cross-origin", "links": [ "https://support.apple.com/en-us/HT208693", "https://support.apple.com/en-us/HT208694", "https://support.apple.com/en-us/HT208695", "https://support.apple.com/en-us/HT208696", "https://support.apple.com/en-us/HT208697" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Jun Kokatsu (@shhnjk)", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2018-4118", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208693", "https://support.apple.com/en-us/HT208694", "https://support.apple.com/en-us/HT208695", "https://support.apple.com/en-us/HT208697", "https://support.apple.com/en-us/HT208698" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "an anonymous researcher working with Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2018-4119", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208693", "https://support.apple.com/en-us/HT208694", "https://support.apple.com/en-us/HT208695", "https://support.apple.com/en-us/HT208697", "https://support.apple.com/en-us/HT208698" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2018-4120", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208693", "https://support.apple.com/en-us/HT208694", "https://support.apple.com/en-us/HT208695", "https://support.apple.com/en-us/HT208697", "https://support.apple.com/en-us/HT208698" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "natashenka of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2018-4121", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208693", "https://support.apple.com/en-us/HT208694", "https://support.apple.com/en-us/HT208695", "https://support.apple.com/en-us/HT208696", "https://support.apple.com/en-us/HT208697", "https://support.apple.com/en-us/HT208698" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "WanderingGlitch of Trend Micro\u2019s Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2018-4122", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208693", "https://support.apple.com/en-us/HT208694", "https://support.apple.com/en-us/HT208695", "https://support.apple.com/en-us/HT208696", "https://support.apple.com/en-us/HT208697", "https://support.apple.com/en-us/HT208698" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Zaheen Hafzar M M (@zaheenhafzer)", "description": "An information disclosure issue existed in the handling of alarms and timers. This issue was addressed with improved access restrictions.", "id": "CVE-2018-4123", "impact": "A person with physical access to an iOS device may be able to see the email address used for iTunes", "links": [ "https://support.apple.com/en-us/HT208693" ], "module": "Clock", "rsr": "", "update": "November 16, 2018" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.3" ], "credit": "an anonymous researcher", "description": "A memory corruption issue was addressed through improved input validation.", "id": "CVE-2018-4124", "impact": "Processing a maliciously crafted string may lead to heap corruption", "links": [ "https://support.apple.com/en-us/HT208534", "https://support.apple.com/en-us/HT208535", "https://support.apple.com/en-us/HT208536", "https://support.apple.com/en-us/HT208537" ], "module": "CoreText", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "WanderingGlitch of Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2018-4125", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208693", "https://support.apple.com/en-us/HT208694", "https://support.apple.com/en-us/HT208695", "https://support.apple.com/en-us/HT208696", "https://support.apple.com/en-us/HT208697", "https://support.apple.com/en-us/HT208698" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "Windows 7 and later", "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6" ], "credit": "Bruno Keith (@bkth_) working with Trend Micro's Zero Day Initiative", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2018-4126", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209107", "https://support.apple.com/en-us/HT209108", "https://support.apple.com/en-us/HT209139", "https://support.apple.com/en-us/HT209140", "https://support.apple.com/en-us/HT209141", "https://support.apple.com/en-us/HT209193" ], "module": "CFNetwork", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "an anonymous researcher working with Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2018-4127", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208693", "https://support.apple.com/en-us/HT208694", "https://support.apple.com/en-us/HT208695", "https://support.apple.com/en-us/HT208697", "https://support.apple.com/en-us/HT208698" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Zach Markley", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2018-4128", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208693", "https://support.apple.com/en-us/HT208694", "https://support.apple.com/en-us/HT208695", "https://support.apple.com/en-us/HT208697", "https://support.apple.com/en-us/HT208698" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "likemeng of Baidu Security Lab working with Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2018-4129", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208693", "https://support.apple.com/en-us/HT208694", "https://support.apple.com/en-us/HT208695", "https://support.apple.com/en-us/HT208696", "https://support.apple.com/en-us/HT208697", "https://support.apple.com/en-us/HT208698" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Omair working with Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2018-4130", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208693", "https://support.apple.com/en-us/HT208694", "https://support.apple.com/en-us/HT208695", "https://support.apple.com/en-us/HT208697", "https://support.apple.com/en-us/HT208698" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.3", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Andreas Hegenberg of folivora.AI GmbH", "description": "By scanning key states, an unprivileged application could log keystrokes entered into other applications even when secure input mode was enabled. This issue was addressed by improved state management.", "id": "CVE-2018-4131", "impact": "An unprivileged application may be able to log keystrokes entered into other applications even when secure input mode is enabled", "links": [ "https://support.apple.com/en-us/HT208692", "https://support.apple.com/en-us/HT208693" ], "module": "WindowServer", "rsr": "", "update": "April 3, 2019" }, { "available": [ "macOS High Sierra 10.13.3" ], "credit": "Axis and pjf of IceSword Lab of Qihoo 360", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2018-4132", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT208692" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4" ], "credit": "Anton Lopanitsyn of Wallarm, Linus S\u00e4rud of Detectify (detectify.com), Yuji Tounai of NTT Communications Corporation", "description": "A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation.", "id": "CVE-2018-4133", "impact": "Visiting a maliciously crafted website may lead to a cross-site scripting attack", "links": [ "https://support.apple.com/en-us/HT208695" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "xisigr of Tencent's Xuanwu Lab (tencent.com), Zhiyang Zeng (@Wester) of Tencent Security Platform Department", "description": "An inconsistent user interface issue was addressed with improved state management.", "id": "CVE-2018-4134", "impact": "Visiting a malicious website by clicking a link may lead to user interface spoofing", "links": [ "https://support.apple.com/en-us/HT208693" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.3" ], "credit": "Xiaolong Bai and Min (Spark) Zheng of Alibaba Inc.", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2018-4135", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT208692" ], "module": "IOFireWireFamily", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.3" ], "credit": "Jonas Jensen of lgtm.com and Semmle", "description": "An out-of-bounds read was addressed through improved bounds checking.", "id": "CVE-2018-4136", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT208692" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "", "description": "Safari autofill did not require explicit user interaction before taking place. The issue was addressed with improved autofill heuristics.", "id": "CVE-2018-4137", "impact": "A malicious website may be able to exfiltrate autofilled data in Safari without explicit user interaction.", "links": [ "https://support.apple.com/en-us/HT208693", "https://support.apple.com/en-us/HT208695" ], "module": "Safari Login AutoFill", "rsr": "", "update": "November 16, 2018" }, { "available": [ "macOS High Sierra 10.13.3" ], "credit": "Axis and pjf of IceSword Lab of Qihoo 360", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2018-4138", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT208692" ], "module": "NVIDIA Graphics Drivers", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.3" ], "credit": "Ian Beer of Google Project Zero", "description": "A logic issue existed resulting in memory corruption. This was addressed with improved state management.", "id": "CVE-2018-4139", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT208692" ], "module": "kext tools", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "@mjonsson, Arjan van der Oest of Voiceworks BV", "description": "A null pointer dereference issue existed when handling Class 0 SMS messages. This issue was addressed with improved message validation.", "id": "CVE-2018-4140", "impact": "A remote attacker can cause a device to unexpectedly restart", "links": [ "https://support.apple.com/en-us/HT208693" ], "module": "Telephony", "rsr": "", "update": "November 16, 2018" }, { "available": [ "macOS High Sierra 10.13.4" ], "credit": "an anonymous researcher, Zhao Qixun (@S0rryMybad) of Qihoo 360 Vulcan Team", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2018-4141", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT208849" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.3" ], "credit": "Robin Leroy of Google Switzerland GmbH", "description": "A denial of service issue was addressed with improved memory handling.", "id": "CVE-2018-4142", "impact": "Processing a maliciously crafted string may lead to a denial of service", "links": [ "https://support.apple.com/en-us/HT208692", "https://support.apple.com/en-us/HT208693", "https://support.apple.com/en-us/HT208696", "https://support.apple.com/en-us/HT208698" ], "module": "CoreText", "rsr": "", "update": "April 3, 2019" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.3" ], "credit": "derrek (@derrekr6)", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2018-4143", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT208692", "https://support.apple.com/en-us/HT208693", "https://support.apple.com/en-us/HT208696", "https://support.apple.com/en-us/HT208698" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.3", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Abraham Masri (@cheesecakeufo)", "description": "A buffer overflow was addressed with improved size validation.", "id": "CVE-2018-4144", "impact": "A malicious application may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/HT208692", "https://support.apple.com/en-us/HT208693", "https://support.apple.com/en-us/HT208694", "https://support.apple.com/en-us/HT208696", "https://support.apple.com/en-us/HT208697", "https://support.apple.com/en-us/HT208698" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "found by OSS-Fuzz", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2018-4145", "impact": "Processing maliciously crafted web content may lead to code execution", "links": [ "https://support.apple.com/en-us/HT208693", "https://support.apple.com/en-us/HT208695", "https://support.apple.com/en-us/HT208696", "https://support.apple.com/en-us/HT208697", "https://support.apple.com/en-us/HT208698", "https://support.apple.com/en-us/HT208852", "https://support.apple.com/en-us/HT208933" ], "module": "WebKit", "rsr": "", "update": "October 18, 2018" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "found by OSS-Fuzz", "description": "A memory corruption issue was addressed through improved input validation.", "id": "CVE-2018-4146", "impact": "Processing maliciously crafted web content may lead to a denial of service", "links": [ "https://support.apple.com/en-us/HT208693", "https://support.apple.com/en-us/HT208694", "https://support.apple.com/en-us/HT208695", "https://support.apple.com/en-us/HT208696", "https://support.apple.com/en-us/HT208697", "https://support.apple.com/en-us/HT208698" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.3", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.2" ], "credit": "found by OSS-Fuzz", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2018-4147", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208462", "https://support.apple.com/en-us/HT208463", "https://support.apple.com/en-us/HT208464", "https://support.apple.com/en-us/HT208465", "https://support.apple.com/en-us/HT208473", "https://support.apple.com/en-us/HT208474", "https://support.apple.com/en-us/HT208475" ], "module": "WebKit", "rsr": "", "update": "October 18, 2018" }, { "available": [ "iPhone 5s and later, and Wi-Fi + Cellular models of iPad Air and later" ], "credit": "Nico Golde of Comsecuris UG", "description": "Multiple buffer overflows were addressed with improved input validation.", "id": "CVE-2018-4148", "impact": "A remote attacker may be able to execute arbitrary code", "links": [ "https://support.apple.com/en-us/HT208693" ], "module": "Telephony", "rsr": "", "update": "March 30, 2018" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Abhinash Jain (@abhinashjain)", "description": "A state management issue was addressed by disabling text input until the destination page loads.", "id": "CVE-2018-4149", "impact": "Visiting a malicious website may lead to user interface spoofing", "links": [ "https://support.apple.com/en-us/HT208693" ], "module": "SafariViewController", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.3" ], "credit": "an anonymous researcher", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2018-4150", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT208692", "https://support.apple.com/en-us/HT208693", "https://support.apple.com/en-us/HT208696", "https://support.apple.com/en-us/HT208698" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.3", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Samuel Gro\u00df (@5aelo)", "description": "A race condition was addressed with additional validation.", "id": "CVE-2018-4151", "impact": "An application may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT208692", "https://support.apple.com/en-us/HT208693" ], "module": "iCloud Drive", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.3" ], "credit": "Samuel Gro\u00df (@5aelo)", "description": "A race condition was addressed with additional validation.", "id": "CVE-2018-4152", "impact": "An application may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT208692" ], "module": "Notes", "rsr": "", "update": "" }, { "available": [ "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6" ], "credit": "Michael Hanselmann of hansmi.ch", "description": "An injection issue was addressed with improved validation.", "id": "CVE-2018-4153", "impact": "In certain configurations, a remote attacker may be able to replace the message content from the print server with arbitrary content", "links": [ "https://support.apple.com/en-us/HT209139", "https://support.apple.com/en-us/HT209193" ], "module": "CUPS", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.3", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Samuel Gro\u00df (@5aelo)", "description": "A race condition was addressed with additional validation.", "id": "CVE-2018-4154", "impact": "An application may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT208692", "https://support.apple.com/en-us/HT208693" ], "module": "Storage", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.3", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Samuel Gro\u00df (@5aelo)", "description": "A race condition was addressed with additional validation.", "id": "CVE-2018-4155", "impact": "An application may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT208692", "https://support.apple.com/en-us/HT208693", "https://support.apple.com/en-us/HT208696", "https://support.apple.com/en-us/HT208698" ], "module": "CoreFoundation", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.3", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Samuel Gro\u00df (@5aelo)", "description": "A race condition was addressed with additional validation.", "id": "CVE-2018-4156", "impact": "An application may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT208692", "https://support.apple.com/en-us/HT208693" ], "module": "PluginKit", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.3" ], "credit": "Samuel Gro\u00df (@5aelo)", "description": "A race condition was addressed with additional validation.", "id": "CVE-2018-4157", "impact": "An application may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT208692", "https://support.apple.com/en-us/HT208693", "https://support.apple.com/en-us/HT208696", "https://support.apple.com/en-us/HT208698" ], "module": "Quick Look", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.3", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Samuel Gro\u00df (@5aelo)", "description": "A race condition was addressed with additional validation.", "id": "CVE-2018-4158", "impact": "An application may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT208692", "https://support.apple.com/en-us/HT208693", "https://support.apple.com/en-us/HT208696" ], "module": "CoreFoundation", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.4" ], "credit": "Axis and pjf of IceSword Lab of Qihoo 360", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2018-4159", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT208849" ], "module": "Graphics Drivers", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.3" ], "credit": "Jonas Jensen of lgtm.com and Semmle", "description": "An out-of-bounds read was addressed through improved bounds checking.", "id": "CVE-2018-4160", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT208692" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "WanderingGlitch of Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2018-4161", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208693", "https://support.apple.com/en-us/HT208694", "https://support.apple.com/en-us/HT208695", "https://support.apple.com/en-us/HT208696", "https://support.apple.com/en-us/HT208697", "https://support.apple.com/en-us/HT208698" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "WanderingGlitch of Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2018-4162", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208693", "https://support.apple.com/en-us/HT208694", "https://support.apple.com/en-us/HT208695", "https://support.apple.com/en-us/HT208696", "https://support.apple.com/en-us/HT208697", "https://support.apple.com/en-us/HT208698" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "WanderingGlitch of Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2018-4163", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208693", "https://support.apple.com/en-us/HT208694", "https://support.apple.com/en-us/HT208695", "https://support.apple.com/en-us/HT208696", "https://support.apple.com/en-us/HT208697", "https://support.apple.com/en-us/HT208698" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.2 or later" ], "credit": "found by OSS-Fuzz", "description": "Multiple issues were addressed by updating to version the current version of LLVM shipping with Xcode.", "id": "CVE-2018-4164", "impact": "Multiple issues in llvm were addressed in this update", "links": [ "https://support.apple.com/en-us/HT208699" ], "module": "LLVM", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2018-4165", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208693", "https://support.apple.com/en-us/HT208694", "https://support.apple.com/en-us/HT208695", "https://support.apple.com/en-us/HT208697", "https://support.apple.com/en-us/HT208698" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.3" ], "credit": "Samuel Gro\u00df (@5aelo)", "description": "A race condition was addressed with additional validation.", "id": "CVE-2018-4166", "impact": "An application may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT208692", "https://support.apple.com/en-us/HT208693", "https://support.apple.com/en-us/HT208696", "https://support.apple.com/en-us/HT208698" ], "module": "CFNetwork Session", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.3" ], "credit": "Samuel Gro\u00df (@5aelo)", "description": "A race condition was addressed with additional validation.", "id": "CVE-2018-4167", "impact": "An application may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT208692", "https://support.apple.com/en-us/HT208693", "https://support.apple.com/en-us/HT208696", "https://support.apple.com/en-us/HT208698" ], "module": "File System Events", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Brandon Moore", "description": "The File Widget was displaying cached data when in the locked state. This issue was addressed with improved state management.", "id": "CVE-2018-4168", "impact": "File Widget may display contents on a locked device", "links": [ "https://support.apple.com/en-us/HT208693" ], "module": "Files Widget", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.2" ], "credit": "an anonymous researcher", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2018-4169", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT208465" ], "module": "Kernel", "rsr": "", "update": "May 2, 2018, updated November 16, 2018" }, { "available": [ "macOS High Sierra 10.13.3" ], "credit": "an anonymous researcher", "description": "The sysadminctl command-line tool required that passwords be passed to it in its arguments, potentially exposing the passwords to other local users. This update makes the password parameter optional, and sysadminctl will prompt for the password if needed.", "id": "CVE-2018-4170", "impact": "Passwords supplied to sysadminctl may be exposed to other local users", "links": [ "https://support.apple.com/en-us/HT208692" ], "module": "Admin Framework", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan 10.11.6, macOS Sierra 10.12.6" ], "credit": "shrek_wzw of Qihoo 360 Nirvan Team", "description": "An information disclosure issue existed in device properties. This issue was addressed with improved object management.", "id": "CVE-2018-4171", "impact": "A malicious application may be able to determine kernel memory layout.", "links": [ "https://support.apple.com/en-us/HT208849" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Viljami Vastam\u00e4ki", "description": "A state management issue existed when restoring from a back up. This issue was addressed through improved state checking during restore.", "id": "CVE-2018-4172", "impact": "A person with physical access to the device may be able to disable Find My iPhone without entering an iCloud password", "links": [ "https://support.apple.com/en-us/HT208693" ], "module": "Find My iPhone", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.3" ], "credit": "Joshua Pokotilow of pingmd", "description": "A consistency issue existed in deciding when to show the microphone use indicator. The issue was resolved with improved capability validation.", "id": "CVE-2018-4173", "impact": "A malicious application may be able to access the microphone without indication to the user", "links": [ "https://support.apple.com/en-us/HT208692", "https://support.apple.com/en-us/HT208693" ], "module": "Status Bar", "rsr": "", "update": "April 9, 2018" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.3" ], "credit": "John McCombs of Integrated Mapping Ltd, McClain Looney of LoonSoft Inc.", "description": "An inconsistent user interface issue was addressed with improved state management.", "id": "CVE-2018-4174", "impact": "An attacker in a privileged network position may be able to intercept the contents of S/MIME-encrypted e-mail", "links": [ "https://support.apple.com/en-us/HT208692", "https://support.apple.com/en-us/HT208693" ], "module": "Mail", "rsr": "", "update": "April 13, 2018" }, { "available": [ "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.3" ], "credit": "Theodor Ragnar Gislason of Syndis", "description": "A logic issue was addressed with improved validation.", "id": "CVE-2018-4175", "impact": "A maliciously crafted application may be able to bypass code signing enforcement", "links": [ "https://support.apple.com/en-us/HT208692" ], "module": "LaunchServices", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.3" ], "credit": "Theodor Ragnar Gislason of Syndis", "description": "A logic issue was addressed with improved validation.", "id": "CVE-2018-4176", "impact": "Mounting a malicious disk image may result in the launching of an application", "links": [ "https://support.apple.com/en-us/HT208692" ], "module": "Disk Images", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Jerry Decime", "description": "An input validation issue was addressed through improved input validation.", "id": "CVE-2018-4177", "impact": "An attacker in a privileged network position may be able to spoof password prompts in the Apple TV App", "links": [ "https://support.apple.com/en-us/HT208693" ], "module": "Apple TV App", "rsr": "", "update": "April 13, 2018" }, { "available": [ "macOS Sierra 10.12.6" ], "credit": "Arjen Hendrikse", "description": "A permissions issue existed in which execute permission was incorrectly granted. This issue was addressed with improved permission validation.", "id": "CVE-2018-4178", "impact": "A local user may be able to view sensitive user information", "links": [ "https://support.apple.com/en-us/HT208937" ], "module": "DesktopServices", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.3" ], "credit": "David Fuhrmann", "description": "There was an issue with the handling of smartcard PINs. This issue was addressed with additional logic.", "id": "CVE-2018-4179", "impact": "A local user may be able to view senstive user information", "links": [ "https://support.apple.com/en-us/HT208692" ], "module": "Local Authentication", "rsr": "", "update": "April 13, 2018" }, { "available": [ "macOS High Sierra 10.13.4" ], "credit": "Dan Bastone of Gotham Digital Science", "description": "An issue existed in CUPS. This issue was addressed with improved access restrictions.", "id": "CVE-2018-4180", "impact": "A local process may modify other processes without entitlement checks", "links": [ "https://support.apple.com/en-us/HT208849" ], "module": "CUPS", "rsr": "", "update": "July 11, 2018" }, { "available": [ "macOS High Sierra 10.13.4" ], "credit": "Eric Rafaloff and John Dunlap of Gotham Digital Science", "description": "An issue existed in CUPS. This issue was addressed with improved access restrictions.", "id": "CVE-2018-4181", "impact": "A local user may be able to read arbitrary files as root", "links": [ "https://support.apple.com/en-us/HT208849" ], "module": "CUPS", "rsr": "", "update": "July 11, 2018" }, { "available": [ "macOS High Sierra 10.13.4" ], "credit": "Dan Bastone of Gotham Digital Science", "description": "An access issue was addressed with additional sandbox restrictions on CUPS.", "id": "CVE-2018-4182", "impact": "A sandboxed process may be able to circumvent sandbox restrictions", "links": [ "https://support.apple.com/en-us/HT208849" ], "module": "CUPS", "rsr": "", "update": "July 11, 2018" }, { "available": [ "macOS High Sierra 10.13.4" ], "credit": "Dan Bastone and Eric Rafaloff of Gotham Digital Science", "description": "An access issue was addressed with additional sandbox restrictions.", "id": "CVE-2018-4183", "impact": "A sandboxed process may be able to circumvent sandbox restrictions", "links": [ "https://support.apple.com/en-us/HT208849" ], "module": "CUPS", "rsr": "", "update": "July 11, 2018" }, { "available": [ "macOS High Sierra 10.13.4" ], "credit": "Jakob Rieck (@0xdead10cc) of the Security in Distributed Systems Group, University of Hamburg", "description": "A sandbox issue existed in the handling of microphone access. This issue was addressed with improved handling of microphone access.", "id": "CVE-2018-4184", "impact": "A sandboxed process may be able to circumvent sandbox restrictions", "links": [ "https://support.apple.com/en-us/HT208849" ], "module": "Speech", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.3" ], "credit": "Brandon Azad", "description": "An information disclosure issue existed in the transition of program state. This issue was addressed with improved state handling.", "id": "CVE-2018-4185", "impact": "A malicious application may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT208692", "https://support.apple.com/en-us/HT208693", "https://support.apple.com/en-us/HT208696", "https://support.apple.com/en-us/HT208698" ], "module": "Kernel", "rsr": "", "update": "July 19, 2018" }, { "available": [ "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4" ], "credit": "an anonymous researcher", "description": "An information leakage issue existed in the handling of downloads in Safari Private Browsing. This issue was addressed with additional validation.", "id": "CVE-2018-4186", "impact": "In Private Browsing, some downloads were not removed from the downloads list", "links": [ "https://support.apple.com/en-us/HT208695" ], "module": "Safari Downloads", "rsr": "", "update": "May 2, 2018" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.3", "macOS High Sierra 10.13.4", "macOS Sierra 10.12.6" ], "credit": "Roman Mueller (@faker_), Zhiyang Zeng (@Wester) of Tencent Security Platform Department", "description": "A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation.", "id": "CVE-2018-4187", "impact": "Processing a maliciously crafted text message may lead to UI spoofing", "links": [ "https://support.apple.com/en-us/HT208692", "https://support.apple.com/en-us/HT208693", "https://support.apple.com/en-us/HT208742", "https://support.apple.com/en-us/HT208743", "https://support.apple.com/en-us/HT208850", "https://support.apple.com/en-us/HT208851", "https://support.apple.com/en-us/HT209193" ], "module": "LinkPresentation", "rsr": "", "update": "April 3, 2019" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "YoKo Kho (@YoKoAcc) of Mitra Integrasi Informatika, PT", "description": "An inconsistent user interface issue was addressed with improved state management.", "id": "CVE-2018-4188", "impact": "Visiting a malicious website may lead to address bar spoofing", "links": [ "https://support.apple.com/en-us/HT208848", "https://support.apple.com/en-us/HT208850", "https://support.apple.com/en-us/HT208852", "https://support.apple.com/en-us/HT208853", "https://support.apple.com/en-us/HT208854" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.2", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "an anonymous researcher", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2018-4189", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT208462", "https://support.apple.com/en-us/HT208463", "https://support.apple.com/en-us/HT208464", "https://support.apple.com/en-us/HT208465" ], "module": "Kernel", "rsr": "", "update": "May 2, 2018" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Jun Kokatsu (@shhnjk)", "description": "Credentials were unexpectedly sent when fetching CSS mask images. This was addressed by using a CORS-enabled fetch method.", "id": "CVE-2018-4190", "impact": "Visiting a maliciously crafted website may leak sensitive data", "links": [ "https://support.apple.com/en-us/HT208848", "https://support.apple.com/en-us/HT208850", "https://support.apple.com/en-us/HT208852", "https://support.apple.com/en-us/HT208853", "https://support.apple.com/en-us/HT208854" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14" ], "credit": "found by OSS-Fuzz", "description": "A memory corruption issue was addressed with improved validation.", "id": "CVE-2018-4191", "impact": "Unexpected interaction causes an ASSERT failure", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209107", "https://support.apple.com/en-us/HT209108", "https://support.apple.com/en-us/HT209109", "https://support.apple.com/en-us/HT209140", "https://support.apple.com/en-us/HT209141" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Markus Gaasedelen, Amy Burnett, and Patrick Biernat of Ret2 Systems, Inc working with Trend Micro\u2019s Zero Day Initiative", "description": "A race condition was addressed with improved locking.", "id": "CVE-2018-4192", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208848", "https://support.apple.com/en-us/HT208850", "https://support.apple.com/en-us/HT208851", "https://support.apple.com/en-us/HT208852", "https://support.apple.com/en-us/HT208853", "https://support.apple.com/en-us/HT208854" ], "module": "WebKit", "rsr": "", "update": "October 8, 2019" }, { "available": [ "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.4" ], "credit": "Markus Gaasedelen, Amy Burnett, and Patrick Biernat of Ret2 Systems, Inc working with Trend Micro\u2019s Zero Day Initiative, Richard Zhu (fluorescence) working with Trend Micro\u2019s Zero Day Initiative", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2018-4193", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT208849" ], "module": "Windows Server", "rsr": "", "update": "October 8, 2019" }, { "available": [ "All Apple Watch models", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.4" ], "credit": "Jihui Lu of Tencent KeenLab, Yu Zhou of Ant-financial Light-Year Security Lab", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2018-4194", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208848", "https://support.apple.com/en-us/HT208849", "https://support.apple.com/en-us/HT208851", "https://support.apple.com/en-us/HT208852", "https://support.apple.com/en-us/HT208853" ], "module": "CoreGraphics", "rsr": "", "update": "June 21, 2018" }, { "available": [ "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14" ], "credit": "xisigr of Tencent's Xuanwu Lab (www.tencent.com)", "description": "An inconsistent user interface issue was addressed with improved state management.", "id": "CVE-2018-4195", "impact": "Visiting a malicious website by clicking a link may lead to user interface spoofing", "links": [ "https://support.apple.com/en-us/HT209109" ], "module": "Safari", "rsr": "", "update": "September 24, 2018" }, { "available": [ "macOS High Sierra 10.13.4" ], "credit": "Alex Plaskett, Georgi Geshev and Fabian Beterke of MWR Labs working with Trend Micro\u2019s Zero Day Initiative, and WanderingGlitch of Trend Micro Zero Day Initiative", "description": "An information disclosure issue existed in Accessibility Framework. This issue was addressed with improved memory management.", "id": "CVE-2018-4196", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT208849" ], "module": "Accessibility Framework", "rsr": "", "update": "July 19, 2018" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14" ], "credit": "Ivan Fratric of Google Project Zero", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2018-4197", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209107", "https://support.apple.com/en-us/HT209109", "https://support.apple.com/en-us/HT209140", "https://support.apple.com/en-us/HT209141" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.4" ], "credit": "Hunter Byrnes", "description": "A validation issue existed in the handling of text. This issue was addressed with improved validation of text.", "id": "CVE-2018-4198", "impact": "Processing a maliciously crafted text file may lead to a denial of service", "links": [ "https://support.apple.com/en-us/HT208848", "https://support.apple.com/en-us/HT208849", "https://support.apple.com/en-us/HT208850", "https://support.apple.com/en-us/HT208851" ], "module": "UIKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Alex Plaskett, Georgi Geshev, and Fabi Beterke of MWR Labs working with Trend Micro\u2019s Zero Day Initiative", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2018-4199", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208848", "https://support.apple.com/en-us/HT208850", "https://support.apple.com/en-us/HT208852", "https://support.apple.com/en-us/HT208853", "https://support.apple.com/en-us/HT208854" ], "module": "WebKit", "rsr": "", "update": "June 14, 2018" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Ivan Fratric of Google Project Zero", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2018-4200", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208741", "https://support.apple.com/en-us/HT208743", "https://support.apple.com/en-us/HT208850", "https://support.apple.com/en-us/HT208852", "https://support.apple.com/en-us/HT208853" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "an anonymous researcher", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2018-4201", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208848", "https://support.apple.com/en-us/HT208850", "https://support.apple.com/en-us/HT208851", "https://support.apple.com/en-us/HT208852", "https://support.apple.com/en-us/HT208853", "https://support.apple.com/en-us/HT208854" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.4" ], "credit": "Jerry Decime", "description": "An input validation issue was addressed with improved input validation.", "id": "CVE-2018-4202", "impact": "An attacker in a privileged network position may be able to spoof password prompts in iBooks", "links": [ "https://support.apple.com/en-us/HT208848", "https://support.apple.com/en-us/HT208849" ], "module": "iBooks", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6" ], "credit": "Bruno Keith (@bkth_) working with Trend Micro's Zero Day Initiative", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2018-4203", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209107", "https://support.apple.com/en-us/HT209108", "https://support.apple.com/en-us/HT209139", "https://support.apple.com/en-us/HT209193" ], "module": "Symptom Framework", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "found by OSS-Fuzz, Richard Zhu (fluorescence) working with Trend Micro's Zero Day Initiative", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2018-4204", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208741", "https://support.apple.com/en-us/HT208743", "https://support.apple.com/en-us/HT208848", "https://support.apple.com/en-us/HT208850", "https://support.apple.com/en-us/HT208852", "https://support.apple.com/en-us/HT208853" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4" ], "credit": "xisigr of Tencent's Xuanwu Lab (tencent.com)", "description": "An inconsistent user interface issue was addressed with improved state management.", "id": "CVE-2018-4205", "impact": "Visiting a malicious website may lead to address bar spoofing", "links": [ "https://support.apple.com/en-us/HT208854" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.4" ], "credit": "Ian Beer of Google Project Zero", "description": "A memory corruption issue was addressed with improved error handling.", "id": "CVE-2018-4206", "impact": "An application may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT208742", "https://support.apple.com/en-us/HT208743", "https://support.apple.com/en-us/HT208850", "https://support.apple.com/en-us/HT208851" ], "module": "Crash Reporter", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "found by OSS-Fuzz", "description": "This issue was addressed with improved checks.", "id": "CVE-2018-4207", "impact": "Unexpected interaction causes an ASSERT failure", "links": [ "https://support.apple.com/en-us/HT208693", "https://support.apple.com/en-us/HT208694", "https://support.apple.com/en-us/HT208695", "https://support.apple.com/en-us/HT208696", "https://support.apple.com/en-us/HT208697", "https://support.apple.com/en-us/HT208698" ], "module": "WebKit", "rsr": "", "update": "May 1, 2018" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "found by OSS-Fuzz", "description": "This issue was addressed with improved checks.", "id": "CVE-2018-4208", "impact": "Unexpected interaction causes an ASSERT failure", "links": [ "https://support.apple.com/en-us/HT208693", "https://support.apple.com/en-us/HT208694", "https://support.apple.com/en-us/HT208695", "https://support.apple.com/en-us/HT208696", "https://support.apple.com/en-us/HT208697", "https://support.apple.com/en-us/HT208698" ], "module": "WebKit", "rsr": "", "update": "May 1, 2018" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "found by OSS-Fuzz", "description": "This issue was addressed with improved checks.", "id": "CVE-2018-4209", "impact": "Unexpected interaction causes an ASSERT failure", "links": [ "https://support.apple.com/en-us/HT208693", "https://support.apple.com/en-us/HT208694", "https://support.apple.com/en-us/HT208695", "https://support.apple.com/en-us/HT208696", "https://support.apple.com/en-us/HT208697", "https://support.apple.com/en-us/HT208698" ], "module": "WebKit", "rsr": "", "update": "May 1, 2018" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "found by OSS-Fuzz", "description": "An array indexing issue existed in the handling of a function in javascript core. This issue was addressed with improved checks.", "id": "CVE-2018-4210", "impact": "Unexpected interaction with indexing types caused a failure", "links": [ "https://support.apple.com/en-us/HT208693", "https://support.apple.com/en-us/HT208694", "https://support.apple.com/en-us/HT208695", "https://support.apple.com/en-us/HT208696", "https://support.apple.com/en-us/HT208697", "https://support.apple.com/en-us/HT208698" ], "module": "WebKit", "rsr": "", "update": "May 1, 2018" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.4", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Proteas of Qihoo 360 Nirvan Team", "description": "A memory corruption issue was addressed with improved validation.", "id": "CVE-2018-4211", "impact": "Processing a maliciously crafted font file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208848", "https://support.apple.com/en-us/HT208849", "https://support.apple.com/en-us/HT208850", "https://support.apple.com/en-us/HT208851" ], "module": "FontParser", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "found by OSS-Fuzz", "description": "This issue was addressed with improved checks.", "id": "CVE-2018-4212", "impact": "Unexpected interaction causes an ASSERT failure", "links": [ "https://support.apple.com/en-us/HT208693", "https://support.apple.com/en-us/HT208694", "https://support.apple.com/en-us/HT208695", "https://support.apple.com/en-us/HT208696", "https://support.apple.com/en-us/HT208697", "https://support.apple.com/en-us/HT208698" ], "module": "WebKit", "rsr": "", "update": "May 1, 2018" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "found by OSS-Fuzz", "description": "This issue was addressed with improved checks.", "id": "CVE-2018-4213", "impact": "Unexpected interaction causes an ASSERT failure", "links": [ "https://support.apple.com/en-us/HT208693", "https://support.apple.com/en-us/HT208694", "https://support.apple.com/en-us/HT208695", "https://support.apple.com/en-us/HT208696", "https://support.apple.com/en-us/HT208697", "https://support.apple.com/en-us/HT208698" ], "module": "WebKit", "rsr": "", "update": "May 1, 2018" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "found by OSS-Fuzz", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2018-4214", "impact": "Processing maliciously crafted web content may lead to an unexpected Safari crash", "links": [ "https://support.apple.com/en-us/HT208848", "https://support.apple.com/en-us/HT208850", "https://support.apple.com/en-us/HT208851", "https://support.apple.com/en-us/HT208852", "https://support.apple.com/en-us/HT208853", "https://support.apple.com/en-us/HT208854" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Abraham Masri (@cheesecakeufo)", "description": "A buffer overflow was addressed with improved size validation.", "id": "CVE-2018-4215", "impact": "A malicious application may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/HT208848" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Abraham Masri (@cheesecakeufo)", "description": "A logic issue existed in the handling of call URLs. This issue was addressed with improved state management.", "id": "CVE-2018-4216", "impact": "A malicious application may be able to bypass the call confirmation prompt", "links": [ "https://support.apple.com/en-us/HT208938" ], "module": "Phone", "rsr": "", "update": "October 18, 2018" }, { "available": [ "macOS High Sierra 10.13.4" ], "credit": "Jacob Greenfield of Commonwealth School", "description": "A privacy issue in the handling of Open Directory records was addressed with improved indexing.", "id": "CVE-2018-4217", "impact": "A malicious application may be able to access local users AppleIDs", "links": [ "https://support.apple.com/en-us/HT208849" ], "module": "Identity Services", "rsr": "", "update": "December 10, 2018" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "natashenka of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2018-4218", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208848", "https://support.apple.com/en-us/HT208850", "https://support.apple.com/en-us/HT208851", "https://support.apple.com/en-us/HT208852", "https://support.apple.com/en-us/HT208853", "https://support.apple.com/en-us/HT208854" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.4" ], "credit": "Mohamed Ghannam (@_simo36)", "description": "A type confusion issue was addressed with improved memory handling.", "id": "CVE-2018-4219", "impact": "A malicious application may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/HT208849" ], "module": "ATS", "rsr": "", "update": "" }, { "available": [ "Ubuntu 14.04" ], "credit": "Apple", "description": "An issue existed in specific versions of Swift on Ubuntu 14.04 where libraries are loaded with write and execute permissions. This issue was addressed with improved permissions.", "id": "CVE-2018-4220", "impact": "A process may gain admin privileges and execute arbitrary code", "links": [ "https://support.apple.com/en-us/HT208804" ], "module": "Swift for Ubuntu", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.4" ], "credit": "Damian Poddebniak of M\u00fcnster University of Applied Sciences, Christian Dresen of M\u00fcnster University of Applied Sciences, Jens M\u00fcller of Ruhr University Bochum, Fabian Ising of M\u00fcnster University of Applied Sciences, Sebastian Schinzel of M\u00fcnster University of Applied Sciences, Simon Friedberger of KU Leuven, Juraj Somorovsky of Ruhr University Bochum, J\u00f6rg Schwenk of Ruhr University Bochum", "description": "An issue existed in the handling of S-MIME certificates. This issue was addressed with improved validation of S-MIME certificates.", "id": "CVE-2018-4221", "impact": "Users may be tracked by malicious websites using client certificates", "links": [ "https://support.apple.com/en-us/HT208848", "https://support.apple.com/en-us/HT208849" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "natashenka of Google Project Zero", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2018-4222", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208848", "https://support.apple.com/en-us/HT208850", "https://support.apple.com/en-us/HT208851", "https://support.apple.com/en-us/HT208852", "https://support.apple.com/en-us/HT208853", "https://support.apple.com/en-us/HT208854" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.4" ], "credit": "Abraham Masri (@cheesecakeufo)", "description": "An authorization issue was addressed with improved state management.", "id": "CVE-2018-4223", "impact": "A local user may be able to read a persistent account identifier", "links": [ "https://support.apple.com/en-us/HT208848", "https://support.apple.com/en-us/HT208849", "https://support.apple.com/en-us/HT208850", "https://support.apple.com/en-us/HT208851" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.4" ], "credit": "Abraham Masri (@cheesecakeufo)", "description": "An authorization issue was addressed with improved state management.", "id": "CVE-2018-4224", "impact": "A local user may be able to read a persistent device identifier", "links": [ "https://support.apple.com/en-us/HT208848", "https://support.apple.com/en-us/HT208849", "https://support.apple.com/en-us/HT208850", "https://support.apple.com/en-us/HT208851", "https://support.apple.com/en-us/HT208852", "https://support.apple.com/en-us/HT208853" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.4" ], "credit": "Abraham Masri (@cheesecakeufo)", "description": "An authorization issue was addressed with improved state management.", "id": "CVE-2018-4225", "impact": "A local user may be able to modify the state of the Keychain", "links": [ "https://support.apple.com/en-us/HT208848", "https://support.apple.com/en-us/HT208849", "https://support.apple.com/en-us/HT208851", "https://support.apple.com/en-us/HT208852", "https://support.apple.com/en-us/HT208853" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.4" ], "credit": "Abraham Masri (@cheesecakeufo)", "description": "An authorization issue was addressed with improved state management.", "id": "CVE-2018-4226", "impact": "A local user may be able to view sensitive user information", "links": [ "https://support.apple.com/en-us/HT208848", "https://support.apple.com/en-us/HT208849", "https://support.apple.com/en-us/HT208851", "https://support.apple.com/en-us/HT208852", "https://support.apple.com/en-us/HT208853" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.4" ], "credit": "Damian Poddebniak of M\u00fcnster University of Applied Sciences, Christian Dresen of M\u00fcnster University of Applied Sciences, Jens M\u00fcller of Ruhr University Bochum, Fabian Ising of M\u00fcnster University of Applied Sciences, Sebastian Schinzel of M\u00fcnster University of Applied Sciences, Simon Friedberger of KU Leuven, Juraj Somorovsky of Ruhr University Bochum, J\u00f6rg Schwenk of Ruhr University Bochum", "description": "An issue existed in the handling of encrypted Mail. This issue was addressed with improved isolation of MIME in Mail.", "id": "CVE-2018-4227", "impact": "An attacker may be able to exfiltrate the contents of S/MIME- encrypted e-mail", "links": [ "https://support.apple.com/en-us/HT208848", "https://support.apple.com/en-us/HT208849" ], "module": "Mail", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.4" ], "credit": "Benjamin Gnahm (@mitp0sh) of Mentor Graphics", "description": "A race condition was addressed with improved locking.", "id": "CVE-2018-4228", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT208849" ], "module": "IOFireWireAVC", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.4" ], "credit": "Jakob Rieck (@0xdead10cc) of the Security in Distributed Systems Group, University of Hamburg", "description": "An issue existed in parsing entitlement plists. This issue was addressed with improved input validation.", "id": "CVE-2018-4229", "impact": "A sandboxed process may be able to circumvent sandbox restrictions", "links": [ "https://support.apple.com/en-us/HT208849" ], "module": "Grand Central Dispatch", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.4" ], "credit": "Ian Beer of Google Project Zero", "description": "A race condition was addressed with improved locking.", "id": "CVE-2018-4230", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT208849" ], "module": "NVIDIA Graphics Drivers", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "an anonymous researcher, Aymeric Chaib", "description": "A permissions issue existed in the handling of web browser cookies. This issue was addressed with improved restrictions.", "id": "CVE-2018-4232", "impact": "Visiting a maliciously crafted website may lead to cookies being overwritten", "links": [ "https://support.apple.com/en-us/HT208848", "https://support.apple.com/en-us/HT208850", "https://support.apple.com/en-us/HT208852", "https://support.apple.com/en-us/HT208853", "https://support.apple.com/en-us/HT208854" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Samuel Gro\u00df (@5aelo) working with Trend Micro\u2019s Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2018-4233", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208848", "https://support.apple.com/en-us/HT208850", "https://support.apple.com/en-us/HT208851", "https://support.apple.com/en-us/HT208852", "https://support.apple.com/en-us/HT208853", "https://support.apple.com/en-us/HT208854" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.4" ], "credit": "Proteas of Qihoo 360 Nirvan Team", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2018-4234", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT208849" ], "module": "IOHIDFamily", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.4" ], "credit": "Anurodh Pokharel of Salesforce.com", "description": "An injection issue was addressed with improved input validation.", "id": "CVE-2018-4235", "impact": "A local user may be able to conduct impersonation attacks", "links": [ "https://support.apple.com/en-us/HT208848", "https://support.apple.com/en-us/HT208849", "https://support.apple.com/en-us/HT208850", "https://support.apple.com/en-us/HT208851" ], "module": "Messages", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.4" ], "credit": "Zhao Qixun(@S0rryMybad) of Qihoo 360 Vulcan Team", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2018-4236", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT208849" ], "module": "IOGraphics", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.4" ], "credit": "Samuel Gro\u00df (@5aelo) working with Trend Micro\u2019s Zero Day Initiative", "description": "A logic issue was addressed with improved validation.", "id": "CVE-2018-4237", "impact": "An application may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT208848", "https://support.apple.com/en-us/HT208849", "https://support.apple.com/en-us/HT208850", "https://support.apple.com/en-us/HT208851" ], "module": "libxpc", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Baljinder Singh, Muhammad khizer javed, Onur Can BIKMAZ (@CanBkmaz) of Mustafa Kemal University", "description": "An issue existed with Siri permissions. This was addressed with improved permission checking.", "id": "CVE-2018-4238", "impact": "A person with physical access to an iOS device may be able to enable Siri from the lock screen", "links": [ "https://support.apple.com/en-us/HT208848" ], "module": "Siri", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "an anonymous researcher", "description": "A permissions issue existed in Magnifier. This was addressed with additional permission checks.", "id": "CVE-2018-4239", "impact": "A person with physical access to an iOS device may be able to view the last image used in Magnifier from the lockscreen", "links": [ "https://support.apple.com/en-us/HT208848" ], "module": "Magnifier", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.4" ], "credit": "Sriram (@Sri_Hxor) of PrimeFort Pvt. Ltd", "description": "This issue was addressed with improved message validation.", "id": "CVE-2018-4240", "impact": "Processing a maliciously crafted message may lead to a denial of service", "links": [ "https://support.apple.com/en-us/HT208848", "https://support.apple.com/en-us/HT208849", "https://support.apple.com/en-us/HT208850", "https://support.apple.com/en-us/HT208851" ], "module": "Messages", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.4" ], "credit": "Ian Beer of Google Project Zero", "description": "A buffer overflow was addressed with improved bounds checking.", "id": "CVE-2018-4241", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT208848", "https://support.apple.com/en-us/HT208849", "https://support.apple.com/en-us/HT208850", "https://support.apple.com/en-us/HT208851" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.4", "macOS Sierra 10.12.6" ], "credit": "Zhuo Liang of Qihoo 360 Nirvan Team", "description": "A memory corruption vulnerability was addressed with improved locking.", "id": "CVE-2018-4242", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT208849", "https://support.apple.com/en-us/HT209193" ], "module": "Hypervisor", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.4" ], "credit": "Ian Beer of Google Project Zero", "description": "A buffer overflow was addressed with improved bounds checking.", "id": "CVE-2018-4243", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT208848", "https://support.apple.com/en-us/HT208849", "https://support.apple.com/en-us/HT208850", "https://support.apple.com/en-us/HT208851" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "an anonymous researcher", "description": "An issue existed with Siri permissions. This was addressed with improved permission checking.", "id": "CVE-2018-4244", "impact": "An attacker with physical access to a device may be able to see private contact information", "links": [ "https://support.apple.com/en-us/HT208848" ], "module": "Siri Contacts", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "found by OSS-Fuzz", "description": "A type confusion issue was addressed with improved memory handling.", "id": "CVE-2018-4246", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208848", "https://support.apple.com/en-us/HT208850", "https://support.apple.com/en-us/HT208851", "https://support.apple.com/en-us/HT208852", "https://support.apple.com/en-us/HT208853", "https://support.apple.com/en-us/HT208854" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Fran\u00e7ois Renaud, Jesse Viviano of Verizon Enterprise Solutions", "description": "A denial of service issue was addressed with improved validation.", "id": "CVE-2018-4247", "impact": "A malicious website may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT208848", "https://support.apple.com/en-us/HT208854" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.5" ], "credit": "Brandon Azad", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2018-4248", "impact": "A malicious application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT208935", "https://support.apple.com/en-us/HT208936", "https://support.apple.com/en-us/HT208937", "https://support.apple.com/en-us/HT208938" ], "module": "libxpc", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.4" ], "credit": "Kevin Backhouse of Semmle Ltd.", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2018-4249", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT208848", "https://support.apple.com/en-us/HT208849", "https://support.apple.com/en-us/HT208850", "https://support.apple.com/en-us/HT208851" ], "module": "Kernel", "rsr": "", "update": "December 18, 2018" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Metehan Y\u0131lmaz of Sesim Sarpkaya", "description": "This issue was addressed with improved message validation.", "id": "CVE-2018-4250", "impact": "Processing a maliciously crafted message may lead to a denial of service", "links": [ "https://support.apple.com/en-us/HT208848" ], "module": "Messages", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.4" ], "credit": "Maxim Goryachy and Mark Ermolov", "description": "A device configuration issue was addressed with an updated configuration.", "id": "CVE-2018-4251", "impact": "A malicious application with root privileges may be able to modify the EFI flash memory region", "links": [ "https://support.apple.com/en-us/HT208849" ], "module": "Firmware", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Hunter Byrnes, Martin Winkelmann (@Winkelmannnn)", "description": "An issue existed with Siri permissions. This was addressed with improved permission checking.", "id": "CVE-2018-4252", "impact": "A person with physical access to an iOS device may be able to use Siri to read notifications of content that is set not to be displayed at the lock screen", "links": [ "https://support.apple.com/en-us/HT208848" ], "module": "Siri", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.4" ], "credit": "shrek_wzw of Qihoo 360 Nirvan Team", "description": "An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation.", "id": "CVE-2018-4253", "impact": "A local user may be able to read kernel memory", "links": [ "https://support.apple.com/en-us/HT208849" ], "module": "AMD", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.4" ], "credit": "an anonymous researcher", "description": "An input validation issue existed in the kernel. This issue was addressed with improved input validation.", "id": "CVE-2018-4254", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT208849" ], "module": "AMD", "rsr": "", "update": "October 18, 2018" }, { "available": [ "macOS High Sierra 10.13.4" ], "credit": "shrek_wzw of Qihoo 360 Nirvan Team", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2018-4255", "impact": "A local user may be able to read kernel memory", "links": [ "https://support.apple.com/en-us/HT208849" ], "module": "AMD", "rsr": "", "update": "October 18, 2018, updated December 14, 2018" }, { "available": [ "macOS High Sierra 10.13.4" ], "credit": "shrek_wzw of Qihoo 360 Nirvan Team", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2018-4256", "impact": "A local user may be able to read kernel memory", "links": [ "https://support.apple.com/en-us/HT208849" ], "module": "AMD", "rsr": "", "update": "July 19, 2018" }, { "available": [ "macOS High Sierra 10.13.4" ], "credit": "shrek_wzw of Qihoo 360 Nirvan Team", "description": "A buffer overflow was addressed with improved size validation.", "id": "CVE-2018-4257", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT208849" ], "module": "AppleGraphicsPowerManagement", "rsr": "", "update": "October 18, 2018" }, { "available": [ "macOS High Sierra 10.13.4" ], "credit": "shrek_wzw of Qihoo 360 Nirvan Team", "description": "A buffer overflow was addressed with improved bounds checking.", "id": "CVE-2018-4258", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT208849" ], "module": "AppleGraphicsControl", "rsr": "", "update": "October 18, 2018" }, { "available": [ "macOS High Sierra 10.13.5", "macOS Sierra 10.12.6" ], "credit": "Kevin Backhouse of Semmle and LGTM.com", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2018-4259", "impact": "Mounting a maliciously crafted NFS network share may lead to arbitrary code execution with system privileges", "links": [ "https://support.apple.com/en-us/HT208937", "https://support.apple.com/en-us/HT209193" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.6", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "xisigr of Tencent's Xuanwu Lab (tencent.com)", "description": "An inconsistent user interface issue was addressed with improved state management.", "id": "CVE-2018-4260", "impact": "Visiting a malicious website may lead to address bar spoofing", "links": [ "https://support.apple.com/en-us/HT208934", "https://support.apple.com/en-us/HT208938" ], "module": "WebKit Page Loading", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.6", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Omair working with Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2018-4261", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208932", "https://support.apple.com/en-us/HT208933", "https://support.apple.com/en-us/HT208934", "https://support.apple.com/en-us/HT208936", "https://support.apple.com/en-us/HT208938" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.6", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Mateusz Krzywicki working with Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2018-4262", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208932", "https://support.apple.com/en-us/HT208933", "https://support.apple.com/en-us/HT208934", "https://support.apple.com/en-us/HT208935", "https://support.apple.com/en-us/HT208936", "https://support.apple.com/en-us/HT208938" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.6", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Arayz working with Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2018-4263", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208932", "https://support.apple.com/en-us/HT208933", "https://support.apple.com/en-us/HT208934", "https://support.apple.com/en-us/HT208936", "https://support.apple.com/en-us/HT208938" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.6", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "found by OSS-Fuzz, Yu Zhou and Jundong Xie of Ant-financial Light-Year Security Lab", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2018-4264", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208932", "https://support.apple.com/en-us/HT208933", "https://support.apple.com/en-us/HT208934", "https://support.apple.com/en-us/HT208935", "https://support.apple.com/en-us/HT208936", "https://support.apple.com/en-us/HT208938" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.6", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "cc working with Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2018-4265", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208932", "https://support.apple.com/en-us/HT208933", "https://support.apple.com/en-us/HT208934", "https://support.apple.com/en-us/HT208936", "https://support.apple.com/en-us/HT208938" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.6", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "found by OSS-Fuzz", "description": "A race condition was addressed with additional validation.", "id": "CVE-2018-4266", "impact": "A malicious website may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT208932", "https://support.apple.com/en-us/HT208933", "https://support.apple.com/en-us/HT208934", "https://support.apple.com/en-us/HT208935", "https://support.apple.com/en-us/HT208936", "https://support.apple.com/en-us/HT208938" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.6", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Arayz of Pangu team working with Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2018-4267", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208932", "https://support.apple.com/en-us/HT208933", "https://support.apple.com/en-us/HT208934", "https://support.apple.com/en-us/HT208936", "https://support.apple.com/en-us/HT208938" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.5" ], "credit": "Mac working with Trend Micro's Zero Day Initiative", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2018-4268", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT208937" ], "module": "APFS", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6", "Windows 7 and later" ], "credit": "Abraham Masri (@cheesecakeufo)", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2018-4269", "impact": "A malicious application may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/HT208932", "https://support.apple.com/en-us/HT208935", "https://support.apple.com/en-us/HT208936", "https://support.apple.com/en-us/HT208937" ], "module": "CoreCrypto", "rsr": "", "update": "October 24, 2018" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.6", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "found by OSS-Fuzz", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2018-4270", "impact": "Processing maliciously crafted web content may lead to an unexpected Safari crash", "links": [ "https://support.apple.com/en-us/HT208932", "https://support.apple.com/en-us/HT208933", "https://support.apple.com/en-us/HT208934", "https://support.apple.com/en-us/HT208935", "https://support.apple.com/en-us/HT208936", "https://support.apple.com/en-us/HT208938" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.6", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "found by OSS-Fuzz", "description": "Multiple memory corruption issues were addressed with improved input validation.", "id": "CVE-2018-4271", "impact": "Processing maliciously crafted web content may lead to an unexpected Safari crash", "links": [ "https://support.apple.com/en-us/HT208932", "https://support.apple.com/en-us/HT208933", "https://support.apple.com/en-us/HT208934", "https://support.apple.com/en-us/HT208935", "https://support.apple.com/en-us/HT208936", "https://support.apple.com/en-us/HT208938" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.6", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "found by OSS-Fuzz", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2018-4272", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208932", "https://support.apple.com/en-us/HT208933", "https://support.apple.com/en-us/HT208934", "https://support.apple.com/en-us/HT208935", "https://support.apple.com/en-us/HT208936", "https://support.apple.com/en-us/HT208938" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.6", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "found by OSS-Fuzz", "description": "Multiple memory corruption issues were addressed with improved input validation.", "id": "CVE-2018-4273", "impact": "Processing maliciously crafted web content may lead to an unexpected Safari crash", "links": [ "https://support.apple.com/en-us/HT208932", "https://support.apple.com/en-us/HT208933", "https://support.apple.com/en-us/HT208934", "https://support.apple.com/en-us/HT208935", "https://support.apple.com/en-us/HT208936", "https://support.apple.com/en-us/HT208938" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.6", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.5" ], "credit": "Tomasz Bojarski", "description": "A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation.", "id": "CVE-2018-4274", "impact": "Visiting a malicious website may lead to address bar spoofing", "links": [ "https://support.apple.com/en-us/HT208934", "https://support.apple.com/en-us/HT208937", "https://support.apple.com/en-us/HT208938" ], "module": "WebKit", "rsr": "", "update": "October 30, 2018" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Brandon Azad", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2018-4275", "impact": "A malicious application may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/HT208938" ], "module": "Wi-Fi", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.5" ], "credit": "Jakub Jirasek of Secunia Research at Flexera", "description": "A null pointer dereference was addressed with improved validation.", "id": "CVE-2018-4276", "impact": "An attacker in a privileged position may be able to perform a denial of service attack", "links": [ "https://support.apple.com/en-us/HT208937" ], "module": "CUPS", "rsr": "", "update": "September 25, 2018" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.5" ], "credit": "xisigr of Tencent's Xuanwu Lab (tencent.com)", "description": "A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation.", "id": "CVE-2018-4277", "impact": "Visiting a malicious website may lead to address bar spoofing", "links": [ "https://support.apple.com/en-us/HT208854", "https://support.apple.com/en-us/HT208935", "https://support.apple.com/en-us/HT208936", "https://support.apple.com/en-us/HT208937", "https://support.apple.com/en-us/HT208938" ], "module": "LinkPresentation", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.6", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Jun Kokatsu (@shhnjk)", "description": "Sound fetched through audio elements may be exfiltrated cross-origin. This issue was addressed with improved audio taint tracking.", "id": "CVE-2018-4278", "impact": "A malicious website may exfiltrate audio data cross-origin", "links": [ "https://support.apple.com/en-us/HT208932", "https://support.apple.com/en-us/HT208933", "https://support.apple.com/en-us/HT208934", "https://support.apple.com/en-us/HT208936", "https://support.apple.com/en-us/HT208938" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.6" ], "credit": "Ruilin Yang, Xu Taoyu (xia0yu.win)", "description": "An inconsistent user interface issue was addressed with improved state management.", "id": "CVE-2018-4279", "impact": "Visiting a malicious website may lead to address bar spoofing", "links": [ "https://support.apple.com/en-us/HT208934" ], "module": "Safari", "rsr": "", "update": "October 30, 2018" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.5", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Brandon Azad", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2018-4280", "impact": "An application may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT208935", "https://support.apple.com/en-us/HT208936", "https://support.apple.com/en-us/HT208937", "https://support.apple.com/en-us/HT208938" ], "module": "libxpc", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12 and later, Ubuntu 14.04 and later" ], "credit": "Apple", "description": "A buffer overflow was addressed with improved size validation.", "id": "CVE-2018-4281", "impact": "A remote attacker may be able to overwrite arbitrary memory", "links": [ "https://support.apple.com/en-us/HT208921" ], "module": "SwiftNIO", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Adam Donenfeld (@doadam) of the Zimperium zLabs Team, Proteas of Qihoo 360 Nirvan Team, Valentin \"slashd\" Shilnenkov", "description": "An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation.", "id": "CVE-2018-4282", "impact": "A local user may be able to read kernel memory", "links": [ "https://support.apple.com/en-us/HT208935", "https://support.apple.com/en-us/HT208936", "https://support.apple.com/en-us/HT208938" ], "module": "Kernel", "rsr": "", "update": "November 16, 2018" }, { "available": [ "macOS High Sierra 10.13.5" ], "credit": "@panicaII working with Trend Micro's Zero Day Initiative", "description": "An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation.", "id": "CVE-2018-4283", "impact": "A local user may be able to read kernel memory", "links": [ "https://support.apple.com/en-us/HT208937" ], "module": "IOGraphics", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.6", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "found by OSS-Fuzz", "description": "A type confusion issue was addressed with improved memory handling.", "id": "CVE-2018-4284", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208932", "https://support.apple.com/en-us/HT208933", "https://support.apple.com/en-us/HT208934", "https://support.apple.com/en-us/HT208935", "https://support.apple.com/en-us/HT208936", "https://support.apple.com/en-us/HT208938" ], "module": "WebKit", "rsr": "", "update": "August 1, 2019" }, { "available": [ "macOS High Sierra 10.13.5" ], "credit": "Mohamed Ghannam (@_simo36)", "description": "A type confusion issue was addressed with improved memory handling.", "id": "CVE-2018-4285", "impact": "A malicious application may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/HT208937" ], "module": "ATS", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.5", "macOS Sierra 10.12.6" ], "credit": "Kevin Backhouse of Semmle and LGTM.com", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2018-4286", "impact": "Mounting a maliciously crafted NFS network share may lead to arbitrary code execution with system privileges", "links": [ "https://support.apple.com/en-us/HT208937", "https://support.apple.com/en-us/HT209193" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.5", "macOS Sierra 10.12.6" ], "credit": "Kevin Backhouse of Semmle and LGTM.com", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2018-4287", "impact": "Mounting a maliciously crafted NFS network share may lead to arbitrary code execution with system privileges", "links": [ "https://support.apple.com/en-us/HT208937", "https://support.apple.com/en-us/HT209193" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.5", "macOS Sierra 10.12.6" ], "credit": "Kevin Backhouse of Semmle and LGTM.com", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2018-4288", "impact": "Mounting a maliciously crafted NFS network share may lead to arbitrary code execution with system privileges", "links": [ "https://support.apple.com/en-us/HT208937", "https://support.apple.com/en-us/HT209193" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.5" ], "credit": "shrek_wzw of Qihoo 360 Nirvan Team", "description": "An information disclosure issue was addressed by removing the vulnerable code.", "id": "CVE-2018-4289", "impact": "A malicious application may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT208937" ], "module": "AMD", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Patrick Wardle of Digita Security", "description": "A denial of service issue was addressed with improved memory handling.", "id": "CVE-2018-4290", "impact": "Processing an emoji under certain configurations may lead to a denial of service", "links": [ "https://support.apple.com/en-us/HT208935", "https://support.apple.com/en-us/HT208938" ], "module": "Emoji", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.5", "macOS Sierra 10.12.6" ], "credit": "Kevin Backhouse of Semmle and LGTM.com", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2018-4291", "impact": "Mounting a maliciously crafted NFS network share may lead to arbitrary code execution with system privileges", "links": [ "https://support.apple.com/en-us/HT208937", "https://support.apple.com/en-us/HT209193" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.5" ], "credit": "an anonymous researcher", "description": "A cookie management issue was addressed with improved checks.", "id": "CVE-2018-4293", "impact": "Cookies may unexpectedly persist in Safari", "links": [ "https://support.apple.com/en-us/HT208932", "https://support.apple.com/en-us/HT208933", "https://support.apple.com/en-us/HT208935", "https://support.apple.com/en-us/HT208936", "https://support.apple.com/en-us/HT208937", "https://support.apple.com/en-us/HT208938" ], "module": "CFNetwork", "rsr": "", "update": "" }, { "available": [ "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6" ], "credit": "Jianjun Chen (@whucjj) from Tsinghua University and UC Berkeley", "description": "An input validation issue was addressed with improved input validation.", "id": "CVE-2018-4295", "impact": "A remote attacker may be able to attack AFP servers through HTTP clients", "links": [ "https://support.apple.com/en-us/HT209139", "https://support.apple.com/en-us/HT209193" ], "module": "afpserver", "rsr": "", "update": "" }, { "available": [ "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)" ], "credit": "Vitaly Cheptsov", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2018-4296", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT209139" ], "module": "Bluetooth", "rsr": "", "update": "October 23, 2018" }, { "available": [ "macOS High Sierra 10.13.3", "macOS Sierra 10.12.6" ], "credit": "Tim van der Werff of SupCloud", "description": "A permissions issue existed in Remote Management. This issue was addressed through improved permission validation.", "id": "CVE-2018-4298", "impact": "A remote user may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/HT208465", "https://support.apple.com/en-us/HT208692" ], "module": "Remote Management", "rsr": "", "update": "July 19, 2018" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14" ], "credit": "Samuel Gro\u03b2 (saelo) working with Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2018-4299", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209107", "https://support.apple.com/en-us/HT209108", "https://support.apple.com/en-us/HT209109", "https://support.apple.com/en-us/HT209140", "https://support.apple.com/en-us/HT209141" ], "module": "WebKit", "rsr": "", "update": "October 24, 2018" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.1" ], "credit": "Mohamed Ghannam (@_simo36)", "description": "A type confusion issue was addressed with improved memory handling.", "id": "CVE-2018-4303", "impact": "A malicious application may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/HT209340", "https://support.apple.com/en-us/HT209341", "https://support.apple.com/en-us/HT209342", "https://support.apple.com/en-us/HT209343" ], "module": "Airport", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6" ], "credit": "jianan.huang (@Sevck)", "description": "A denial of service issue was addressed with improved validation.", "id": "CVE-2018-4304", "impact": "Processing a maliciously crafted text file may lead to a denial of service", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209107", "https://support.apple.com/en-us/HT209108", "https://support.apple.com/en-us/HT209139", "https://support.apple.com/en-us/HT209193" ], "module": "Foundation", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Jerry Decime", "description": "An input validation issue was addressed with improved input validation.", "id": "CVE-2018-4305", "impact": "An attacker in a privileged network position may be able to spoof password prompts in the iTunes Store", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209107", "https://support.apple.com/en-us/HT209108" ], "module": "iTunes Store", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14" ], "credit": "Ivan Fratric of Google Project Zero", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2018-4306", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209107", "https://support.apple.com/en-us/HT209109", "https://support.apple.com/en-us/HT209140", "https://support.apple.com/en-us/HT209141" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14" ], "credit": "Rafay Baloch of Pakistan Telecommunications Authority", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2018-4307", "impact": "A malicious website may be able to exfiltrate autofilled data in Safari", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209109" ], "module": "Safari", "rsr": "", "update": "September 24, 2018" }, { "available": [ "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6" ], "credit": "Mohamed Ghannam (@_simo36)", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2018-4308", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT209139", "https://support.apple.com/en-us/HT209193" ], "module": "ATS", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14" ], "credit": "an anonymous researcher working with Trend Micro's Zero Day Initiative", "description": "A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation.", "id": "CVE-2018-4309", "impact": "A malicious website may be able to execute scripts in the context of another website", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209107", "https://support.apple.com/en-us/HT209109", "https://support.apple.com/en-us/HT209140", "https://support.apple.com/en-us/HT209141" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6" ], "credit": "CodeColorist of Ant-Financial LightYear Labs", "description": "An access issue was addressed with additional sandbox restrictions.", "id": "CVE-2018-4310", "impact": "A sandboxed process may be able to circumvent sandbox restrictions", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209139", "https://support.apple.com/en-us/HT209193" ], "module": "MediaRemote", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 1 and later", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14" ], "credit": "Erling Alf Ellingsen (@steike)", "description": "The issue was addressed by removing origin information.", "id": "CVE-2018-4311", "impact": "Cross-origin SecurityErrors includes the accessed frame\u2019s origin", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209108", "https://support.apple.com/en-us/HT209109", "https://support.apple.com/en-us/HT209140", "https://support.apple.com/en-us/HT209141" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14" ], "credit": "Ivan Fratric of Google Project Zero", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2018-4312", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209107", "https://support.apple.com/en-us/HT209109", "https://support.apple.com/en-us/HT209140", "https://support.apple.com/en-us/HT209141" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "11 anonymous researchers, David Scott, Enes Mert Ulu of Abdullah M\u00fcr\u015fide \u00d6z\u00fcnenek Anadolu Lisesi - Ankara/T\u00fcrkiye, Mehmet Ferit Da\u015ftan of Van Y\u00fcz\u00fcnc\u00fc Y\u0131l University, Metin Altug Karakaya of Kaliptus Medical Organization, Vinodh Swami of Western Governor's University (WGU)", "description": "A consistency issue existed in the handling of application snapshots. The issue was addressed with improved handling of application snapshots.", "id": "CVE-2018-4313", "impact": "A local user may be able to discover websites a user has visited", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209107", "https://support.apple.com/en-us/HT209108" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14" ], "credit": "Ivan Fratric of Google Project Zero", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2018-4314", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209107", "https://support.apple.com/en-us/HT209109", "https://support.apple.com/en-us/HT209140", "https://support.apple.com/en-us/HT209141" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14" ], "credit": "Ivan Fratric of Google Project Zero", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2018-4315", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209107", "https://support.apple.com/en-us/HT209109", "https://support.apple.com/en-us/HT209140", "https://support.apple.com/en-us/HT209141" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14" ], "credit": "crixer, Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2018-4316", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209107", "https://support.apple.com/en-us/HT209109", "https://support.apple.com/en-us/HT209140", "https://support.apple.com/en-us/HT209141" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14" ], "credit": "Ivan Fratric of Google Project Zero", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2018-4317", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209107", "https://support.apple.com/en-us/HT209109", "https://support.apple.com/en-us/HT209140", "https://support.apple.com/en-us/HT209141" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14" ], "credit": "Ivan Fratric of Google Project Zero", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2018-4318", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209107", "https://support.apple.com/en-us/HT209109", "https://support.apple.com/en-us/HT209140", "https://support.apple.com/en-us/HT209141" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 1 and later", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14" ], "credit": "John Pettitt of Google", "description": "A cross-origin issue existed with \"iframe\" elements. This was addressed with improved tracking of security origins.", "id": "CVE-2018-4319", "impact": "A malicious website may cause unexepected cross-origin behavior", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209108", "https://support.apple.com/en-us/HT209109", "https://support.apple.com/en-us/HT209140", "https://support.apple.com/en-us/HT209141" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Min (Spark) Zheng, Xiaolong Bai of Alibaba Inc.", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2018-4321", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209107", "https://support.apple.com/en-us/HT209139" ], "module": "Bluetooth", "rsr": "", "update": "October 23, 2018" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Min (Spark) Zheng, Xiaolong Bai of Alibaba Inc.", "description": "This issue was addressed with improved entitlements.", "id": "CVE-2018-4322", "impact": "A local app may be able to read a persistent account identifier", "links": [ "https://support.apple.com/en-us/HT209106" ], "module": "Accounts", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14" ], "credit": "Ivan Fratric of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2018-4323", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209107", "https://support.apple.com/en-us/HT209109", "https://support.apple.com/en-us/HT209140", "https://support.apple.com/en-us/HT209141" ], "module": "WebKit", "rsr": "", "update": "October 24, 2018" }, { "available": [ "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)" ], "credit": "Sergii Kryvoblotskyi of MacPaw Inc.", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2018-4324", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT209139" ], "module": "Bluetooth", "rsr": "", "update": "October 23, 2018" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Brian Adeloye", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2018-4325", "impact": "A person with physical access to an iOS device may be able to determine the last used app from the lock screen", "links": [ "https://support.apple.com/en-us/HT209106" ], "module": "Status Bar", "rsr": "", "update": "" }, { "available": [ "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6" ], "credit": "an anonymous researcher working with Trend Micro's Zero Day Initiative, Zhuo Liang of Qihoo 360 Nirvan Team", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2018-4326", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209139", "https://support.apple.com/en-us/HT209193" ], "module": "mDNSOffloadUserClient", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Apple", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2018-4327", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT208938" ], "module": "Core Bluetooth", "rsr": "", "update": "August 8, 2018" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14" ], "credit": "Ivan Fratric of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2018-4328", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209107", "https://support.apple.com/en-us/HT209109", "https://support.apple.com/en-us/HT209140", "https://support.apple.com/en-us/HT209141" ], "module": "WebKit", "rsr": "", "update": "October 24, 2018" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14" ], "credit": "Hugo S. Diaz (coldpointblue)", "description": "Clearing a history item may not clear visits with redirect chains. The issue was addressed with improved data deletion.", "id": "CVE-2018-4329", "impact": "A user may be unable to delete browsing history items", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209109" ], "module": "Safari", "rsr": "", "update": "September 24, 2018" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Apple", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2018-4330", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT208848" ], "module": "Core Bluetooth", "rsr": "", "update": "August 8, 2018" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6" ], "credit": "Brandon Azad", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2018-4331", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209107", "https://support.apple.com/en-us/HT209108", "https://support.apple.com/en-us/HT209139", "https://support.apple.com/en-us/HT209193" ], "module": "Heimdal", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Brandon Azad", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2018-4332", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209107", "https://support.apple.com/en-us/HT209108", "https://support.apple.com/en-us/HT209139" ], "module": "Bluetooth", "rsr": "", "update": "October 23, 2018" }, { "available": [ "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Brandon Azad", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2018-4333", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209139" ], "module": "Bluetooth", "rsr": "", "update": "October 23, 2018" }, { "available": [ "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)", "macOS Sierra 10.12.6" ], "credit": "Ian Beer of Google Project Zero", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2018-4334", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT209139", "https://support.apple.com/en-us/HT209193" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Brandon Azad", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2018-4335", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT209106" ], "module": "IOMobileFrameBuffer", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Brandon Azad", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2018-4336", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209107", "https://support.apple.com/en-us/HT209108", "https://support.apple.com/en-us/HT209139" ], "module": "Bluetooth", "rsr": "", "update": "October 23, 2018" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Ian Beer of Google Project Zero", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2018-4337", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209107", "https://support.apple.com/en-us/HT209108", "https://support.apple.com/en-us/HT209139" ], "module": "Bluetooth", "rsr": "", "update": "October 23, 2018" }, { "available": [ "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)" ], "credit": "Lee @ SECLAB, Yonsei University working with Trend Micro's Zero Day Initiative", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2018-4338", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT209139" ], "module": "Bluetooth", "rsr": "", "update": "October 23, 2018" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Michael Thomas (@NSBiscuit)", "description": "This issue was addressed with a new entitlement.", "id": "CVE-2018-4339", "impact": "A local user may be able to read a persistent device identifier", "links": [ "https://support.apple.com/en-us/HT209192" ], "module": "Bluetooth", "rsr": "", "update": "June 24, 2019" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14" ], "credit": "Mohamed Ghannam (@_simo36)", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2018-4340", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209107", "https://support.apple.com/en-us/HT209108", "https://support.apple.com/en-us/HT209139", "https://support.apple.com/en-us/HT209193" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6" ], "credit": "Ian Beer of Google Project Zero", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2018-4341", "impact": "A malicious application may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209107", "https://support.apple.com/en-us/HT209108", "https://support.apple.com/en-us/HT209139", "https://support.apple.com/en-us/HT209193" ], "module": "IOKit", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.6, macOS Mojave 10.14" ], "credit": "Timothy Perfitt of Twocanoes Software", "description": "A configuration issue was addressed with additional restrictions.", "id": "CVE-2018-4342", "impact": "A local user may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/HT209193" ], "module": "EFI", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Brandon Azad", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2018-4343", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209107", "https://support.apple.com/en-us/HT209108", "https://support.apple.com/en-us/HT209139" ], "module": "Bluetooth", "rsr": "", "update": "October 23, 2018" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "The UK's National Cyber Security Centre (NCSC)", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2018-4344", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209107", "https://support.apple.com/en-us/HT209108", "https://support.apple.com/en-us/HT209139" ], "module": "Bluetooth", "rsr": "", "update": "October 23, 2018" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14" ], "credit": "Jun Kokatsu (@shhnjk)", "description": "A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation.", "id": "CVE-2018-4345", "impact": "A malicious website may exfiltrate image data cross-origin", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209107", "https://support.apple.com/en-us/HT209109", "https://support.apple.com/en-us/HT209140", "https://support.apple.com/en-us/HT209141" ], "module": "WebKit", "rsr": "", "update": "December 18, 2018" }, { "available": [ "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6" ], "credit": "Wojciech Regu\u0142a (@_r3ggi) of SecuRing", "description": "A validation issue existed which allowed local file access. This was addressed with input sanitization.", "id": "CVE-2018-4346", "impact": "Parsing a maliciously crafted dictionary file may lead to disclosure of user information", "links": [ "https://support.apple.com/en-us/HT209139", "https://support.apple.com/en-us/HT209193" ], "module": "Dictionary", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "Windows 7 and later", "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Vasyl Tkachuk of Readdle", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2018-4347", "impact": "Processing a maliciously crafted text file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209107", "https://support.apple.com/en-us/HT209108", "https://support.apple.com/en-us/HT209139", "https://support.apple.com/en-us/HT209140", "https://support.apple.com/en-us/HT209141" ], "module": "CoreText", "rsr": "", "update": "October 30, 2018, updated December 18, 2018" }, { "available": [ "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6" ], "credit": "Ken Gannon of MWR InfoSecurity and Christian Demko of MWR InfoSecurity", "description": "A validation issue was addressed with improved logic.", "id": "CVE-2018-4348", "impact": "A local user may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT209139", "https://support.apple.com/en-us/HT209193" ], "module": "Login Window", "rsr": "", "update": "" }, { "available": [ "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)", "macOS High Sierra 10.13.6" ], "credit": "Yu Wang of Didi Research America", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2018-4350", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT209139", "https://support.apple.com/en-us/HT209193" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)" ], "credit": "Appology Team @ Theori working with Trend Micro's Zero Day Initiative", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2018-4351", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT209139" ], "module": "Bluetooth", "rsr": "", "update": "October 23, 2018" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Utku Altinkaynak", "description": "A consistency issue existed in the handling of application snapshots. The issue was addressed with improved handling of notes deletions.", "id": "CVE-2018-4352", "impact": "A local user may be able to discover a user\u2019s deleted notes", "links": [ "https://support.apple.com/en-us/HT209106" ], "module": "Notes", "rsr": "", "update": "October 30, 2018" }, { "available": [ "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)" ], "credit": "Abhinav Bansal of LinkedIn Inc.", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2018-4353", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT209139" ], "module": "Bluetooth", "rsr": "", "update": "October 23, 2018" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6" ], "credit": "Ian Beer of Google Project Zero", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2018-4354", "impact": "A malicious application may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209107", "https://support.apple.com/en-us/HT209108", "https://support.apple.com/en-us/HT209139", "https://support.apple.com/en-us/HT209193" ], "module": "IOKit", "rsr": "", "update": "" }, { "available": [ "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "evi1m0 of bilibili security team", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2018-4355", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209139" ], "module": "Bluetooth", "rsr": "", "update": "October 23, 2018" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "an anonymous researcher", "description": "A permissions issue existed. This issue was addressed with improved permission validation.", "id": "CVE-2018-4356", "impact": "An app may be able to learn information about the current camera view before being granted camera access", "links": [ "https://support.apple.com/en-us/HT209106" ], "module": "CoreMedia", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.6 or later" ], "credit": "found by OSS-Fuzz", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2018-4357", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT209135" ], "module": "LLVM", "rsr": "", "update": "October 24, 2018" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14" ], "credit": "@phoenhex team (@bkth_ @5aelo @_niklasb) working with Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2018-4358", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209107", "https://support.apple.com/en-us/HT209108", "https://support.apple.com/en-us/HT209109", "https://support.apple.com/en-us/HT209140", "https://support.apple.com/en-us/HT209141" ], "module": "WebKit", "rsr": "", "update": "October 24, 2018" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14" ], "credit": "Samuel Gro\u00df (@5aelo)", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2018-4359", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209107", "https://support.apple.com/en-us/HT209108", "https://support.apple.com/en-us/HT209109", "https://support.apple.com/en-us/HT209140", "https://support.apple.com/en-us/HT209141" ], "module": "WebKit", "rsr": "", "update": "October 24, 2018" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14" ], "credit": "William Bowling (@wcbowling)", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2018-4360", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209107", "https://support.apple.com/en-us/HT209109", "https://support.apple.com/en-us/HT209140", "https://support.apple.com/en-us/HT209141" ], "module": "WebKit", "rsr": "", "update": "October 24, 2018" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14" ], "credit": "found by OSS-Fuzz", "description": "A memory consumption issue was addressed with improved memory handling.", "id": "CVE-2018-4361", "impact": "Unexpected interaction causes an ASSERT failure", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209107", "https://support.apple.com/en-us/HT209108", "https://support.apple.com/en-us/HT209109", "https://support.apple.com/en-us/HT209140", "https://support.apple.com/en-us/HT209141" ], "module": "WebKit", "rsr": "", "update": "January 22, 2019" }, { "available": [ "OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.6", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Jun Kokatsu (@shhnjk)", "description": "An inconsistent user interface issue was addressed with improved state management.", "id": "CVE-2018-4362", "impact": "Visiting a malicious website may lead to address bar spoofing", "links": [ "https://support.apple.com/en-us/HT208934", "https://support.apple.com/en-us/HT209106" ], "module": "SafariViewController", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Ian Beer of Google Project Zero", "description": "An input validation issue existed in the kernel. This issue was addressed with improved input validation.", "id": "CVE-2018-4363", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209107", "https://support.apple.com/en-us/HT209108" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "an anonymous researcher", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2018-4365", "impact": "Processing a maliciously crafted vcf file may lead to a denial of service", "links": [ "https://support.apple.com/en-us/HT209192" ], "module": "Contacts", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "natashenka of Google Project Zero", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2018-4366", "impact": "A remote attacker may be able to leak memory", "links": [ "https://support.apple.com/en-us/HT209192" ], "module": "FaceTime", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "natashenka of Google Project Zero", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2018-4367", "impact": "A remote attacker may be able to initiate a FaceTime call causing arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209192" ], "module": "FaceTime", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14" ], "credit": "Milan Stute and Alex Mariotto of Secure Mobile Networking Lab at Technische Universit\u00e4t Darmstadt", "description": "A denial of service issue was addressed with improved validation.", "id": "CVE-2018-4368", "impact": "An attacker in a privileged position may be able to perform a denial of service attack", "links": [ "https://support.apple.com/en-us/HT209192", "https://support.apple.com/en-us/HT209193", "https://support.apple.com/en-us/HT209194", "https://support.apple.com/en-us/HT209195" ], "module": "Wi-Fi", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.6, macOS Mojave 10.14" ], "credit": "an anonymous researcher", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2018-4369", "impact": "Connecting to a VPN server may leak DNS queries to a DNS proxy", "links": [ "https://support.apple.com/en-us/HT209192", "https://support.apple.com/en-us/HT209193", "https://support.apple.com/en-us/HT209194", "https://support.apple.com/en-us/HT209195" ], "module": "NetworkExtension", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14" ], "credit": "Tim Michaud (@TimGMichaud) of Leviathan Security Group", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2018-4371", "impact": "An application may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT209192", "https://support.apple.com/en-us/HT209193", "https://support.apple.com/en-us/HT209194", "https://support.apple.com/en-us/HT209195" ], "module": "IPSec", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and macOS Mojave 10.14" ], "credit": "HyungSeok Han, DongHyeon Oh, and Sang Kil Cha of KAIST Softsec Lab, Korea", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2018-4372", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209192", "https://support.apple.com/en-us/HT209194", "https://support.apple.com/en-us/HT209195", "https://support.apple.com/en-us/HT209196", "https://support.apple.com/en-us/HT209197", "https://support.apple.com/en-us/HT209198" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 1 and later", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and macOS Mojave 10.14" ], "credit": "ngg, alippai, DirtYiCE, KT of Tresorit working with Trend Micro\u2019s Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2018-4373", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209192", "https://support.apple.com/en-us/HT209195", "https://support.apple.com/en-us/HT209196", "https://support.apple.com/en-us/HT209197", "https://support.apple.com/en-us/HT209198" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 1 and later", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and macOS Mojave 10.14" ], "credit": "Ryan Pickren (ryanpickren.com)", "description": "A logic issue was addressed with improved validation.", "id": "CVE-2018-4374", "impact": "Enabling the Safari Reader feature on a maliciously crafted webpage may lead to universal cross site scripting", "links": [ "https://support.apple.com/en-us/HT209192", "https://support.apple.com/en-us/HT209195", "https://support.apple.com/en-us/HT209196", "https://support.apple.com/en-us/HT209197", "https://support.apple.com/en-us/HT209198" ], "module": "Safari Reader", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 1 and later", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and macOS Mojave 10.14" ], "credit": "Yu Haiwan and Wu Hongjun From Nanyang Technological University working with Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2018-4375", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209192", "https://support.apple.com/en-us/HT209195", "https://support.apple.com/en-us/HT209196", "https://support.apple.com/en-us/HT209197", "https://support.apple.com/en-us/HT209198" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 1 and later", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and macOS Mojave 10.14" ], "credit": "010 working with Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2018-4376", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209192", "https://support.apple.com/en-us/HT209195", "https://support.apple.com/en-us/HT209196", "https://support.apple.com/en-us/HT209197", "https://support.apple.com/en-us/HT209198" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 1 and later", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and macOS Mojave 10.14" ], "credit": "Ryan Pickren (ryanpickren.com)", "description": "A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation.", "id": "CVE-2018-4377", "impact": "Enabling the Safari Reader feature on a maliciously crafted webpage may lead to universal cross site scripting", "links": [ "https://support.apple.com/en-us/HT209192", "https://support.apple.com/en-us/HT209195", "https://support.apple.com/en-us/HT209196", "https://support.apple.com/en-us/HT209197", "https://support.apple.com/en-us/HT209198" ], "module": "Safari Reader", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and macOS Mojave 10.14" ], "credit": "HyungSeok Han, DongHyeon Oh, and Sang Kil Cha of KAIST Softsec Lab, Korea, zhunki of 360 ESG Codesafe Team", "description": "A memory corruption issue was addressed with improved validation.", "id": "CVE-2018-4378", "impact": "Processing maliciously crafted web content may lead to code execution", "links": [ "https://support.apple.com/en-us/HT209192", "https://support.apple.com/en-us/HT209194", "https://support.apple.com/en-us/HT209195", "https://support.apple.com/en-us/HT209196", "https://support.apple.com/en-us/HT209197", "https://support.apple.com/en-us/HT209198" ], "module": "WebKit", "rsr": "", "update": "November 16, 2018" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "videosdebarraquito", "description": "A lock screen issue allowed access to the share function on a locked device. This issue was addressed by restricting options offered on a locked device.", "id": "CVE-2018-4379", "impact": "A local attacker may be able to share items from the lock screen", "links": [ "https://support.apple.com/en-us/HT209162" ], "module": "Quick Look", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "videosdebarraquito", "description": "A lock screen issue allowed access to photos and contacts on a locked device. This issue was addressed by restricting options offered on a locked device.", "id": "CVE-2018-4380", "impact": "A local attacker may be able to view photos and contacts from the lock screen", "links": [ "https://support.apple.com/en-us/HT209162" ], "module": "VoiceOver", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Angel Ramirez", "description": "A resource exhaustion issue was addressed with improved input validation.", "id": "CVE-2018-4381", "impact": "Processing a maliciously crafted message may lead to a denial of service", "links": [ "https://support.apple.com/en-us/HT209192", "https://support.apple.com/en-us/HT209194", "https://support.apple.com/en-us/HT209195" ], "module": "Mail", "rsr": "", "update": "January 22, 2019" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and macOS Mojave 10.14" ], "credit": "lokihardt of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2018-4382", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209192", "https://support.apple.com/en-us/HT209194", "https://support.apple.com/en-us/HT209195", "https://support.apple.com/en-us/HT209196", "https://support.apple.com/en-us/HT209197", "https://support.apple.com/en-us/HT209198" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Apple", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2018-4383", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209107", "https://support.apple.com/en-us/HT209108", "https://support.apple.com/en-us/HT209139" ], "module": "Bluetooth", "rsr": "", "update": "October 23, 2018" }, { "available": [ "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Natalie Silvanovich of Google Project Zero", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2018-4384", "impact": "A malicious application may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/HT209192", "https://support.apple.com/en-us/HT209195" ], "module": "AppleAVD", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "an anonymous researcher", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2018-4385", "impact": "Visiting a malicious website may lead to address bar spoofing", "links": [ "https://support.apple.com/en-us/HT209192" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and macOS Mojave 10.14" ], "credit": "lokihardt of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2018-4386", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209192", "https://support.apple.com/en-us/HT209194", "https://support.apple.com/en-us/HT209195", "https://support.apple.com/en-us/HT209196", "https://support.apple.com/en-us/HT209197", "https://support.apple.com/en-us/HT209198" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "videosdebarraquito", "description": "A lock screen issue allowed access to photos via Reply With Message on a locked device. This issue was addressed with improved state management.", "id": "CVE-2018-4387", "impact": "A local attacker may be able to view photos from the lock screen", "links": [ "https://support.apple.com/en-us/HT209192" ], "module": "VoiceOver", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "videosdebarraquito", "description": "A lock screen issue allowed access to the share function on a locked device. This issue was addressed by restricting options offered on a locked device.", "id": "CVE-2018-4388", "impact": "A local attacker may be able to share items from the lock screen", "links": [ "https://support.apple.com/en-us/HT209192" ], "module": "Notes", "rsr": "", "update": "November 16, 2018" }, { "available": [ "macOS Mojave 10.14" ], "credit": "Dropbox Offensive Security Team, Theodor Ragnar Gislason of Syndis", "description": "An inconsistent user interface issue was addressed with improved state management.", "id": "CVE-2018-4389", "impact": "Processing a maliciously crafted mail message may lead to UI spoofing", "links": [ "https://support.apple.com/en-us/HT209193" ], "module": "Mail", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Rayyan Bijoora (@Bijoora) of The City School, PAF Chapter", "description": "An inconsistent user interface issue was addressed with improved state management.", "id": "CVE-2018-4390", "impact": "Processing a maliciously crafted text message may lead to UI spoofing", "links": [ "https://support.apple.com/en-us/HT208693", "https://support.apple.com/en-us/HT208696", "https://support.apple.com/en-us/HT209192" ], "module": "Messages", "rsr": "", "update": "" }, { "available": [ "All Apple Watch models", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Rayyan Bijoora (@Bijoora) of The City School, PAF Chapter", "description": "An inconsistent user interface issue was addressed with improved state management.", "id": "CVE-2018-4391", "impact": "Processing a maliciously crafted text message may lead to UI spoofing", "links": [ "https://support.apple.com/en-us/HT208693", "https://support.apple.com/en-us/HT208696", "https://support.apple.com/en-us/HT209192" ], "module": "Messages", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and macOS Mojave 10.14" ], "credit": "zhunki of 360 ESG Codesafe Team", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2018-4392", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209192", "https://support.apple.com/en-us/HT209194", "https://support.apple.com/en-us/HT209195", "https://support.apple.com/en-us/HT209196", "https://support.apple.com/en-us/HT209197", "https://support.apple.com/en-us/HT209198" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6" ], "credit": "Lufeng Li", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2018-4393", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT209139", "https://support.apple.com/en-us/HT209193" ], "module": "Spotlight", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.6, macOS Mojave 10.14, macOS Sierra 10.12.6" ], "credit": "Erik Verbruggen of The Qt Company", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2018-4394", "impact": "Processing a maliciously crafted string may lead to heap corruption", "links": [ "https://support.apple.com/en-us/HT209192", "https://support.apple.com/en-us/HT209193", "https://support.apple.com/en-us/HT209194", "https://support.apple.com/en-us/HT209195", "https://support.apple.com/en-us/HT209197" ], "module": "ICU", "rsr": "", "update": "December 18, 2018" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6" ], "credit": "Patrick Wardle of Digita Security", "description": "This issue was addressed with improved checks.", "id": "CVE-2018-4395", "impact": "A local user may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209107", "https://support.apple.com/en-us/HT209108", "https://support.apple.com/en-us/HT209139", "https://support.apple.com/en-us/HT209193" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)", "macOS High Sierra 10.13.6" ], "credit": "Yu Wang of Didi Research America", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2018-4396", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT209139", "https://support.apple.com/en-us/HT209193" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "iOS 11.0 and later" ], "credit": "Yi\u011fit Can YILMAZ (@yilmazcanyigit)", "description": "Analytics data was sent using HTTP rather than HTTPS. This was addressed by sending analytics data using HTTPS.", "id": "CVE-2018-4397", "impact": "An attacker in a privileged network position may be able to intercept analytics data sent to Apple", "links": [ "https://support.apple.com/en-us/HT209117" ], "module": "Analytics", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14" ], "credit": "Martin Albrecht, Jake Massimo and Kenny Paterson of Royal Holloway, University of London, and Juraj Somorovsky of Ruhr University, Bochum", "description": "An issue existed in the method for determining prime numbers. This issue was addressed by using pseudorandom bases for testing of primes.", "id": "CVE-2018-4398", "impact": "An attacker may be able to exploit a weakness in the Miller-Rabin primality test to incorrectly identify prime numbers", "links": [ "https://support.apple.com/en-us/HT209192", "https://support.apple.com/en-us/HT209193", "https://support.apple.com/en-us/HT209194", "https://support.apple.com/en-us/HT209195", "https://support.apple.com/en-us/HT209197", "https://support.apple.com/en-us/HT209198" ], "module": "CoreCrypto", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.6" ], "credit": "Fabiano Anemone (@anoane)", "description": "An access issue existed with privileged API calls. This issue was addressed with additional restrictions.", "id": "CVE-2018-4399", "impact": "A malicious application may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209107", "https://support.apple.com/en-us/HT209108", "https://support.apple.com/en-us/HT209139", "https://support.apple.com/en-us/HT209193" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14" ], "credit": "Yukinobu Nagayasu of LAC Co., Ltd.", "description": "A validation issue was addressed with improved logic.", "id": "CVE-2018-4400", "impact": "Processing a maliciously crafted S/MIME signed message may lead to a denial of service", "links": [ "https://support.apple.com/en-us/HT209192", "https://support.apple.com/en-us/HT209193", "https://support.apple.com/en-us/HT209195" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6" ], "credit": "Apple", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2018-4401", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209107", "https://support.apple.com/en-us/HT209108", "https://support.apple.com/en-us/HT209139", "https://support.apple.com/en-us/HT209193" ], "module": "IOUserEthernet", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14" ], "credit": "Proteas of Qihoo 360 Nirvan Team", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2018-4402", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT209193" ], "module": "IOKit", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14" ], "credit": "Patrick Wardle of Digita Security", "description": "This issue was addressed by removing additional entitlements.", "id": "CVE-2018-4403", "impact": "A malicious application may be able to access restricted files", "links": [ "https://support.apple.com/en-us/HT209193" ], "module": "Dock", "rsr": "", "update": "February 15, 2019" }, { "available": [ "All Apple Watch models", "Apple TV 4K and Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.4" ], "credit": "Samuel Gro\u00df (@5aelo) working with Trend Micro\u2019s Zero Day Initiative", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2018-4404", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT208848", "https://support.apple.com/en-us/HT208849", "https://support.apple.com/en-us/HT208850", "https://support.apple.com/en-us/HT208851" ], "module": "libxpc", "rsr": "", "update": "October 30, 2018" }, { "available": [ "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6" ], "credit": "Michael Hanselmann of hansmi.ch", "description": "A denial of service issue was addressed with improved validation.", "id": "CVE-2018-4406", "impact": "An attacker in a privileged position may be able to perform a denial of service attack", "links": [ "https://support.apple.com/en-us/HT209139", "https://support.apple.com/en-us/HT209193" ], "module": "CUPS", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6" ], "credit": "Kevin Backhouse of Semmle Ltd.", "description": "A memory corruption issue was addressed with improved validation.", "id": "CVE-2018-4407", "impact": "An attacker in a privileged network position may be able to execute arbitrary code", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209107", "https://support.apple.com/en-us/HT209108", "https://support.apple.com/en-us/HT209139", "https://support.apple.com/en-us/HT209193" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6" ], "credit": "Ian Beer of Google Project Zero", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2018-4408", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209107", "https://support.apple.com/en-us/HT209108", "https://support.apple.com/en-us/HT209139", "https://support.apple.com/en-us/HT209193" ], "module": "IOHIDFamily", "rsr": "", "update": "August 1, 2019" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and macOS Mojave 10.14" ], "credit": "Sabri Haddouche (@pwnsdx) of Wire Swiss GmbH", "description": "A resource exhaustion issue was addressed with improved input validation.", "id": "CVE-2018-4409", "impact": "A malicious website may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT209192", "https://support.apple.com/en-us/HT209194", "https://support.apple.com/en-us/HT209196", "https://support.apple.com/en-us/HT209197", "https://support.apple.com/en-us/HT209198" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14" ], "credit": "an anonymous researcher working with Trend Micro's Zero Day Initiative", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2018-4410", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT209193" ], "module": "AppleGraphicsControl", "rsr": "", "update": "" }, { "available": [ "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6" ], "credit": "lilang wu moony Li of Trend Micro working with Trend Micro's Zero Day Initiative", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2018-4411", "impact": "A malicious application may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/HT209139", "https://support.apple.com/en-us/HT209193" ], "module": "ATS", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "Windows 7 and later", "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6" ], "credit": "The UK's National Cyber Security Centre (NCSC)", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2018-4412", "impact": "A malicious application may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209107", "https://support.apple.com/en-us/HT209108", "https://support.apple.com/en-us/HT209139", "https://support.apple.com/en-us/HT209140", "https://support.apple.com/en-us/HT209141", "https://support.apple.com/en-us/HT209193" ], "module": "CoreFoundation", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14" ], "credit": "Juwei Lin (@panicaII) of TrendMicro Mobile Security Team", "description": "A memory initialization issue was addressed with improved memory handling.", "id": "CVE-2018-4413", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT209192", "https://support.apple.com/en-us/HT209193", "https://support.apple.com/en-us/HT209194", "https://support.apple.com/en-us/HT209195" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "Windows 7 and later", "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "The UK's National Cyber Security Centre (NCSC)", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2018-4414", "impact": "An application may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209107", "https://support.apple.com/en-us/HT209108", "https://support.apple.com/en-us/HT209139", "https://support.apple.com/en-us/HT209140", "https://support.apple.com/en-us/HT209141" ], "module": "CoreFoundation", "rsr": "", "update": "October 30, 2018" }, { "available": [ "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14" ], "credit": "Liang Zhuo working with Beyond Security\u2019s SecuriTeam Secure Disclosure", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2018-4415", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT209193" ], "module": "CoreAnimation", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and macOS Mojave 10.14" ], "credit": "lokihardt of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2018-4416", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209192", "https://support.apple.com/en-us/HT209194", "https://support.apple.com/en-us/HT209195", "https://support.apple.com/en-us/HT209196", "https://support.apple.com/en-us/HT209197", "https://support.apple.com/en-us/HT209198" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)", "macOS High Sierra 10.13.6" ], "credit": "Lee of the Information Security Lab Yonsei University working with Trend Micro's Zero Day Initiative", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2018-4417", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT209139", "https://support.apple.com/en-us/HT209193" ], "module": "AppleGraphicsControl", "rsr": "", "update": "" }, { "available": [ "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)", "macOS High Sierra 10.13.6" ], "credit": "Yu Wang of Didi Research America", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2018-4418", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT209139", "https://support.apple.com/en-us/HT209193" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14" ], "credit": "Mohamed Ghannam (@_simo36)", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2018-4419", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT209192", "https://support.apple.com/en-us/HT209193", "https://support.apple.com/en-us/HT209194", "https://support.apple.com/en-us/HT209195" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14" ], "credit": "Mohamed Ghannam (@_simo36)", "description": "A memory corruption issue was addressed by removing the vulnerable code.", "id": "CVE-2018-4420", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT209192", "https://support.apple.com/en-us/HT209193", "https://support.apple.com/en-us/HT209194", "https://support.apple.com/en-us/HT209195" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6" ], "credit": "Tyler Bohan of Cisco Talos", "description": "A memory initialization issue was addressed with improved memory handling.", "id": "CVE-2018-4421", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT209193", "https://support.apple.com/en-us/HT209341" ], "module": "Intel Graphics Driver", "rsr": "", "update": "December 21, 2018" }, { "available": [ "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14" ], "credit": "an anonymous researcher working with Trend Micro's Zero Day Initiative", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2018-4422", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT209193" ], "module": "IOGraphics", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.6, macOS Mojave 10.14, macOS Sierra 10.12.6" ], "credit": "Youfu Zhang of Chaitin Security Research Lab (@ChaitinTech)", "description": "A logic issue was addressed with improved validation.", "id": "CVE-2018-4423", "impact": "A malicious application may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/HT209193" ], "module": "dyld", "rsr": "", "update": "November 16, 2018" }, { "available": [ "macOS Mojave 10.14" ], "credit": "Dr. Silvio Cesare of InfoSect", "description": "A buffer overflow was addressed with improved size validation.", "id": "CVE-2018-4424", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT209193" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14" ], "credit": "cc working with Trend Micro's Zero Day Initiative, Juwei Lin (@panicaII) of Trend Micro working with Trend Micro's Zero Day Initiative", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2018-4425", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209107", "https://support.apple.com/en-us/HT209108", "https://support.apple.com/en-us/HT209139", "https://support.apple.com/en-us/HT209193" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.6" ], "credit": "Brandon Azad", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2018-4426", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209107", "https://support.apple.com/en-us/HT209108", "https://support.apple.com/en-us/HT209139", "https://support.apple.com/en-us/HT209193" ], "module": "Grand Central Dispatch", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6" ], "credit": "Pangu Team", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2018-4427", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT209192", "https://support.apple.com/en-us/HT209341", "https://support.apple.com/en-us/HT209342", "https://support.apple.com/en-us/HT209343" ], "module": "Disk Images", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "videosdebarraquito", "description": "A lock screen issue allowed access to the share function on a locked device. This issue was addressed by restricting options offered on a locked device.", "id": "CVE-2018-4428", "impact": "A local attacker may be able to share items from the lock screen", "links": [ "https://support.apple.com/en-us/HT209340" ], "module": "VoiceOver", "rsr": "", "update": "January 22, 2019" }, { "available": [ "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Victor Le Pochat of imec-DistriNet, KU Leuven", "description": "A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation.", "id": "CVE-2018-4429", "impact": "Processing a maliciously crafted email may lead to user interface spoofing", "links": [ "https://support.apple.com/en-us/HT209340", "https://support.apple.com/en-us/HT209343" ], "module": "LinkPresentation", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "videosdebarraquito", "description": "A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management.", "id": "CVE-2018-4430", "impact": "A local attacker may be able to view contacts from the lock screen", "links": [ "https://support.apple.com/en-us/HT209340" ], "module": "FaceTime", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.6, macOS Mojave 10.14.1", "macOS Mojave 10.14.1, macOS High Sierra 10.13.6" ], "credit": "An independent security researcher has reported this vulnerability to Beyond Security\u2019s SecuriTeam Secure Disclosure program", "description": "A memory initialization issue was addressed with improved memory handling.", "id": "CVE-2018-4431", "impact": "A local user may be able to read kernel memory", "links": [ "https://support.apple.com/en-us/HT209340", "https://support.apple.com/en-us/HT209341", "https://support.apple.com/en-us/HT209342", "https://support.apple.com/en-us/HT209343" ], "module": "Kernel", "rsr": "", "update": "June 24, 2019" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Vitaly Cheptsov", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2018-4433", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209107", "https://support.apple.com/en-us/HT209108", "https://support.apple.com/en-us/HT209139" ], "module": "Bluetooth", "rsr": "", "update": "October 23, 2018" }, { "available": [ "macOS Mojave 10.14.1" ], "credit": "Zhuo Liang of Qihoo 360 Nirvan Team", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2018-4434", "impact": "A local user may be able to cause unexpected system termination or read kernel memory", "links": [ "https://support.apple.com/en-us/HT209341" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS Mojave 10.14.1, macOS High Sierra 10.13.6" ], "credit": "Jann Horn of Google Project Zero, Juwei Lin(@panicaII) and Junzhi Lu of TrendMicro Mobile Security Team working with Trend Micro's Zero Day Initiative", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2018-4435", "impact": "A malicious application may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/HT209340", "https://support.apple.com/en-us/HT209341", "https://support.apple.com/en-us/HT209342", "https://support.apple.com/en-us/HT209343" ], "module": "Kernel", "rsr": "", "update": "December 18, 2018" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "James Seeley @Code4iOS, Joseph S. of JJS Securities", "description": "A certificate validation issue existed in configuration profiles. This was addressed with additional checks.", "id": "CVE-2018-4436", "impact": "An untrusted configuration profile may be incorrectly displayed as verified", "links": [ "https://support.apple.com/en-us/HT209340", "https://support.apple.com/en-us/HT209342", "https://support.apple.com/en-us/HT209343" ], "module": "Profiles", "rsr": "", "update": "December 18, 2018" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and macOS Mojave 10.14.1" ], "credit": "HyungSeok Han, DongHyeon Oh, and Sang Kil Cha of KAIST Softsec Lab, Korea", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2018-4437", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209340", "https://support.apple.com/en-us/HT209342", "https://support.apple.com/en-us/HT209343", "https://support.apple.com/en-us/HT209344", "https://support.apple.com/en-us/HT209345", "https://support.apple.com/en-us/HT209346" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and macOS Mojave 10.14.1" ], "credit": "lokihardt of Google Project Zero, Qixun Zhao of Qihoo 360 Vulcan Team", "description": "A logic issue existed resulting in memory corruption. This was addressed with improved state management.", "id": "CVE-2018-4438", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209340", "https://support.apple.com/en-us/HT209342", "https://support.apple.com/en-us/HT209343", "https://support.apple.com/en-us/HT209344", "https://support.apple.com/en-us/HT209345", "https://support.apple.com/en-us/HT209346" ], "module": "WebKit", "rsr": "", "update": "January 22, 2019" }, { "available": [ "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and macOS Mojave 10.14.1" ], "credit": "xisigr of Tencent's Xuanwu Lab (tencent.com)", "description": "A logic issue was addressed with improved validation.", "id": "CVE-2018-4439", "impact": "Visiting a malicious website may lead to user interface spoofing", "links": [ "https://support.apple.com/en-us/HT209340", "https://support.apple.com/en-us/HT209344", "https://support.apple.com/en-us/HT209345", "https://support.apple.com/en-us/HT209346" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and macOS Mojave 10.14.1" ], "credit": "Wenxu Wu of Tencent Security Xuanwu Lab (xlab.tencent.com)", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2018-4440", "impact": "Visiting a malicious website may lead to address bar spoofing", "links": [ "https://support.apple.com/en-us/HT209340", "https://support.apple.com/en-us/HT209344", "https://support.apple.com/en-us/HT209345", "https://support.apple.com/en-us/HT209346" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and macOS Mojave 10.14.1" ], "credit": "lokihardt of Google Project Zero", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2018-4441", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209340", "https://support.apple.com/en-us/HT209342", "https://support.apple.com/en-us/HT209343", "https://support.apple.com/en-us/HT209344", "https://support.apple.com/en-us/HT209345", "https://support.apple.com/en-us/HT209346" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and macOS Mojave 10.14.1" ], "credit": "lokihardt of Google Project Zero", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2018-4442", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209340", "https://support.apple.com/en-us/HT209342", "https://support.apple.com/en-us/HT209343", "https://support.apple.com/en-us/HT209344", "https://support.apple.com/en-us/HT209345", "https://support.apple.com/en-us/HT209346" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and macOS Mojave 10.14.1" ], "credit": "lokihardt of Google Project Zero", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2018-4443", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209340", "https://support.apple.com/en-us/HT209342", "https://support.apple.com/en-us/HT209343", "https://support.apple.com/en-us/HT209344", "https://support.apple.com/en-us/HT209345", "https://support.apple.com/en-us/HT209346" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and macOS Mojave 10.14.1" ], "credit": "James Lee (@Windowsrcer) of S2SWWW.com", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2018-4444", "impact": "Processing maliciously crafted web content may disclose sensitive user information", "links": [ "https://support.apple.com/en-us/HT209340", "https://support.apple.com/en-us/HT209342", "https://support.apple.com/en-us/HT209344", "https://support.apple.com/en-us/HT209345" ], "module": "WebKit", "rsr": "", "update": "April 3, 2019, updated September 17, 2019" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and macOS Mojave 10.14.1" ], "credit": "William Breuer", "description": "\"Clear History and Website Data\" did not clear the history. The issue was addressed with improved data deletion.", "id": "CVE-2018-4445", "impact": "A user may be unable to fully delete browsing history", "links": [ "https://support.apple.com/en-us/HT209340", "https://support.apple.com/en-us/HT209344" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Luke Deshotels, Jordan Beichler, and William Enck of North Carolina State", "description": "This issue was addressed with improved entitlements.", "id": "CVE-2018-4446", "impact": "A malicious application may be able to learn information about the presence of other applications on the device", "links": [ "https://support.apple.com/en-us/HT209340" ], "module": "File Provider", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS Mojave 10.14.1, macOS High Sierra 10.13.6" ], "credit": "Juwei Lin(@panicaII) and Zhengyu Dong of TrendMicro Mobile Security Team working with Trend Micro's Zero Day Initiative", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2018-4447", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT209340", "https://support.apple.com/en-us/HT209341", "https://support.apple.com/en-us/HT209342", "https://support.apple.com/en-us/HT209343" ], "module": "Kernel", "rsr": "", "update": "December 18, 2018" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.1, macOS High Sierra 10.13.6" ], "credit": "Brandon Azad", "description": "A memory initialization issue was addressed with improved memory handling.", "id": "CVE-2018-4448", "impact": "A local user may be able to read kernel memory", "links": [ "https://support.apple.com/en-us/HT209340", "https://support.apple.com/en-us/HT209341", "https://support.apple.com/en-us/HT209342", "https://support.apple.com/en-us/HT209343" ], "module": "Kernel", "rsr": "", "update": "June 24, 2019" }, { "available": [ "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.1" ], "credit": "Hanqing Zhao, Yufeng Ruan and Kun Yang of Chaitin Security Research Lab", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2018-4449", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT209341" ], "module": "WindowServer", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.1" ], "credit": "Hanqing Zhao, Yufeng Ruan and Kun Yang of Chaitin Security Research Lab", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2018-4450", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT209341" ], "module": "WindowServer", "rsr": "", "update": "" }, { "available": [ "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)" ], "credit": "Tyler Bohan of Cisco Talos", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2018-4451", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT209139" ], "module": "Bluetooth", "rsr": "", "update": "October 23, 2018" }, { "available": [ "macOS Mojave 10.14.1" ], "credit": "Liu Long of Qihoo 360 Vulcan Team", "description": "A memory consumption issue was addressed with improved memory handling.", "id": "CVE-2018-4452", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT209341" ], "module": "Intel Graphics Driver", "rsr": "", "update": "January 22, 2019" }, { "available": [ "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)", "macOS High Sierra 10.13.5", "macOS Sierra 10.12.6" ], "credit": "Tyler Bohan of Cisco Talos", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2018-4456", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT208937", "https://support.apple.com/en-us/HT209139", "https://support.apple.com/en-us/HT209341" ], "module": "Intel Graphics Driver", "rsr": "", "update": "December 21, 2018, updated January 22, 2019" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.1" ], "credit": "Kevin Backhouse of Semmle Security Research Team", "description": "A denial of service issue was addressed by removing the vulnerable code.", "id": "CVE-2018-4460", "impact": "An attacker in a privileged position may be able to perform a denial of service attack", "links": [ "https://support.apple.com/en-us/HT209340", "https://support.apple.com/en-us/HT209341", "https://support.apple.com/en-us/HT209342", "https://support.apple.com/en-us/HT209343" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.1" ], "credit": "Ian Beer of Google Project Zero", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2018-4461", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT209340", "https://support.apple.com/en-us/HT209341", "https://support.apple.com/en-us/HT209342", "https://support.apple.com/en-us/HT209343" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.6, macOS Mojave 10.14.1, macOS High Sierra 10.13.6" ], "credit": "cocoahuke, Lilang Wu and Moony Li of TrendMicro Mobile Security Research Team working with Trend Micro's Zero Day Initiative", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2018-4462", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT209341" ], "module": "AMD", "rsr": "", "update": "December 21, 2018" }, { "available": [ "macOS Mojave 10.14.1" ], "credit": "Maksymilian Arciemowicz (cxsecurity.com)", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2018-4463", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT209341" ], "module": "Carbon Core", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and macOS Mojave 10.14.1" ], "credit": "HyungSeok Han, DongHyeon Oh, and Sang Kil Cha of KAIST Softsec Lab, Korea", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2018-4464", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209340", "https://support.apple.com/en-us/HT209342", "https://support.apple.com/en-us/HT209343", "https://support.apple.com/en-us/HT209344", "https://support.apple.com/en-us/HT209345", "https://support.apple.com/en-us/HT209346" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.1" ], "credit": "Pangu Team", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2018-4465", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT209340", "https://support.apple.com/en-us/HT209341" ], "module": "Disk Images", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.1" ], "credit": "Martim Carbone, David Vernet, Sam Scalise, and Fred Jacobs of the Virtual Machine Monitor Group of VMware, Inc.", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2018-4467", "impact": "A malicious application may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/HT209341" ], "module": "Hypervisor", "rsr": "", "update": "January 22, 2019" }, { "available": [ "macOS Mojave 10.14" ], "credit": "Jeff Johnson of underpassapp.com", "description": "This issue was addressed by removing additional entitlements.", "id": "CVE-2018-4468", "impact": "A malicious application may be able to access restricted files", "links": [ "https://support.apple.com/en-us/HT209193" ], "module": "Automator", "rsr": "", "update": "February 15, 2019" }, { "available": [ "macOS High Sierra 10.13.5" ], "credit": "Jacob Greenfield of Commonwealth School", "description": "A privacy issue in the handling of Open Directory records was addressed with improved indexing.", "id": "CVE-2018-4470", "impact": "A malicious application may be able to access local users AppleIDs", "links": [ "https://support.apple.com/en-us/HT208937" ], "module": "Accounts", "rsr": "", "update": "December 10, 2018" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14" ], "credit": "found by OSS-Fuzz", "description": "A memory consumption issue was addressed with improved memory handling.", "id": "CVE-2018-4474", "impact": "Unexpected interaction causes an ASSERT failure", "links": [ "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209107", "https://support.apple.com/en-us/HT209108", "https://support.apple.com/en-us/HT209109", "https://support.apple.com/en-us/HT209140", "https://support.apple.com/en-us/HT209141" ], "module": "WebKit", "rsr": "", "update": "January 22, 2019" }, { "available": [ "macOS High Sierra 10.13.4" ], "credit": "an anonymous researcher, an anonymous researcher, Ben Erickson of Trusted Computer Consulting, LLC", "description": "A validation issue was addressed with improved logic.", "id": "CVE-2018-4478", "impact": "An attacker with physical access to a device may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/HT208849" ], "module": "EFI", "rsr": "", "update": "February 15, 2019" }, { "available": [ "Apple TV (4th generation)", "Apple TV 4K", "MacBook Pro (15-inch, 2018) and MacBook Pro (13-inch, 2018, Four Thunderbolt 3 Ports)", "MacBook Pro (Retina, 15-inch, Mid 2015), MacBook Pro (Retina, 15-inch, 2015), MacBook Pro (Retina, 13-inch, Early 2015), MacBook Pro (15-inch, 2017), MacBook Pro (15-inch, 2016), MacBook Pro (13-inch, Late 2016, Two Thunderbolt 3 Ports), MacBook Pro (13-inch, Late 2016, Four Thunderbolt 3 Ports), MacBook Pro (13-inch, 2017, Four Thunderbolt 3 Ports), MacBook (Retina, 12-inch, Early 2016), MacBook (Retina, 12-inch, Early 2015), MacBook (Retina, 12-inch, 2017), iMac Pro, iMac (Retina 5K, 27-inch, Late 2015), iMac (Retina 5K, 27-inch, 2017), iMac (Retina 4K, 21.5-inch, Late 2015), iMac (Retina 4K, 21.5-inch, 2017), iMac (21.5-inch, Late 2015), and iMac (21.5-inch, 2017)", "Not impacted: Apple Watch Series 3", "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)", "iPhone SE, iPhone 6s, iPhone 6s Plus, iPhone 7, iPhone 7 Plus, iPad Mini 4, 12.9-inch iPad Pro 1st generation, 12.9-inch iPad Pro 2nd generation, 10.5-inch iPad Pro, 9.7-inch iPad Pro, iPad 5th generation, and iPod Touch 6th generation", "iPhone X, iPhone 8, iPhone 8 Plus, iPad 6th generation, and iPad Air 2" ], "credit": "Lior Neumann and Eli Biham", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2018-5383", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT208848", "https://support.apple.com/en-us/HT208849", "https://support.apple.com/en-us/HT208850", "https://support.apple.com/en-us/HT208851", "https://support.apple.com/en-us/HT208937", "https://support.apple.com/en-us/HT209106", "https://support.apple.com/en-us/HT209107", "https://support.apple.com/en-us/HT209139" ], "module": "Bluetooth", "rsr": "", "update": "October 23, 2018" }, { "available": [ "macOS High Sierra 10.13.5", "macOS Sierra 10.12.6" ], "credit": "Brian Carpenter", "description": "Multiple issues in Perl were addressed with improved memory handling.", "id": "CVE-2018-6797", "impact": "Multiple buffer overflow issues existed in Perl", "links": [ "https://support.apple.com/en-us/HT208937", "https://support.apple.com/en-us/HT209193" ], "module": "Perl", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.5" ], "credit": "GwanYeong Kim", "description": "Multiple issues in Perl were addressed with improved memory handling.", "id": "CVE-2018-6913", "impact": "Multiple buffer overflow issues existed in Perl", "links": [ "https://support.apple.com/en-us/HT208937" ], "module": "Perl", "rsr": "", "update": "October 30, 2018" }, { "available": [ "macOS High Sierra 10.13.5", "macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues in Ruby were addressed in this update.", "id": "CVE-2018-6914", "impact": "A remote attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208937", "https://support.apple.com/en-us/HT209193" ], "module": "Ruby", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.4" ], "credit": "Wei Lei and Liu Yang of Nanyang Technological University", "description": "This issue was addressed by updating to php version 7.1.16.", "id": "CVE-2018-7584", "impact": "Issues in php were addressed in this update", "links": [ "https://support.apple.com/en-us/HT208849" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.5", "macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues in Ruby were addressed in this update.", "id": "CVE-2018-8777", "impact": "A remote attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208937", "https://support.apple.com/en-us/HT209193" ], "module": "Ruby", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.5", "macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues in Ruby were addressed in this update.", "id": "CVE-2018-8778", "impact": "A remote attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208937", "https://support.apple.com/en-us/HT209193" ], "module": "Ruby", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.5", "macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues in Ruby were addressed in this update.", "id": "CVE-2018-8779", "impact": "A remote attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208937", "https://support.apple.com/en-us/HT209193" ], "module": "Ruby", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.5", "macOS Sierra 10.12.6" ], "credit": "", "description": "Multiple issues in Ruby were addressed in this update.", "id": "CVE-2018-8780", "impact": "A remote attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT208937", "https://support.apple.com/en-us/HT209193" ], "module": "Ruby", "rsr": "", "update": "" }, { "available": [ "OS X El Capitan 10.11.6, macOS Sierra 10.12.6", "macOS High Sierra 10.13.4" ], "credit": "Andy Lutomirski, Nick Peterson (linkedin.com/in/everdox) of Everdox Tech LLC", "description": "In some circumstances, some operating systems may not expect or properly handle an Intel architecture debug exception after certain instructions. The issue appears to be from an undocumented side effect of the instructions. An attacker might utilize this exception handling to gain access to Ring 0 and access sensitive memory or control operating system processes.", "id": "CVE-2018-8897", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT208742", "https://support.apple.com/en-us/HT208849" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012), iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012), Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)" ], "credit": "Arun Sharma of VMWare", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2019-8643", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT209139" ], "module": "Bluetooth", "rsr": "", "update": "October 23, 2018" } ] ================================================ FILE: 2018/README.md ================================================ # Apple CVE 2018 * data source: https://support.apple.com/en-us/HT201222 * [2018.json](2018.json) ## Modules | Index | Module Name | CVE Count | |:-----:|:------------------ |:---------:| | 1 | WebKit | 97 | | 2 | Kernel | 40 | | 3 | Bluetooth | 31 | | 4 | Safari | 13 | | 5 | Ruby | 11 | | 6 | Security | 10 | | 7 | Intel Graphics Driver | 10 | | 8 | CUPS | 7 | | 9 | Wi-Fi | 6 | | 10 | AMD | 6 | | 11 | EFI | 5 | | 12 | Mail | 5 | | 13 | ATS | 5 | | 14 | Messages | 5 | | 15 | Notes | 4 | | 16 | Core Bluetooth | 4 | | 17 | CoreFoundation | 4 | | 18 | libxpc | 4 | | 19 | Hypervisor | 3 | | 20 | IOHIDFamily | 3 | | 21 | CoreText | 3 | | 22 | WindowServer | 3 | | 23 | Disk Images | 3 | | 24 | LinkPresentation | 3 | | 25 | IOGraphics | 3 | | 26 | AppleGraphicsControl | 3 | | 27 | IOKit | 3 | | 28 | FaceTime | 3 | | 29 | VoiceOver | 3 | | 30 | APR | 2 | | 31 | CPU | 2 | | 32 | WebKit Page Loading | 2 | | 33 | curl | 2 | | 34 | Git | 2 | | 35 | Contacts | 2 | | 36 | APFS | 2 | | 37 | CFNetwork | 2 | | 38 | NVIDIA Graphics Drivers | 2 | | 39 | Telephony | 2 | | 40 | SafariViewController | 2 | | 41 | Quick Look | 2 | | 42 | LLVM | 2 | | 43 | Status Bar | 2 | | 44 | Grand Central Dispatch | 2 | | 45 | Siri | 2 | | 46 | CoreCrypto | 2 | | 47 | Accounts | 2 | | 48 | Safari Reader | 2 | | 49 | Perl | 2 | | 50 | CoreTypes | 1 | | 51 | SIP | 1 | | 52 | libxml2 | 1 | | 53 | Microcode | 1 | | 54 | Touch Bar Support | 1 | | 55 | QuartzCore | 1 | | 56 | Sandbox | 1 | | 57 | Audio | 1 | | 58 | Terminal | 1 | | 59 | PDFKit | 1 | | 60 | Disk Management | 1 | | 61 | Graphics Driver | 1 | | 62 | Web App | 1 | | 63 | System Preferences | 1 | | 64 | Clock | 1 | | 65 | IOFireWireFamily | 1 | | 66 | Safari Login AutoFill | 1 | | 67 | kext tools | 1 | | 68 | iCloud Drive | 1 | | 69 | Storage | 1 | | 70 | PluginKit | 1 | | 71 | Graphics Drivers | 1 | | 72 | CFNetwork Session | 1 | | 73 | File System Events | 1 | | 74 | Files Widget | 1 | | 75 | Admin Framework | 1 | | 76 | Find My iPhone | 1 | | 77 | LaunchServices | 1 | | 78 | Apple TV App | 1 | | 79 | DesktopServices | 1 | | 80 | Local Authentication | 1 | | 81 | Speech | 1 | | 82 | Safari Downloads | 1 | | 83 | Windows Server | 1 | | 84 | CoreGraphics | 1 | | 85 | Accessibility Framework | 1 | | 86 | UIKit | 1 | | 87 | iBooks | 1 | | 88 | Symptom Framework | 1 | | 89 | Crash Reporter | 1 | | 90 | FontParser | 1 | | 91 | Phone | 1 | | 92 | Identity Services | 1 | | 93 | Swift for Ubuntu | 1 | | 94 | IOFireWireAVC | 1 | | 95 | Magnifier | 1 | | 96 | Siri Contacts | 1 | | 97 | Firmware | 1 | | 98 | AppleGraphicsPowerManagement | 1 | | 99 | SwiftNIO | 1 | | 100 | Emoji | 1 | | 101 | afpserver | 1 | | 102 | Remote Management | 1 | | 103 | Airport | 1 | | 104 | Foundation | 1 | | 105 | iTunes Store | 1 | | 106 | MediaRemote | 1 | | 107 | mDNSOffloadUserClient | 1 | | 108 | Heimdal | 1 | | 109 | IOMobileFrameBuffer | 1 | | 110 | Dictionary | 1 | | 111 | Login Window | 1 | | 112 | CoreMedia | 1 | | 113 | NetworkExtension | 1 | | 114 | IPSec | 1 | | 115 | AppleAVD | 1 | | 116 | Spotlight | 1 | | 117 | ICU | 1 | | 118 | Analytics | 1 | | 119 | IOUserEthernet | 1 | | 120 | Dock | 1 | | 121 | CoreAnimation | 1 | | 122 | dyld | 1 | | 123 | Profiles | 1 | | 124 | File Provider | 1 | | 125 | Carbon Core | 1 | | 126 | Automator | 1 | | 127 | apache_mod_php | 1 | ================================================ FILE: 2019/2019.json ================================================ [ { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15" ], "credit": "", "description": "Multiple issues were addressed by updating to OpenLDAP version 2.4.28.", "id": "CVE-2012-1164", "impact": "Multiple issues in OpenLDAP", "links": [ "https://support.apple.com/en-us/HT210788" ], "module": "OpenLDAP", "rsr": "", "update": "February 3, 2020" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15" ], "credit": "", "description": "Multiple issues were addressed by updating to OpenLDAP version 2.4.28.", "id": "CVE-2012-2668", "impact": "Multiple issues in OpenLDAP", "links": [ "https://support.apple.com/en-us/HT210788" ], "module": "OpenLDAP", "rsr": "", "update": "February 3, 2020" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15" ], "credit": "", "description": "Multiple issues were addressed by updating to OpenLDAP version 2.4.28.", "id": "CVE-2013-4449", "impact": "Multiple issues in OpenLDAP", "links": [ "https://support.apple.com/en-us/HT210788" ], "module": "OpenLDAP", "rsr": "", "update": "February 3, 2020" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15" ], "credit": "", "description": "Multiple issues were addressed by updating to OpenLDAP version 2.4.28.", "id": "CVE-2015-1545", "impact": "Multiple issues in OpenLDAP", "links": [ "https://support.apple.com/en-us/HT210788" ], "module": "OpenLDAP", "rsr": "", "update": "February 3, 2020" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "Ben Seri and Gregory Vishnepolsky of Armis", "description": "An input validation issue existed in Bluetooth. This issue was addressed with improved input validation.", "id": "CVE-2017-14315", "impact": "A remote attacker may cause an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210121" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15" ], "credit": "", "description": "Multiple issues were addressed by updating to tcpdump version 4.9.3 and libpcap version 1.9.1", "id": "CVE-2017-16808", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT210788" ], "module": "tcpdump", "rsr": "", "update": "February 11, 2020" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "Gal Beniamini of Google Project Zero", "description": "A stack buffer overflow was addressed through improved input validation.", "id": "CVE-2017-6975", "impact": "An attacker within range may be able to execute arbitrary code on the Wi-Fi chip", "links": [ "https://support.apple.com/en-us/HT210121" ], "module": "Wi-Fi", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Catalina 10.15" ], "credit": "Oliver Paukstadt of Thinking Objects GmbH (to.com)", "description": "An inconsistent user interface issue was addressed with improved state management.", "id": "CVE-2017-7152", "impact": "Processing a maliciously contact may lead to UI spoofing", "links": [ "https://support.apple.com/en-us/HT210721", "https://support.apple.com/en-us/HT210722", "https://support.apple.com/en-us/HT210724" ], "module": "Contacts", "rsr": "", "update": "" }, { "available": [ "Apple TV (3rd generation)" ], "credit": "Nitay Artenstein of Exodus Intelligence", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2017-9417", "impact": "An attacker within range may be able to execute arbitrary code on the Wi-Fi chip", "links": [ "https://support.apple.com/en-us/HT210121" ], "module": "Wi-Fi", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15" ], "credit": "", "description": "Multiple issues were addressed by updating to tcpdump version 4.9.3 and libpcap version 1.9.1", "id": "CVE-2018-10103", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT210788" ], "module": "tcpdump", "rsr": "", "update": "February 11, 2020" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15" ], "credit": "", "description": "Multiple issues were addressed by updating to tcpdump version 4.9.3 and libpcap version 1.9.1", "id": "CVE-2018-10105", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT210788" ], "module": "tcpdump", "rsr": "", "update": "February 11, 2020" }, { "available": [ "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.3" ], "credit": "Jakub Wilk", "description": "Multiple issues in Perl were addressed in this update.", "id": "CVE-2018-12015", "impact": "Multiple issues in Perl", "links": [ "https://support.apple.com/en-us/HT209600" ], "module": "Perl", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.4" ], "credit": "Ke Sun, Henrique Kawakami, Kekai Hu, and Rodrigo Branco from Intel; Lei Shi - Qihoo 360 CERT; Marina Minkin; Daniel Genkin from University of Michigan; and Yuval Yarom from University of Adelaide", "description": "Multiple information disclosure issues were addressed partially by updating the microcode and changing the OS scheduler to isolate the system from web content running in the browser. To completely address these issues, there are additional opt-in mitigations to disable hyper threading and enable microcode-based mitigations for all processes by default. Details of the mitigations can be found at https://support.apple.com/kb/HT210107.", "id": "CVE-2018-12126", "impact": "Load ports, fill buffers, and store buffers in systems with microprocessors utilizing speculative execution may allow an attacker with local user access to potentially enable information disclosure via a side channel", "links": [ "https://support.apple.com/en-us/HT210119" ], "module": "Microcode", "rsr": "", "update": "May 14, 2019" }, { "available": [ "macOS Mojave 10.14.4" ], "credit": "Brandon Falk from Microsoft Windows Platform Security Team; and Ke Sun, Henrique Kawakami, Kekai Hu, and Rodrigo Branco from Intel", "description": "Multiple information disclosure issues were addressed partially by updating the microcode and changing the OS scheduler to isolate the system from web content running in the browser. To completely address these issues, there are additional opt-in mitigations to disable hyper threading and enable microcode-based mitigations for all processes by default. Details of the mitigations can be found at https://support.apple.com/kb/HT210107.", "id": "CVE-2018-12127", "impact": "Load ports, fill buffers, and store buffers in systems with microprocessors utilizing speculative execution may allow an attacker with local user access to potentially enable information disclosure via a side channel", "links": [ "https://support.apple.com/en-us/HT210119" ], "module": "Microcode", "rsr": "", "update": "May 14, 2019" }, { "available": [ "macOS Mojave 10.14.4" ], "credit": "Giorgi Maisuradze from Microsoft Research; Ke Sun, Henrique Kawakami, Kekai Hu, and Rodrigo Branco from Intel; Moritz Lipp, Michael Schwarz, and Daniel Gruss from Graz University of Technology; Stephan van Schaik, Alyssa Milburn, Sebastian Osterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, and Cristiano Giuffrida from VUSec group at VU Amsterdam; Volodymyr Pikhur; and Dan Horea Lutas from BitDefender", "description": "Multiple information disclosure issues were addressed partially by updating the microcode and changing the OS scheduler to isolate the system from web content running in the browser. To completely address these issues, there are additional opt-in mitigations to disable hyper threading and enable microcode-based mitigations for all processes by default. Details of the mitigations can be found at https://support.apple.com/kb/HT210107.", "id": "CVE-2018-12130", "impact": "Load ports, fill buffers, and store buffers in systems with microprocessors utilizing speculative execution may allow an attacker with local user access to potentially enable information disclosure via a side channel", "links": [ "https://support.apple.com/en-us/HT210119" ], "module": "Microcode", "rsr": "", "update": "May 14, 2019" }, { "available": [ "MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later)", "macOS High Sierra 10.13.6, macOS Mojave 10.14.6" ], "credit": "Piotr Bania of Cisco Talos", "description": "Multiple memory corruption issues were addressed with improved input validation.", "id": "CVE-2018-12152", "impact": "Processing a malicious shader may result in unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210634", "https://support.apple.com/en-us/HT210722" ], "module": "Graphics", "rsr": "", "update": "" }, { "available": [ "MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later)", "macOS High Sierra 10.13.6, macOS Mojave 10.14.6" ], "credit": "Piotr Bania of Cisco Talos", "description": "Multiple memory corruption issues were addressed with improved input validation.", "id": "CVE-2018-12153", "impact": "Processing a malicious shader may result in unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210634", "https://support.apple.com/en-us/HT210722" ], "module": "Graphics", "rsr": "", "update": "" }, { "available": [ "MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later)", "macOS High Sierra 10.13.6, macOS Mojave 10.14.6" ], "credit": "Piotr Bania of Cisco Talos", "description": "Multiple memory corruption issues were addressed with improved input validation.", "id": "CVE-2018-12154", "impact": "Processing a malicious shader may result in unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210634", "https://support.apple.com/en-us/HT210722" ], "module": "Graphics", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15" ], "credit": "", "description": "Multiple issues were addressed by updating to tcpdump version 4.9.3 and libpcap version 1.9.1", "id": "CVE-2018-14461", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT210788" ], "module": "tcpdump", "rsr": "", "update": "February 11, 2020" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15" ], "credit": "", "description": "Multiple issues were addressed by updating to tcpdump version 4.9.3 and libpcap version 1.9.1", "id": "CVE-2018-14462", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT210788" ], "module": "tcpdump", "rsr": "", "update": "February 11, 2020" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15" ], "credit": "", "description": "Multiple issues were addressed by updating to tcpdump version 4.9.3 and libpcap version 1.9.1", "id": "CVE-2018-14463", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT210788" ], "module": "tcpdump", "rsr": "", "update": "February 11, 2020" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15" ], "credit": "", "description": "Multiple issues were addressed by updating to tcpdump version 4.9.3 and libpcap version 1.9.1", "id": "CVE-2018-14464", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT210788" ], "module": "tcpdump", "rsr": "", "update": "February 11, 2020" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15" ], "credit": "", "description": "Multiple issues were addressed by updating to tcpdump version 4.9.3 and libpcap version 1.9.1", "id": "CVE-2018-14465", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT210788" ], "module": "tcpdump", "rsr": "", "update": "February 11, 2020" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15" ], "credit": "", "description": "Multiple issues were addressed by updating to tcpdump version 4.9.3 and libpcap version 1.9.1", "id": "CVE-2018-14466", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT210788" ], "module": "tcpdump", "rsr": "", "update": "February 11, 2020" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15" ], "credit": "", "description": "Multiple issues were addressed by updating to tcpdump version 4.9.3 and libpcap version 1.9.1", "id": "CVE-2018-14467", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT210788" ], "module": "tcpdump", "rsr": "", "update": "February 11, 2020" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15" ], "credit": "", "description": "Multiple issues were addressed by updating to tcpdump version 4.9.3 and libpcap version 1.9.1", "id": "CVE-2018-14468", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT210788" ], "module": "tcpdump", "rsr": "", "update": "February 11, 2020" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15" ], "credit": "", "description": "Multiple issues were addressed by updating to tcpdump version 4.9.3 and libpcap version 1.9.1", "id": "CVE-2018-14469", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT210788" ], "module": "tcpdump", "rsr": "", "update": "February 11, 2020" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15" ], "credit": "", "description": "Multiple issues were addressed by updating to tcpdump version 4.9.3 and libpcap version 1.9.1", "id": "CVE-2018-14470", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT210788" ], "module": "tcpdump", "rsr": "", "update": "February 11, 2020" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15" ], "credit": "", "description": "Multiple issues were addressed by updating to tcpdump version 4.9.3 and libpcap version 1.9.1", "id": "CVE-2018-14879", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT210788" ], "module": "tcpdump", "rsr": "", "update": "February 11, 2020" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15" ], "credit": "", "description": "Multiple issues were addressed by updating to tcpdump version 4.9.3 and libpcap version 1.9.1", "id": "CVE-2018-14880", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT210788" ], "module": "tcpdump", "rsr": "", "update": "February 11, 2020" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15" ], "credit": "", "description": "Multiple issues were addressed by updating to tcpdump version 4.9.3 and libpcap version 1.9.1", "id": "CVE-2018-14881", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT210788" ], "module": "tcpdump", "rsr": "", "update": "February 11, 2020" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15" ], "credit": "", "description": "Multiple issues were addressed by updating to tcpdump version 4.9.3 and libpcap version 1.9.1", "id": "CVE-2018-14882", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT210788" ], "module": "tcpdump", "rsr": "", "update": "February 11, 2020" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15" ], "credit": "", "description": "Multiple issues were addressed by updating to tcpdump version 4.9.3 and libpcap version 1.9.1", "id": "CVE-2018-16227", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT210788" ], "module": "tcpdump", "rsr": "", "update": "February 11, 2020" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15" ], "credit": "", "description": "Multiple issues were addressed by updating to tcpdump version 4.9.3 and libpcap version 1.9.1", "id": "CVE-2018-16228", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT210788" ], "module": "tcpdump", "rsr": "", "update": "February 11, 2020" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15" ], "credit": "", "description": "Multiple issues were addressed by updating to tcpdump version 4.9.3 and libpcap version 1.9.1", "id": "CVE-2018-16229", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT210788" ], "module": "tcpdump", "rsr": "", "update": "February 11, 2020" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15" ], "credit": "", "description": "Multiple issues were addressed by updating to tcpdump version 4.9.3 and libpcap version 1.9.1", "id": "CVE-2018-16230", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT210788" ], "module": "tcpdump", "rsr": "", "update": "February 11, 2020" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15" ], "credit": "", "description": "Multiple issues were addressed by updating to tcpdump version 4.9.3 and libpcap version 1.9.1", "id": "CVE-2018-16300", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT210788" ], "module": "tcpdump", "rsr": "", "update": "February 11, 2020" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15" ], "credit": "", "description": "Multiple issues were addressed by updating to tcpdump version 4.9.3 and libpcap version 1.9.1", "id": "CVE-2018-16301", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT210788" ], "module": "tcpdump", "rsr": "", "update": "February 11, 2020" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15" ], "credit": "", "description": "Multiple issues were addressed by updating to tcpdump version 4.9.3 and libpcap version 1.9.1", "id": "CVE-2018-16451", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT210788" ], "module": "tcpdump", "rsr": "", "update": "February 11, 2020" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15" ], "credit": "", "description": "Multiple issues were addressed by updating to tcpdump version 4.9.3 and libpcap version 1.9.1", "id": "CVE-2018-16452", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT210788" ], "module": "tcpdump", "rsr": "", "update": "February 11, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.5" ], "credit": "Isaac Boukris and Andrew Bartlett of the Samba Team and Catalyst", "description": "This issue was addressed with improved checks to prevent unauthorized actions.", "id": "CVE-2018-16860", "impact": "An issue existed in Samba that may allow attackers to perform unauthorized actions by intercepting communications between services", "links": [ "https://support.apple.com/en-us/HT210346", "https://support.apple.com/en-us/HT210348", "https://support.apple.com/en-us/HT210351", "https://support.apple.com/en-us/HT210353" ], "module": "Heimdal", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.3" ], "credit": "Jayakrishna Menon", "description": "Multiple issues in Perl were addressed in this update.", "id": "CVE-2018-18311", "impact": "Multiple issues in Perl", "links": [ "https://support.apple.com/en-us/HT209600" ], "module": "Perl", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.3" ], "credit": "Eiichi Tsukata", "description": "Multiple issues in Perl were addressed in this update.", "id": "CVE-2018-18313", "impact": "Multiple issues in Perl", "links": [ "https://support.apple.com/en-us/HT209600" ], "module": "Perl", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.5" ], "credit": "", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2018-19860", "impact": "A remote attacker may be able to cause arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210348" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.2" ], "credit": "Tencent Blade Team", "description": "Multiple memory corruption issues were addressed with improved input validation.", "id": "CVE-2018-20346", "impact": "A maliciously crafted SQL query may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209443", "https://support.apple.com/en-us/HT209446", "https://support.apple.com/en-us/HT209447", "https://support.apple.com/en-us/HT209448", "https://support.apple.com/en-us/HT209450", "https://support.apple.com/en-us/HT209451" ], "module": "SQLite", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.2" ], "credit": "Tencent Blade Team", "description": "Multiple memory corruption issues were addressed with improved input validation.", "id": "CVE-2018-20505", "impact": "A maliciously crafted SQL query may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209443", "https://support.apple.com/en-us/HT209446", "https://support.apple.com/en-us/HT209447", "https://support.apple.com/en-us/HT209448", "https://support.apple.com/en-us/HT209450", "https://support.apple.com/en-us/HT209451" ], "module": "SQLite", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.2" ], "credit": "Tencent Blade Team", "description": "Multiple memory corruption issues were addressed with improved input validation.", "id": "CVE-2018-20506", "impact": "A maliciously crafted SQL query may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209443", "https://support.apple.com/en-us/HT209446", "https://support.apple.com/en-us/HT209447", "https://support.apple.com/en-us/HT209448", "https://support.apple.com/en-us/HT209450", "https://support.apple.com/en-us/HT209451" ], "module": "SQLite", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.6, macOS High Sierra 10.13.6" ], "credit": "Vitaly Cheptsov", "description": "A configuration issue was addressed with additional restrictions.", "id": "CVE-2018-4433", "impact": "A malicious application may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/HT209600" ], "module": "libmalloc", "rsr": "", "update": "August 1, 2019, updated September 17, 2019" }, { "available": [ "macOS Sierra 10.12.6, macOS High Sierra 10.13.6" ], "credit": "Brandon Azad", "description": "A memory initialization issue was addressed with improved memory handling.", "id": "CVE-2018-4448", "impact": "A local user may be able to read kernel memory", "links": [ "https://support.apple.com/en-us/HT209600" ], "module": "Kernel", "rsr": "", "update": "September 17, 2019" }, { "available": [ "macOS Sierra 10.12.6, macOS High Sierra 10.13.6" ], "credit": "Liu Long of Qihoo 360 Vulcan Team", "description": "A memory consumption issue was addressed with improved memory handling.", "id": "CVE-2018-4452", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT209446" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.6" ], "credit": "Tyler Bohan of Cisco Talos", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2018-4456", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT210119" ], "module": "IOAcceleratorFamily", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.6 or later" ], "credit": "Ian Beer of Google Project Zero", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2018-4461", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT209606" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.6, macOS High Sierra 10.13.6" ], "credit": "Martim Carbone, David Vernet, Sam Scalise, and Fred Jacobs of the Virtual Machine Monitor Group of VMware, Inc.", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2018-4467", "impact": "A malicious application may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/HT209446" ], "module": "Hypervisor", "rsr": "", "update": "" }, { "available": [ "AirPort Express, AirPort Extreme, and AirPort Time Capsule base stations with 802.11n", "AirPort Extreme and AirPort Time Capsule base stations with 802.11ac" ], "credit": "Maxime Villard", "description": "A denial of service issue was addressed with improved validation.", "id": "CVE-2018-6918", "impact": "A remote attacker may be able to cause a system denial of service", "links": [ "https://support.apple.com/en-us/HT210090", "https://support.apple.com/en-us/HT210091" ], "module": "AirPort Base Station Firmware", "rsr": "", "update": "" }, { "available": [ "MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later)", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6" ], "credit": "", "description": "Multiple issues were addressed by updating to PHP version 7.3.8.", "id": "CVE-2019-11041", "impact": "Multiple issues in PHP", "links": [ "https://support.apple.com/en-us/HT210634", "https://support.apple.com/en-us/HT210722" ], "module": "apache_mod_php", "rsr": "", "update": "February 11, 2020" }, { "available": [ "MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later)", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6" ], "credit": "", "description": "Multiple issues were addressed by updating to PHP version 7.3.8.", "id": "CVE-2019-11042", "impact": "Multiple issues in PHP", "links": [ "https://support.apple.com/en-us/HT210634", "https://support.apple.com/en-us/HT210722" ], "module": "apache_mod_php", "rsr": "", "update": "February 11, 2020" }, { "available": [ "macOS Mojave 10.14.4" ], "credit": "Ke Sun, Henrique Kawakami, Kekai Hu, and Rodrigo Branco from Intel; and Moritz Lipp, Michael Schwarz, and Daniel Gruss from Graz University of Technology", "description": "Multiple information disclosure issues were addressed partially by updating the microcode and changing the OS scheduler to isolate the system from web content running in the browser. To completely address these issues, there are additional opt-in mitigations to disable hyper threading and enable microcode-based mitigations for all processes by default. Details of the mitigations can be found at https://support.apple.com/kb/HT210107.", "id": "CVE-2019-11091", "impact": "Load ports, fill buffers, and store buffers in systems with microprocessors utilizing speculative execution may allow an attacker with local user access to potentially enable information disclosure via a side channel", "links": [ "https://support.apple.com/en-us/HT210119" ], "module": "Microcode", "rsr": "", "update": "May 14, 2019" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15" ], "credit": "", "description": "Multiple issues were addressed by updating to OpenLDAP version 2.4.28.", "id": "CVE-2019-13057", "impact": "Multiple issues in OpenLDAP", "links": [ "https://support.apple.com/en-us/HT210788" ], "module": "OpenLDAP", "rsr": "", "update": "February 3, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.5" ], "credit": "found by OSS-Fuzz", "description": "A stack overflow was addressed with improved input validation.", "id": "CVE-2019-13118", "impact": "A remote attacker may be able to view sensitive information", "links": [ "https://support.apple.com/en-us/HT210346", "https://support.apple.com/en-us/HT210348", "https://support.apple.com/en-us/HT210351", "https://support.apple.com/en-us/HT210353", "https://support.apple.com/en-us/HT210356", "https://support.apple.com/en-us/HT210357", "https://support.apple.com/en-us/HT210358" ], "module": "libxslt", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.4 and later" ], "credit": "Pedro Sampaio", "description": "An input validation issue was addressed.", "id": "CVE-2019-1348", "impact": "Git could allow a remote malicious user to bypass security restrictions, caused by a flaw in the --export-marks option of git fast-import", "links": [ "https://support.apple.com/en-us/HT210729" ], "module": "Git", "rsr": "", "update": "February 3, 2020" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15" ], "credit": "", "description": "Multiple issues were addressed by updating to OpenLDAP version 2.4.28.", "id": "CVE-2019-13565", "impact": "Multiple issues in OpenLDAP", "links": [ "https://support.apple.com/en-us/HT210788" ], "module": "OpenLDAP", "rsr": "", "update": "February 3, 2020" }, { "available": [ "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Catalina 10.15", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6" ], "credit": "Milos Cermak at ESET", "description": "A logic issue existed in the handling of state transitions. This was addressed with improved state management.", "id": "CVE-2019-15126", "impact": "An attacker in Wi-Fi range may be able to view a small amount of network traffic", "links": [ "https://support.apple.com/en-us/HT210721", "https://support.apple.com/en-us/HT210722", "https://support.apple.com/en-us/HT210788" ], "module": "Wi-Fi", "rsr": "", "update": "February 27, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation" ], "credit": "", "description": "Multiple issues were addressed by updating to libpcap version 1.9.1", "id": "CVE-2019-15161", "impact": "Multiple issues in libpcap", "links": [ "https://support.apple.com/en-us/HT210785", "https://support.apple.com/en-us/HT210789", "https://support.apple.com/en-us/HT210790" ], "module": "libpcap", "rsr": "", "update": "April 4, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation" ], "credit": "", "description": "Multiple issues were addressed by updating to libpcap version 1.9.1", "id": "CVE-2019-15162", "impact": "Multiple issues in libpcap", "links": [ "https://support.apple.com/en-us/HT210785", "https://support.apple.com/en-us/HT210789", "https://support.apple.com/en-us/HT210790" ], "module": "libpcap", "rsr": "", "update": "April 4, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation" ], "credit": "", "description": "Multiple issues were addressed by updating to libpcap version 1.9.1", "id": "CVE-2019-15163", "impact": "Multiple issues in libpcap", "links": [ "https://support.apple.com/en-us/HT210785", "https://support.apple.com/en-us/HT210789", "https://support.apple.com/en-us/HT210790" ], "module": "libpcap", "rsr": "", "update": "April 4, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation" ], "credit": "", "description": "Multiple issues were addressed by updating to libpcap version 1.9.1", "id": "CVE-2019-15164", "impact": "Multiple issues in libpcap", "links": [ "https://support.apple.com/en-us/HT210785", "https://support.apple.com/en-us/HT210789", "https://support.apple.com/en-us/HT210790" ], "module": "libpcap", "rsr": "", "update": "April 4, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation" ], "credit": "", "description": "Multiple issues were addressed by updating to libpcap version 1.9.1", "id": "CVE-2019-15165", "impact": "Multiple issues in libpcap", "links": [ "https://support.apple.com/en-us/HT210785", "https://support.apple.com/en-us/HT210789", "https://support.apple.com/en-us/HT210790" ], "module": "libpcap", "rsr": "", "update": "April 4, 2020" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15" ], "credit": "", "description": "Multiple issues were addressed by updating to tcpdump version 4.9.3 and libpcap version 1.9.1", "id": "CVE-2019-15166", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT210788" ], "module": "tcpdump", "rsr": "", "update": "February 11, 2020" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15" ], "credit": "", "description": "Multiple issues were addressed by updating to tcpdump version 4.9.3 and libpcap version 1.9.1", "id": "CVE-2019-15167", "impact": "Multiple issues in tcpdump", "links": [ "https://support.apple.com/en-us/HT210788" ], "module": "tcpdump", "rsr": "", "update": "February 11, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15" ], "credit": "Joonun Jang", "description": "This issue was addressed by updating to expat version 2.2.8.", "id": "CVE-2019-15903", "impact": "Parsing a maliciously crafted XML file may lead to disclosure of user information", "links": [ "https://support.apple.com/en-us/HT210785", "https://support.apple.com/en-us/HT210788", "https://support.apple.com/en-us/HT210789", "https://support.apple.com/en-us/HT210790", "https://support.apple.com/en-us/HT210793", "https://support.apple.com/en-us/HT210794", "https://support.apple.com/en-us/HT210795" ], "module": "libexpat", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.4" ], "credit": "Matt Beaver and Erik Peterson of Microsoft Corp.", "description": "This issue was addressed by disabling accessories with insecure Bluetooth connections. Customers using the Bluetooth Low Energy (BLE) version of the Titan Security Key by Google should review Android\u2019s June Bulletins and Google\u2019s advisory and take appropriate action.", "id": "CVE-2019-2102", "impact": "Due to a misconfiguration in the Bluetooth pairing protocols of a Bluetooth Low Energy (BLE) version of FIDO Security Keys it may be possible for an attacker with physical proximity to be able to intercept Bluetooth traffic during pairing", "links": [ "https://support.apple.com/en-us/HT210118", "https://support.apple.com/en-us/HT210119", "https://support.apple.com/en-us/HT210120" ], "module": "Bluetooth", "rsr": "", "update": "September 17, 2019" }, { "available": [ "macOS Mojave 10.14.4 and later" ], "credit": "Chris Coulson", "description": "Multiple issues were addressed by updating to version 2.16.", "id": "CVE-2019-3855", "impact": "Multiple issues in libssh2", "links": [ "https://support.apple.com/en-us/HT210609" ], "module": "IDE SCM", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD previously Apple TV (4th generation)", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.3" ], "credit": "Apple", "description": "A memory corruption issue existed in the handling of IPv6 packets. This issue was addressed with improved memory management.", "id": "CVE-2019-5608", "impact": "A remote attacker may be able to alter network traffic data", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209600", "https://support.apple.com/en-us/HT209601", "https://support.apple.com/en-us/HT209602" ], "module": "Kernel", "rsr": "", "update": "August 6, 2019" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.6, macOS Mojave 10.14.2" ], "credit": "an anonymous researcher", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2019-6200", "impact": "An attacker in a privileged network position may be able to execute arbitrary code", "links": [ "https://support.apple.com/en-us/HT209443", "https://support.apple.com/en-us/HT209446" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD previously Apple TV (4th generation)", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and Mojave 10.14.4" ], "credit": "dwfault working with ADLab of Venustech", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-6201", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209601", "https://support.apple.com/en-us/HT209603", "https://support.apple.com/en-us/HT209604", "https://support.apple.com/en-us/HT209605" ], "module": "WebKit", "rsr": "", "update": "June 24, 2019" }, { "available": [ "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.6, macOS Mojave 10.14.2" ], "credit": "Fluoroacetate working with Trend Micro's Zero Day Initiative", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2019-6202", "impact": "A malicious application may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/HT209443", "https://support.apple.com/en-us/HT209446", "https://support.apple.com/en-us/HT209448" ], "module": "Core Media", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD previously Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.3" ], "credit": "Dominic White of SensePost (@singe)", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2019-6203", "impact": "An attacker in a privileged network position may be able to intercept network traffic", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209600", "https://support.apple.com/en-us/HT209601" ], "module": "802.1X", "rsr": "", "update": "April 15, 2019" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and Mojave 10.14.4" ], "credit": "Ryan Pickren (ryanpickren.com)", "description": "A logic issue was addressed with improved validation.", "id": "CVE-2019-6204", "impact": "Enabling the Safari Reader feature on a maliciously crafted webpage may lead to universal cross site scripting", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209603" ], "module": "Safari Reader", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.2" ], "credit": "Ian Beer of Google Project Zero", "description": "A memory corruption issue was addressed with improved lock state checking.", "id": "CVE-2019-6205", "impact": "A malicious application may cause unexpected changes in memory shared between processes", "links": [ "https://support.apple.com/en-us/HT209443", "https://support.apple.com/en-us/HT209446", "https://support.apple.com/en-us/HT209447" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Sergey Pershenkov", "description": "An issue existed with autofill resuming after it was canceled. The issue was addressed with improved state management.", "id": "CVE-2019-6206", "impact": "Password autofill may fill in passwords after they were manually cleared", "links": [ "https://support.apple.com/en-us/HT209443" ], "module": "Keyboard", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD previously Apple TV (4th generation)", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.3" ], "credit": "Weibo Wang of Qihoo 360 Nirvan Team (@ma1fan)", "description": "An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation.", "id": "CVE-2019-6207", "impact": "A malicious application may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209600", "https://support.apple.com/en-us/HT209601", "https://support.apple.com/en-us/HT209602" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.2" ], "credit": "Jann Horn of Google Project Zero", "description": "A memory initialization issue was addressed with improved memory handling.", "id": "CVE-2019-6208", "impact": "A malicious application may cause unexpected changes in memory shared between processes", "links": [ "https://support.apple.com/en-us/HT209443", "https://support.apple.com/en-us/HT209446", "https://support.apple.com/en-us/HT209447" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.6, macOS Mojave 10.14.2" ], "credit": "Brandon Azad of Google Project Zero", "description": "An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation.", "id": "CVE-2019-6209", "impact": "A malicious application may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT209443", "https://support.apple.com/en-us/HT209446", "https://support.apple.com/en-us/HT209447", "https://support.apple.com/en-us/HT209448" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.2" ], "credit": "Ned Williamson of Google", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2019-6210", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT209443", "https://support.apple.com/en-us/HT209446", "https://support.apple.com/en-us/HT209447", "https://support.apple.com/en-us/HT209448" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.2" ], "credit": "Georgi Geshev (@munmap), Fabi Beterke (@pwnfl4k3s), and Rob Miller (@trotmaster99) of MWR Labs (@mwrlabs) working with Trend Micro's Zero Day Initiative", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2019-6211", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209443", "https://support.apple.com/en-us/HT209446" ], "module": "WebRTC", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and macOS Mojave 10.14.3" ], "credit": "Mike Zhang from The Pangu team, Wen Xu of SSLab at Georgia Tech", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-6212", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209443", "https://support.apple.com/en-us/HT209447", "https://support.apple.com/en-us/HT209449", "https://support.apple.com/en-us/HT209450", "https://support.apple.com/en-us/HT209451" ], "module": "WebKit", "rsr": "", "update": "February 15, 2019" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.2" ], "credit": "Ian Beer of Google Project Zero", "description": "A buffer overflow was addressed with improved bounds checking.", "id": "CVE-2019-6213", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT209443", "https://support.apple.com/en-us/HT209446", "https://support.apple.com/en-us/HT209447", "https://support.apple.com/en-us/HT209448" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.2" ], "credit": "Ian Beer of Google Project Zero", "description": "A type confusion issue was addressed with improved memory handling.", "id": "CVE-2019-6214", "impact": "A malicious application may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/HT209443", "https://support.apple.com/en-us/HT209446", "https://support.apple.com/en-us/HT209447", "https://support.apple.com/en-us/HT209448" ], "module": "IOKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and macOS Mojave 10.14.3" ], "credit": "Lokihardt of Google Project Zero", "description": "A type confusion issue was addressed with improved memory handling.", "id": "CVE-2019-6215", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209443", "https://support.apple.com/en-us/HT209447", "https://support.apple.com/en-us/HT209449", "https://support.apple.com/en-us/HT209450", "https://support.apple.com/en-us/HT209451" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and macOS Mojave 10.14.3" ], "credit": "Fluoroacetate working with Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-6216", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209443", "https://support.apple.com/en-us/HT209447", "https://support.apple.com/en-us/HT209448", "https://support.apple.com/en-us/HT209449", "https://support.apple.com/en-us/HT209450", "https://support.apple.com/en-us/HT209451" ], "module": "WebKit", "rsr": "", "update": "February 15, 2019" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and macOS Mojave 10.14.3" ], "credit": "Fluoroacetate working with Trend Micro's Zero Day Initiative, Proteas, Shrek_wzw, and Zhuo Liang of Qihoo 360 Nirvan Team", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-6217", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209443", "https://support.apple.com/en-us/HT209447", "https://support.apple.com/en-us/HT209448", "https://support.apple.com/en-us/HT209449", "https://support.apple.com/en-us/HT209450", "https://support.apple.com/en-us/HT209451" ], "module": "WebKit", "rsr": "", "update": "February 15, 2019" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.2" ], "credit": "Ian Beer of Google Project Zero", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2019-6218", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT209443", "https://support.apple.com/en-us/HT209446", "https://support.apple.com/en-us/HT209447" ], "module": "libxpc", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.2" ], "credit": "Authier Thomas", "description": "A denial of service issue was addressed with improved validation.", "id": "CVE-2019-6219", "impact": "Processing a maliciously crafted message may lead to a denial of service", "links": [ "https://support.apple.com/en-us/HT209443", "https://support.apple.com/en-us/HT209446", "https://support.apple.com/en-us/HT209448" ], "module": "Natural Language Processing", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.2" ], "credit": "Yufeng Ruan of Chaitin Security Research Lab", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2019-6220", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT209446" ], "module": "QuartzCore", "rsr": "", "update": "" }, { "available": [ "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.6, macOS Mojave 10.14.2" ], "credit": "Fluoroacetate working with Trend Micro's Zero Day Initiative", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2019-6221", "impact": "A malicious application may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/HT209443", "https://support.apple.com/en-us/HT209446", "https://support.apple.com/en-us/HT209450" ], "module": "Core Media", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Denis Markov of Resonance Software", "description": "A consistency issue was addressed with improved state handling.", "id": "CVE-2019-6222", "impact": "A website may be able to access the microphone without the microphone use indicator being shown", "links": [ "https://support.apple.com/en-us/HT209599" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.3" ], "credit": "Grant Thompson of Catalina Foothills High School, Daven Morris of Arlington, TX", "description": "A logic issue existed in the handling of Group FaceTime calls. The issue was addressed with improved state management.", "id": "CVE-2019-6223", "impact": "The initiator of a Group FaceTime call may be able to cause the recipient to answer", "links": [ "https://support.apple.com/en-us/HT209520", "https://support.apple.com/en-us/HT209521" ], "module": "FaceTime", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.6, macOS Mojave 10.14.2" ], "credit": "natashenka of Google Project Zero", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2019-6224", "impact": "A remote attacker may be able to initiate a FaceTime call causing arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209443", "https://support.apple.com/en-us/HT209446", "https://support.apple.com/en-us/HT209447", "https://support.apple.com/en-us/HT209448" ], "module": "FaceTime", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.2" ], "credit": "Brandon Azad of Google Project Zero, Qixun Zhao of Qihoo 360 Vulcan Team", "description": "A memory corruption issue was addressed with improved validation.", "id": "CVE-2019-6225", "impact": "A malicious application may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/HT209443", "https://support.apple.com/en-us/HT209446", "https://support.apple.com/en-us/HT209447" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and macOS Mojave 10.14.3" ], "credit": "Apple", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-6226", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209443", "https://support.apple.com/en-us/HT209447", "https://support.apple.com/en-us/HT209448", "https://support.apple.com/en-us/HT209449", "https://support.apple.com/en-us/HT209450", "https://support.apple.com/en-us/HT209451" ], "module": "WebKit", "rsr": "", "update": "February 15, 2019" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and macOS Mojave 10.14.3" ], "credit": "Qixun Zhao of Qihoo 360 Vulcan Team", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2019-6227", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209443", "https://support.apple.com/en-us/HT209447", "https://support.apple.com/en-us/HT209448", "https://support.apple.com/en-us/HT209449", "https://support.apple.com/en-us/HT209450", "https://support.apple.com/en-us/HT209451" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and macOS Mojave 10.14.3" ], "credit": "Ryan Pickren (ryanpickren.com)", "description": "A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation.", "id": "CVE-2019-6228", "impact": "Processing maliciously crafted web content may lead to a cross site scripting attack", "links": [ "https://support.apple.com/en-us/HT209443", "https://support.apple.com/en-us/HT209449" ], "module": "Safari Reader", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and macOS Mojave 10.14.3" ], "credit": "Ryan Pickren (ryanpickren.com)", "description": "A logic issue was addressed with improved validation.", "id": "CVE-2019-6229", "impact": "Processing maliciously crafted web content may lead to universal cross site scripting", "links": [ "https://support.apple.com/en-us/HT209443", "https://support.apple.com/en-us/HT209447", "https://support.apple.com/en-us/HT209449", "https://support.apple.com/en-us/HT209450", "https://support.apple.com/en-us/HT209451" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.2" ], "credit": "Proteas, Shrek_wzw and Zhuo Liang of Qihoo 360 Nirvan Team", "description": "A memory initialization issue was addressed with improved memory handling.", "id": "CVE-2019-6230", "impact": "A malicious application may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/HT209443", "https://support.apple.com/en-us/HT209446", "https://support.apple.com/en-us/HT209447", "https://support.apple.com/en-us/HT209448" ], "module": "CoreAnimation", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.2" ], "credit": "Zhuo Liang of Qihoo 360 Nirvan Team", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2019-6231", "impact": "A malicious application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT209443", "https://support.apple.com/en-us/HT209446", "https://support.apple.com/en-us/HT209447", "https://support.apple.com/en-us/HT209448" ], "module": "CoreAnimation", "rsr": "", "update": "" }, { "available": [ "Windows 7 and later" ], "credit": "Stefan Kanthak (eskamation.de)", "description": "A race condition existed during the installation of iTunes for Windows. This was addressed with improved state handling.", "id": "CVE-2019-6232", "impact": "Running the iTunes installer in an untrusted directory may result in arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209605" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and macOS Mojave 10.14.3" ], "credit": "G. Geshev from MWR Labs working with Trend Micro's Zero Day Initiative", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2019-6233", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209443", "https://support.apple.com/en-us/HT209447", "https://support.apple.com/en-us/HT209449", "https://support.apple.com/en-us/HT209450", "https://support.apple.com/en-us/HT209451" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and macOS Mojave 10.14.3" ], "credit": "G. Geshev from MWR Labs working with Trend Micro's Zero Day Initiative", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2019-6234", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209443", "https://support.apple.com/en-us/HT209447", "https://support.apple.com/en-us/HT209449", "https://support.apple.com/en-us/HT209450", "https://support.apple.com/en-us/HT209451" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Apple Watch Series 1 and later", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.2" ], "credit": "Brandon Azad", "description": "A memory corruption issue was addressed with improved validation.", "id": "CVE-2019-6235", "impact": "A sandboxed process may be able to circumvent sandbox restrictions", "links": [ "https://support.apple.com/en-us/HT209443", "https://support.apple.com/en-us/HT209446", "https://support.apple.com/en-us/HT209447", "https://support.apple.com/en-us/HT209448", "https://support.apple.com/en-us/HT209450" ], "module": "AppleKeyStore", "rsr": "", "update": "" }, { "available": [ "Windows 7 and later" ], "credit": "Stefan Kanthak (eskamation.de)", "description": "A race condition existed during the installation of iCloud for Windows. This was addressed with improved state handling.", "id": "CVE-2019-6236", "impact": "Running the iCloud installer in an untrusted directory may result in arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209605" ], "module": "Windows Installer", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 version 18362.145 or higher", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.4", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and included in macOS Mojave 10.14.5" ], "credit": "G. Geshev working with Trend Micro Zero Day Initiative, Liu Long of Qihoo 360 Vulcan Team", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-6237", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210118", "https://support.apple.com/en-us/HT210119", "https://support.apple.com/en-us/HT210120", "https://support.apple.com/en-us/HT210123", "https://support.apple.com/en-us/HT210124", "https://support.apple.com/en-us/HT210125", "https://support.apple.com/en-us/HT210212" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.3" ], "credit": "Yi\u011fit Can YILMAZ (@yilmazcanyigit)", "description": "A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks.", "id": "CVE-2019-6238", "impact": "Processing a maliciously crafted package may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209600" ], "module": "xar", "rsr": "", "update": "April 15, 2019" }, { "available": [ "macOS Mojave 10.14.3" ], "credit": "Ian Moorhouse and Michael Trimm", "description": "This issue was addressed with improved handling of file metadata.", "id": "CVE-2019-6239", "impact": "A malicious application may bypass Gatekeeper checks", "links": [ "https://support.apple.com/en-us/HT209600" ], "module": "Bom", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Damian Poddebniak of M\u00fcnster University of Applied Sciences", "description": "This issue was addressed with improved checks.", "id": "CVE-2019-7284", "impact": "Processing a maliciously crafted mail message may lead to S/MIME signature spoofing", "links": [ "https://support.apple.com/en-us/HT209599" ], "module": "Mail", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD previously Apple TV (4th generation)", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and Mojave 10.14.4" ], "credit": "dwfault working at ADLab of Venustech", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2019-7285", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209601", "https://support.apple.com/en-us/HT209603", "https://support.apple.com/en-us/HT209604", "https://support.apple.com/en-us/HT209605" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD previously Apple TV (4th generation)", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.3" ], "credit": "an anonymous researcher, Clement Lecigne of Google Threat Analysis Group, Ian Beer of Google Project Zero, and Samuel Gro\u00df of Google Project Zero", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2019-7286", "impact": "An application may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT209520", "https://support.apple.com/en-us/HT209521", "https://support.apple.com/en-us/HT209601", "https://support.apple.com/en-us/HT209602" ], "module": "Foundation", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "an anonymous researcher, Clement Lecigne of Google Threat Analysis Group, Ian Beer of Google Project Zero, and Samuel Gro\u00df of Google Project Zero", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2019-7287", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT209520" ], "module": "IOKit", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.3" ], "credit": "Apple", "description": "The issue was addressed with improved validation on the FaceTime server.", "id": "CVE-2019-7288", "impact": "A thorough security audit of the FaceTime service uncovered an issue with Live Photos", "links": [ "https://support.apple.com/en-us/HT209520", "https://support.apple.com/en-us/HT209521" ], "module": "Live Photos in FaceTime", "rsr": "", "update": "" }, { "available": [ "Shortcuts 2.1.2 for iOS" ], "credit": "Sem Voigtl\u00e4nder of Fontys Hogeschool ICT", "description": "A parsing issue in the handling of directory paths was addressed with improved path validation.", "id": "CVE-2019-7289", "impact": "A local user may be able to view senstive user information", "links": [ "https://support.apple.com/en-us/HT209522" ], "module": "Shortcuts", "rsr": "", "update": "" }, { "available": [ "Shortcuts 2.1.2 for iOS" ], "credit": "Avimanyu Roy (@AvimanyuRoy3)", "description": "An access issue was addressed with additional sandbox restrictions.", "id": "CVE-2019-7290", "impact": "A sandboxed process may be able to circumvent sandbox restrictions", "links": [ "https://support.apple.com/en-us/HT209522" ], "module": "Shortcuts", "rsr": "", "update": "" }, { "available": [ "AirPort Express, AirPort Extreme, and AirPort Time Capsule base stations with 802.11n", "AirPort Extreme and AirPort Time Capsule base stations with 802.11ac" ], "credit": "Maxime Villard", "description": "A denial of service issue was addressed with improved memory handling.", "id": "CVE-2019-7291", "impact": "An attacker in a privileged position may be able to perform a denial of service attack", "links": [ "https://support.apple.com/en-us/HT210090", "https://support.apple.com/en-us/HT210091" ], "module": "AirPort Base Station Firmware", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD previously Apple TV (4th generation)", "Apple Watch Series 1 and later", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and Mojave 10.14.4" ], "credit": "Zhunki and Zhiyi Zhang of 360 ESG Codesafe Team", "description": "A validation issue was addressed with improved logic.", "id": "CVE-2019-7292", "impact": "Processing maliciously crafted web content may result in the disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209601", "https://support.apple.com/en-us/HT209602", "https://support.apple.com/en-us/HT209603", "https://support.apple.com/en-us/HT209604", "https://support.apple.com/en-us/HT209605" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD previously Apple TV (4th generation)", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.3" ], "credit": "Ned Williamson of Google", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2019-7293", "impact": "A local user may be able to read kernel memory", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209600", "https://support.apple.com/en-us/HT209601", "https://support.apple.com/en-us/HT209602" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD previously Apple TV (4th generation)", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.3" ], "credit": "Luke Deshotels of North Carolina State University, Jordan Beichler of North Carolina State University, William Enck of North Carolina State University, Costin Caraba\u0219 of University POLITEHNICA of Bucharest, and R\u0103zvan Deaconescu of University POLITEHNICA of Bucharest", "description": "An API issue existed in the handling of dictation requests. This issue was addressed with improved validation.", "id": "CVE-2019-8502", "impact": "A malicious application may be able to initiate a Dictation request without user authorization", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209600", "https://support.apple.com/en-us/HT209601", "https://support.apple.com/en-us/HT209602" ], "module": "Siri", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD previously Apple TV (4th generation)", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and Mojave 10.14.4" ], "credit": "Linus S\u00e4rud of Detectify", "description": "A logic issue was addressed with improved validation.", "id": "CVE-2019-8503", "impact": "A malicious website may be able to execute scripts in the context of another website", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209601", "https://support.apple.com/en-us/HT209603", "https://support.apple.com/en-us/HT209604", "https://support.apple.com/en-us/HT209605" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.6, macOS Mojave 10.14.3" ], "credit": "an anonymous researcher", "description": "A memory initialization issue was addressed with improved memory handling.", "id": "CVE-2019-8504", "impact": "A local user may be able to read kernel memory", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209600" ], "module": "IOKit", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and Mojave 10.14.4" ], "credit": "Ryan Pickren (ryanpickren.com)", "description": "A logic issue was addressed with improved validation.", "id": "CVE-2019-8505", "impact": "Enabling the Safari Reader feature on a maliciously crafted webpage may lead to universal cross site scripting", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209603" ], "module": "Safari Reader", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD previously Apple TV (4th generation)", "Apple Watch Series 1 and later", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and Mojave 10.14.4" ], "credit": "Samuel Gro\u00df of Google Project Zero", "description": "A type confusion issue was addressed with improved memory handling.", "id": "CVE-2019-8506", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209601", "https://support.apple.com/en-us/HT209602", "https://support.apple.com/en-us/HT209603", "https://support.apple.com/en-us/HT209604", "https://support.apple.com/en-us/HT209605" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.3" ], "credit": "Kai Lu of Fortinet's FortiGuard Labs", "description": "Multiple memory corruption issues were addressed with improved input validation.", "id": "CVE-2019-8507", "impact": "Processing malicious data may lead to unexpected application termination", "links": [ "https://support.apple.com/en-us/HT209600" ], "module": "QuartzCore", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.6, macOS Mojave 10.14.3" ], "credit": "Dr. Silvio Cesare of InfoSect", "description": "A buffer overflow was addressed with improved bounds checking.", "id": "CVE-2019-8508", "impact": "Mounting a maliciously crafted NFS network share may lead to arbitrary code execution with system privileges", "links": [ "https://support.apple.com/en-us/HT209600" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later)", "macOS High Sierra 10.13.6, macOS Mojave 10.14.6" ], "credit": "CodeColorist of Ant-Financial LightYear Labs", "description": "This issue was addressed by removing the vulnerable code.", "id": "CVE-2019-8509", "impact": "A malicious application may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/HT210634", "https://support.apple.com/en-us/HT210722" ], "module": "File Quarantine", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD previously Apple TV (4th generation)", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.3" ], "credit": "Stefan Esser of Antid0te UG", "description": "An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation.", "id": "CVE-2019-8510", "impact": "A malicious application may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209600", "https://support.apple.com/en-us/HT209601", "https://support.apple.com/en-us/HT209602" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.3" ], "credit": "an anonymous researcher", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2019-8511", "impact": "A malicious application may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209600", "https://support.apple.com/en-us/HT209602" ], "module": "Contacts", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "an anonymous researcher, Dennis Munsie of Amazon.com", "description": "This issue was addressed with improved transparency.", "id": "CVE-2019-8512", "impact": "A user may authorize an enterprise administrator to remotely wipe their device without appropriate disclosure", "links": [ "https://support.apple.com/en-us/HT209599" ], "module": "Exchange ActiveSync", "rsr": "", "update": "April 3, 2019" }, { "available": [ "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.3" ], "credit": "CodeColorist of Ant-Financial LightYear Labs", "description": "This issue was addressed with improved checks.", "id": "CVE-2019-8513", "impact": "A local user may be able to execute arbitrary shell commands", "links": [ "https://support.apple.com/en-us/HT209600" ], "module": "Time Machine", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD previously Apple TV (4th generation)", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.3" ], "credit": "Samuel Gro\u00df of Google Project Zero", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2019-8514", "impact": "An application may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209600", "https://support.apple.com/en-us/HT209601", "https://support.apple.com/en-us/HT209602" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD previously Apple TV (4th generation)", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and Mojave 10.14.4" ], "credit": "James Lee (@Windowsrcer)", "description": "A cross-origin issue existed with the fetch API. This was addressed with improved input validation.", "id": "CVE-2019-8515", "impact": "Processing maliciously crafted web content may disclose sensitive user information", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209601", "https://support.apple.com/en-us/HT209603", "https://support.apple.com/en-us/HT209604", "https://support.apple.com/en-us/HT209605" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD previously Apple TV (4th generation)", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.3" ], "credit": "SWIPS Team of Frifee Inc.", "description": "A validation issue was addressed with improved logic.", "id": "CVE-2019-8516", "impact": "Processing a maliciously crafted string may lead to a denial of service", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209600", "https://support.apple.com/en-us/HT209601", "https://support.apple.com/en-us/HT209602" ], "module": "CFString", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD previously Apple TV (4th generation)", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.3" ], "credit": "riusksk of VulWar Corp working with Trend Micro Zero Day Initiative", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2019-8517", "impact": "Processing a maliciously crafted font may result in the disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209600", "https://support.apple.com/en-us/HT209601", "https://support.apple.com/en-us/HT209602" ], "module": "TrueTypeScaler", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD previously Apple TV (4th generation)", "Apple Watch Series 1 and later", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and Mojave 10.14.4" ], "credit": "Samuel Gro\u00df of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8518", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209601", "https://support.apple.com/en-us/HT209602", "https://support.apple.com/en-us/HT209603", "https://support.apple.com/en-us/HT209604", "https://support.apple.com/en-us/HT209605" ], "module": "WebKit", "rsr": "", "update": "May 30, 2019" }, { "available": [ "macOS Mojave 10.14.3" ], "credit": "Aleksandr Tarasikov (@astarasikov), Juwei Lin (@panicaII) and Junzhi Lu of Trend Micro Research working with Trend Micro's Zero Day Initiative, Lilang Wu and Moony Li of Trend Micro", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2019-8519", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT209600" ], "module": "Graphics Drivers", "rsr": "", "update": "August 1, 2019" }, { "available": [ "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.3" ], "credit": "Antonio Groza, The UK's National Cyber Security Centre (NCSC)", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2019-8520", "impact": "A malicious application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT209600" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.3" ], "credit": "CodeColorist of Ant-Financial LightYear Labs", "description": "This issue was addressed with improved checks.", "id": "CVE-2019-8521", "impact": "A malicious application may be able to overwrite arbitrary files", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209600" ], "module": "Feedback Assistant", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.3" ], "credit": "Colin Meginnis (@falc420)", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2019-8522", "impact": "An encrypted volume may be unmounted and remounted by a different user without prompting for the password", "links": [ "https://support.apple.com/en-us/HT209600" ], "module": "DiskArbitration", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD previously Apple TV (4th generation)", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and Mojave 10.14.4" ], "credit": "Apple", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8523", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209601", "https://support.apple.com/en-us/HT209603", "https://support.apple.com/en-us/HT209604", "https://support.apple.com/en-us/HT209605" ], "module": "WebKit", "rsr": "", "update": "June 24, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD previously Apple TV (4th generation)", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and Mojave 10.14.4" ], "credit": "G. Geshev working with Trend Micro Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8524", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209601", "https://support.apple.com/en-us/HT209603", "https://support.apple.com/en-us/HT209604", "https://support.apple.com/en-us/HT209605" ], "module": "WebKit", "rsr": "", "update": "June 24, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD previously Apple TV (4th generation)", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.3", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6" ], "credit": "Zhuo Liang and shrek_wzw of Qihoo 360 Nirvan Team", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2019-8525", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209600", "https://support.apple.com/en-us/HT209601", "https://support.apple.com/en-us/HT209602", "https://support.apple.com/en-us/HT210119" ], "module": "Kernel", "rsr": "", "update": "May 14, 2019" }, { "available": [ "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.3" ], "credit": "Linus Henze (pinauten.de)", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2019-8526", "impact": "An application may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT209600" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD previously Apple TV (4th generation)", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.3" ], "credit": "Ned Williamson of Google and derrek (@derrekr6)", "description": "A buffer overflow was addressed with improved size validation.", "id": "CVE-2019-8527", "impact": "A remote attacker may be able to cause unexpected system termination or corrupt kernel memory", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209600", "https://support.apple.com/en-us/HT209601", "https://support.apple.com/en-us/HT209602" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD previously Apple TV (4th generation)", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.3, macOS High Sierra 10.13.6" ], "credit": "Fabiano Anemone (@anoane), Zhao Qixun (@S0rryMybad) of Qihoo 360 Vulcan Team", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2019-8528", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209600", "https://support.apple.com/en-us/HT209601", "https://support.apple.com/en-us/HT209602" ], "module": "Kernel", "rsr": "", "update": "April 3, 2019" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.6, macOS Mojave 10.14.3" ], "credit": "Juwei Lin (@panicaII) of Trend Micro Research working with Trend Micro's Zero Day Initiative", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2019-8529", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209600" ], "module": "IOKit SCSI", "rsr": "", "update": "April 15, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD previously Apple TV (4th generation)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS Mojave 10.14.3" ], "credit": "CodeColorist of Ant-Financial LightYear Labs", "description": "This issue was addressed with improved checks.", "id": "CVE-2019-8530", "impact": "A malicious application may be able to overwrite arbitrary files", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209600", "https://support.apple.com/en-us/HT209601" ], "module": "XPC", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD previously Apple TV (4th generation)", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS High Sierra 10.13.6", "macOS Mojave 10.14.3" ], "credit": "an anonymous researcher, QA team of SecureW2", "description": "A validation issue existed in Trust Anchor Management. This issue was addressed with improved validation.", "id": "CVE-2019-8531", "impact": "An untrusted radius server certificate may be trusted", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209600", "https://support.apple.com/en-us/HT209601", "https://support.apple.com/en-us/HT209602" ], "module": "Security", "rsr": "", "update": "May 15, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD previously Apple TV (4th generation)", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Angel Ramirez, Min (Spark) Zheng and Xiaolong Bai of Alibaba Inc.", "description": "A permissions issue was addressed by removing vulnerable code and adding additional checks.", "id": "CVE-2019-8532", "impact": "A malicious application may be able to access restricted files", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209601", "https://support.apple.com/en-us/HT209602" ], "module": "MediaLibrary", "rsr": "", "update": "May 30, 2019" }, { "available": [ "macOS Mojave 10.14.3" ], "credit": "an anonymous researcher, James Eagan of T\u00e9l\u00e9com ParisTech, R. Scott Kemp of MIT, and Romke van Dijk of Z-CERT", "description": "A lock handling issue was addressed with improved lock handling.", "id": "CVE-2019-8533", "impact": "A Mac may not lock when disconnecting from an external monitor", "links": [ "https://support.apple.com/en-us/HT209600" ], "module": "IOGraphics", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.3" ], "credit": "Mac working with Trend Micro's Zero Day Initiative", "description": "A logic issue existed resulting in memory corruption. This was addressed with improved state management.", "id": "CVE-2019-8534", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT209600" ], "module": "APFS", "rsr": "", "update": "April 15, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD previously Apple TV (4th generation)", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and Mojave 10.14.4" ], "credit": "Zhiyang Zeng (@Wester) of Tencent Blade Team", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2019-8535", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209601", "https://support.apple.com/en-us/HT209603", "https://support.apple.com/en-us/HT209604", "https://support.apple.com/en-us/HT209605" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD previously Apple TV (4th generation)", "Apple Watch Series 1 and later", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and Mojave 10.14.4" ], "credit": "Apple", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2019-8536", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209601", "https://support.apple.com/en-us/HT209602", "https://support.apple.com/en-us/HT209603", "https://support.apple.com/en-us/HT209604", "https://support.apple.com/en-us/HT209605" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.3" ], "credit": "Greg Walker (gregwalker.us)", "description": "An access issue was addressed with improved memory management.", "id": "CVE-2019-8537", "impact": "A local user may be able to view a user\u2019s locked notes", "links": [ "https://support.apple.com/en-us/HT209600" ], "module": "Notes", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.3" ], "credit": "Trevor Spiniolas (@TrevorSpiniolas)", "description": "A denial of service issue was addressed with improved validation.", "id": "CVE-2019-8538", "impact": "Processing a maliciously crafted vcf file may lead to a denial of service", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209600", "https://support.apple.com/en-us/HT209602" ], "module": "Accounts", "rsr": "", "update": "April 3, 2019" }, { "available": [ "macOS Mojave 10.14.5" ], "credit": "ccpwd working with Trend Micro's Zero Day Initiative", "description": "A memory initialization issue was addressed with improved memory handling.", "id": "CVE-2019-8539", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT210348" ], "module": "Disk Management", "rsr": "", "update": "September 17, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD previously Apple TV (4th generation)", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS Mojave 10.14.3" ], "credit": "Weibo Wang (@ma1fan) of Qihoo 360 Nirvan Team", "description": "A memory initialization issue was addressed with improved memory handling.", "id": "CVE-2019-8540", "impact": "A malicious application may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209600", "https://support.apple.com/en-us/HT209601", "https://support.apple.com/en-us/HT209602" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Stan (Jiexin) Zhang and Alastair R. Beresford of the University of Cambridge, Ian Sheret of Polymath Insight Limited", "description": "A privacy issue existed in motion sensor calibration. This issue was addressed with improved motion sensor processing.", "id": "CVE-2019-8541", "impact": "A malicious app may be able to track users between installs", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209602" ], "module": "Privacy", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD previously Apple TV (4th generation)", "Apple Watch Series 1 and later", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.3" ], "credit": "an anonymous researcher", "description": "A buffer overflow was addressed with improved bounds checking.", "id": "CVE-2019-8542", "impact": "A malicious application may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209600", "https://support.apple.com/en-us/HT209601", "https://support.apple.com/en-us/HT209602", "https://support.apple.com/en-us/HT209604", "https://support.apple.com/en-us/HT209605" ], "module": "CoreCrypto", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD previously Apple TV (4th generation)", "Apple Watch Series 1 and later", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and Mojave 10.14.4" ], "credit": "an anonymous researcher", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2019-8544", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209601", "https://support.apple.com/en-us/HT209602", "https://support.apple.com/en-us/HT209603", "https://support.apple.com/en-us/HT209604", "https://support.apple.com/en-us/HT209605" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD previously Apple TV (4th generation)", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.3" ], "credit": "Adam Donenfeld (@doadam) of the Zimperium zLabs Team", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2019-8545", "impact": "A local user may be able to cause unexpected system termination or read kernel memory", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209600", "https://support.apple.com/en-us/HT209601", "https://support.apple.com/en-us/HT209602" ], "module": "IOHIDFamily", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.3" ], "credit": "ChiYuan Chang", "description": "An access issue was addressed with additional sandbox restrictions.", "id": "CVE-2019-8546", "impact": "A local user may be able to view sensitive user information", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209600", "https://support.apple.com/en-us/HT209602" ], "module": "Messages", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD previously Apple TV (4th generation)", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.3", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6" ], "credit": "derrek (@derrekr6)", "description": "An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation.", "id": "CVE-2019-8547", "impact": "A remote attacker may be able to leak memory", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209600", "https://support.apple.com/en-us/HT209601", "https://support.apple.com/en-us/HT209602", "https://support.apple.com/en-us/HT210119" ], "module": "Kernel", "rsr": "", "update": "May 14, 2019" }, { "available": [ "Apple Watch Series 1 and later" ], "credit": "Tobias Sachs", "description": "An issue existed where partially entered passcodes may not clear when the device went to sleep. This issue was addressed by clearing the passcode when a locked device sleeps.", "id": "CVE-2019-8548", "impact": "A partially entered passcode may not clear when the device goes to sleep", "links": [ "https://support.apple.com/en-us/HT209602" ], "module": "Passcode", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD previously Apple TV (4th generation)", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.3" ], "credit": "Mohamed Ghannam (@_simo36) of SSD Secure Disclosure (ssd-disclosure.com)", "description": "Multiple input validation issues existed in MIG generated code. These issues were addressed with improved validation.", "id": "CVE-2019-8549", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209600", "https://support.apple.com/en-us/HT209601", "https://support.apple.com/en-us/HT209602" ], "module": "Power Management", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.3" ], "credit": "Lauren Guzniczak of Keystone Academy", "description": "An issue existed in the pausing of FaceTime video. The issue was resolved with improved logic.", "id": "CVE-2019-8550", "impact": "A user\u2019s video may not be paused in a FaceTime call if they exit the FaceTime app while the call is ringing", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209600" ], "module": "FaceTime", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD previously Apple TV (4th generation)", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and Mojave 10.14.4" ], "credit": "Ryan Pickren (ryanpickren.com)", "description": "A logic issue was addressed with improved validation.", "id": "CVE-2019-8551", "impact": "Processing maliciously crafted web content may lead to universal cross site scripting", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209601", "https://support.apple.com/en-us/HT209603", "https://support.apple.com/en-us/HT209604", "https://support.apple.com/en-us/HT209605" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD previously Apple TV (4th generation)", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.3" ], "credit": "Mohamed Ghannam (@_simo36)", "description": "A memory initialization issue was addressed with improved memory handling.", "id": "CVE-2019-8552", "impact": "A malicious application may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209600", "https://support.apple.com/en-us/HT209601", "https://support.apple.com/en-us/HT209602" ], "module": "configd", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD previously Apple TV (4th generation)", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "an anonymous researcher", "description": "A memory corruption issue was addressed with improved validation.", "id": "CVE-2019-8553", "impact": "Clicking a malicious SMS link may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209601", "https://support.apple.com/en-us/HT209602" ], "module": "GeoServices", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "an anonymous researcher", "description": "A permissions issue existed in the handling of motion and orientation data. This issue was addressed with improved restrictions.", "id": "CVE-2019-8554", "impact": "A website may be able to access sensor information without user consent", "links": [ "https://support.apple.com/en-us/HT209599" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.3" ], "credit": "Zhiyi Zhang of 360 ESG Codesafe Team, Zhuo Liang and shrek_wzw of Qihoo 360 Nirvan Team", "description": "A buffer overflow was addressed with improved size validation.", "id": "CVE-2019-8555", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT209600" ], "module": "AppleGraphicsControl", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD previously Apple TV (4th generation)", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and Mojave 10.14.4" ], "credit": "Apple", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2019-8556", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209601", "https://support.apple.com/en-us/HT209603", "https://support.apple.com/en-us/HT209604", "https://support.apple.com/en-us/HT209605" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD previously Apple TV (4th generation)", "Apple Watch Series 1 and later", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and Mojave 10.14.4" ], "credit": "Samuel Gro\u00df of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8558", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209601", "https://support.apple.com/en-us/HT209602", "https://support.apple.com/en-us/HT209603", "https://support.apple.com/en-us/HT209604", "https://support.apple.com/en-us/HT209605" ], "module": "WebKit", "rsr": "", "update": "May 30, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD previously Apple TV (4th generation)", "Apple Watch Series 1 and later", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and Mojave 10.14.4" ], "credit": "Apple", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8559", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209601", "https://support.apple.com/en-us/HT209602", "https://support.apple.com/en-us/HT209603", "https://support.apple.com/en-us/HT209604", "https://support.apple.com/en-us/HT209605" ], "module": "WebKit", "rsr": "", "update": "May 30, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS Mojave 10.14.4, macOS High Sierra 10.13.6" ], "credit": "Nikita Pupyshev of Bauman Moscow State Technological University", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2019-8560", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT210118", "https://support.apple.com/en-us/HT210119", "https://support.apple.com/en-us/HT210120", "https://support.apple.com/en-us/HT210122" ], "module": "Disk Images", "rsr": "", "update": "May 30, 2019" }, { "available": [ "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.3" ], "credit": "Jaron Bradley of Crowdstrike", "description": "A logic issue was addressed with improved validation.", "id": "CVE-2019-8561", "impact": "A malicious application may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/HT209600" ], "module": "PackageKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD previously Apple TV (4th generation)", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and Mojave 10.14.4" ], "credit": "Wen Xu of SSLab at Georgia Tech and Hanqing Zhao of Chaitin Security Research Lab", "description": "A memory corruption issue was addressed with improved validation.", "id": "CVE-2019-8562", "impact": "A sandboxed process may be able to circumvent sandbox restrictions", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209601", "https://support.apple.com/en-us/HT209603", "https://support.apple.com/en-us/HT209604" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD previously Apple TV (4th generation)", "Apple Watch Series 1 and later", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and Mojave 10.14.4" ], "credit": "Apple", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8563", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209601", "https://support.apple.com/en-us/HT209602", "https://support.apple.com/en-us/HT209603", "https://support.apple.com/en-us/HT209604", "https://support.apple.com/en-us/HT209605" ], "module": "WebKit", "rsr": "", "update": "May 30, 2019" }, { "available": [ "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.3" ], "credit": "Hugues Anguelkov during an internship at Quarkslab", "description": "A logic issue was addressed with improved validation.", "id": "CVE-2019-8564", "impact": "An attacker in a privileged network position can modify driver state", "links": [ "https://support.apple.com/en-us/HT209600" ], "module": "Wi-Fi", "rsr": "", "update": "April 15, 2019" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.3" ], "credit": "CodeColorist of Ant-Financial LightYear Labs", "description": "A race condition was addressed with additional validation.", "id": "CVE-2019-8565", "impact": "A malicious application may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209600" ], "module": "Feedback Assistant", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "an anonymous researcher", "description": "An API issue existed in the handling of microphone data. This issue was addressed with improved validation.", "id": "CVE-2019-8566", "impact": "A malicious application may be able to access the microphone without indication to the user", "links": [ "https://support.apple.com/en-us/HT209599" ], "module": "ReplayKit", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.3" ], "credit": "David Kreitschmann and Milan Stute of Secure Mobile Networking Lab at Technische Universit\u00e4t Darmstadt", "description": "A user privacy issue was addressed by removing the broadcast MAC address.", "id": "CVE-2019-8567", "impact": "A device may be passively tracked by its Wi-Fi MAC address", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209600" ], "module": "Wi-Fi", "rsr": "", "update": "August 1, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.4" ], "credit": "Dany Lisiansky (@DanyL931)", "description": "A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks.", "id": "CVE-2019-8568", "impact": "A local user may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/HT210118", "https://support.apple.com/en-us/HT210119", "https://support.apple.com/en-us/HT210120", "https://support.apple.com/en-us/HT210122" ], "module": "MobileInstallation", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.3", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6" ], "credit": "Viktor Oreshkin (@stek29)", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2019-8569", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT209600", "https://support.apple.com/en-us/HT210119" ], "module": "Touch Bar Support", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV (4th generation)", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and macOS Mojave 10.14.3" ], "credit": "James Lee (@Windowsrcer) of S2SWWW.com", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2019-8570", "impact": "Processing maliciously crafted web content may disclose sensitive user information", "links": [ "https://support.apple.com/en-us/HT209443", "https://support.apple.com/en-us/HT209447", "https://support.apple.com/en-us/HT209449", "https://support.apple.com/en-us/HT209450", "https://support.apple.com/en-us/HT209451" ], "module": "WebKit", "rsr": "", "update": "April 3, 2019, updated September 11, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 version 18362.145 or higher", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.4", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and included in macOS Mojave 10.14.5" ], "credit": "01 working with Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8571", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210118", "https://support.apple.com/en-us/HT210119", "https://support.apple.com/en-us/HT210120", "https://support.apple.com/en-us/HT210123", "https://support.apple.com/en-us/HT210124", "https://support.apple.com/en-us/HT210125", "https://support.apple.com/en-us/HT210212" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "AirPort Express, AirPort Extreme, and AirPort Time Capsule base stations with 802.11n", "AirPort Extreme and AirPort Time Capsule base stations with 802.11ac" ], "credit": "Maxime Villard", "description": "A null pointer dereference was addressed with improved input validation.", "id": "CVE-2019-8572", "impact": "A remote attacker may be able to cause arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210090", "https://support.apple.com/en-us/HT210091" ], "module": "AirPort Base Station Firmware", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.4" ], "credit": "natashenka of Google Project Zero", "description": "An input validation issue was addressed with improved input validation.", "id": "CVE-2019-8573", "impact": "A remote attacker may be able to cause a system denial of service", "links": [ "https://support.apple.com/en-us/HT210118", "https://support.apple.com/en-us/HT210119", "https://support.apple.com/en-us/HT210122" ], "module": "Messages", "rsr": "", "update": "July 3, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS Mojave 10.14.4, macOS High Sierra 10.13.6" ], "credit": "Dayton Pidhirney (@_watbulb) of Seekintoo (@seekintoo)", "description": "The issue was addressed with improved permissions logic.", "id": "CVE-2019-8574", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT210118", "https://support.apple.com/en-us/HT210119", "https://support.apple.com/en-us/HT210120", "https://support.apple.com/en-us/HT210122" ], "module": "sysdiagnose", "rsr": "", "update": "February 3, 2020" }, { "available": [ "AirPort Express, AirPort Extreme, and AirPort Time Capsule base stations with 802.11n", "AirPort Extreme and AirPort Time Capsule base stations with 802.11ac" ], "credit": "Francesco Ferretti of Magnetic Media Network SpA, joshua stein", "description": "The issue was addressed with improved data deletion.", "id": "CVE-2019-8575", "impact": "A base station factory reset may not delete all user information", "links": [ "https://support.apple.com/en-us/HT210090", "https://support.apple.com/en-us/HT210091" ], "module": "AirPort Base Station Firmware", "rsr": "", "update": "July 2, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.4" ], "credit": "Brandon Azad of Google Project Zero, Junho Jang and Hanul Choi of LINE Security Team", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2019-8576", "impact": "A local user may be able to cause unexpected system termination or read kernel memory", "links": [ "https://support.apple.com/en-us/HT210118", "https://support.apple.com/en-us/HT210119", "https://support.apple.com/en-us/HT210120", "https://support.apple.com/en-us/HT210122" ], "module": "Kernel", "rsr": "", "update": "May 30, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 version 18362.145 or higher", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.4" ], "credit": "Omer Gull of Checkpoint Research", "description": "An input validation issue was addressed with improved memory handling.", "id": "CVE-2019-8577", "impact": "An application may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT210118", "https://support.apple.com/en-us/HT210119", "https://support.apple.com/en-us/HT210120", "https://support.apple.com/en-us/HT210122", "https://support.apple.com/en-us/HT210124", "https://support.apple.com/en-us/HT210125", "https://support.apple.com/en-us/HT210212" ], "module": "SQLite", "rsr": "", "update": "" }, { "available": [ "AirPort Express, AirPort Extreme, and AirPort Time Capsule base stations with 802.11n", "AirPort Extreme and AirPort Time Capsule base stations with 802.11ac" ], "credit": "Maxime Villard", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2019-8578", "impact": "A remote attacker may be able to cause arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210090", "https://support.apple.com/en-us/HT210091" ], "module": "AirPort Base Station Firmware", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.3" ], "credit": "an anonymous researcher", "description": "An input validation issue was addressed with improved memory handling.", "id": "CVE-2019-8579", "impact": "An application may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT209600" ], "module": "Modem CCL", "rsr": "", "update": "April 15, 2019" }, { "available": [ "AirPort Express, AirPort Extreme, and AirPort Time Capsule base stations with 802.11n", "AirPort Extreme and AirPort Time Capsule base stations with 802.11ac" ], "credit": "Maxime Villard", "description": "Source-routed IPv4 packets were disabled by default.", "id": "CVE-2019-8580", "impact": "Source-routed IPv4 packets may be unexpectedly accepted", "links": [ "https://support.apple.com/en-us/HT210090", "https://support.apple.com/en-us/HT210091" ], "module": "AirPort Base Station Firmware", "rsr": "", "update": "" }, { "available": [ "AirPort Express, AirPort Extreme, and AirPort Time Capsule base stations with 802.11n", "AirPort Extreme and AirPort Time Capsule base stations with 802.11ac" ], "credit": "Lucio Albornoz", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2019-8581", "impact": "A remote attacker may be able to leak memory", "links": [ "https://support.apple.com/en-us/HT210090", "https://support.apple.com/en-us/HT210091" ], "module": "AirPort Base Station Firmware", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.4" ], "credit": "riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2019-8582", "impact": "Processing a maliciously crafted font may result in the disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT210118", "https://support.apple.com/en-us/HT210119", "https://support.apple.com/en-us/HT210120", "https://support.apple.com/en-us/HT210124", "https://support.apple.com/en-us/HT210125" ], "module": "CoreText", "rsr": "", "update": "September 12, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 version 18362.145 or higher", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.4", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and included in macOS Mojave 10.14.5" ], "credit": "sakura of Tencent Xuanwu Lab, jessica (@babyjess1ca_) of Tencent Keen Lab, and dwfault working at ADLab of Venustech", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8583", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210118", "https://support.apple.com/en-us/HT210119", "https://support.apple.com/en-us/HT210120", "https://support.apple.com/en-us/HT210122", "https://support.apple.com/en-us/HT210123", "https://support.apple.com/en-us/HT210124", "https://support.apple.com/en-us/HT210125", "https://support.apple.com/en-us/HT210212" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 version 18362.145 or higher", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.4", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and included in macOS Mojave 10.14.5" ], "credit": "G. Geshev of MWR Labs working with Trend Micro Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8584", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210118", "https://support.apple.com/en-us/HT210119", "https://support.apple.com/en-us/HT210120", "https://support.apple.com/en-us/HT210123", "https://support.apple.com/en-us/HT210124", "https://support.apple.com/en-us/HT210125", "https://support.apple.com/en-us/HT210212" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.4" ], "credit": "riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2019-8585", "impact": "Processing a maliciously crafted movie file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210118", "https://support.apple.com/en-us/HT210119", "https://support.apple.com/en-us/HT210120", "https://support.apple.com/en-us/HT210122" ], "module": "CoreAudio", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 version 18362.145 or higher", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.4", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and included in macOS Mojave 10.14.5" ], "credit": "an anonymous researcher", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8586", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210118", "https://support.apple.com/en-us/HT210119", "https://support.apple.com/en-us/HT210120", "https://support.apple.com/en-us/HT210123", "https://support.apple.com/en-us/HT210124", "https://support.apple.com/en-us/HT210125", "https://support.apple.com/en-us/HT210212" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 version 18362.145 or higher", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.4", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and included in macOS Mojave 10.14.5" ], "credit": "G. Geshev working with Trend Micro Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8587", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210118", "https://support.apple.com/en-us/HT210119", "https://support.apple.com/en-us/HT210120", "https://support.apple.com/en-us/HT210123", "https://support.apple.com/en-us/HT210124", "https://support.apple.com/en-us/HT210125", "https://support.apple.com/en-us/HT210212" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "AirPort Express, AirPort Extreme, and AirPort Time Capsule base stations with 802.11n", "AirPort Extreme and AirPort Time Capsule base stations with 802.11ac" ], "credit": "Vince Cali (@0x56)", "description": "A null pointer dereference was addressed with improved input validation.", "id": "CVE-2019-8588", "impact": "A remote attacker may be able to cause a system denial of service", "links": [ "https://support.apple.com/en-us/HT210090", "https://support.apple.com/en-us/HT210091" ], "module": "AirPort Base Station Firmware", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.4" ], "credit": "Andreas Clementi, Stefan Haselwanter, and Peter Stelzhammer of AV-Comparatives", "description": "This issue was addressed with improved checks.", "id": "CVE-2019-8589", "impact": "A malicious application may bypass Gatekeeper checks", "links": [ "https://support.apple.com/en-us/HT210119" ], "module": "DesktopServices", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.4" ], "credit": "The UK\u2019s National Cyber Security Centre (NCSC)", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2019-8590", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT210119" ], "module": "Application Firewall", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.4" ], "credit": "Ned Williamson working with Google Project Zero", "description": "A type confusion issue was addressed with improved memory handling.", "id": "CVE-2019-8591", "impact": "An application may be able to cause unexpected system termination or write kernel memory", "links": [ "https://support.apple.com/en-us/HT210118", "https://support.apple.com/en-us/HT210119", "https://support.apple.com/en-us/HT210120", "https://support.apple.com/en-us/HT210122" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later)", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "iPhone 6s and later", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6", "macOS Sierra 10.12.6, macOS Mojave 10.14.4, macOS High Sierra 10.13.6" ], "credit": "riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2019-8592", "impact": "Playing a malicious audio file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210118", "https://support.apple.com/en-us/HT210119", "https://support.apple.com/en-us/HT210120", "https://support.apple.com/en-us/HT210122", "https://support.apple.com/en-us/HT210604", "https://support.apple.com/en-us/HT210606", "https://support.apple.com/en-us/HT210634", "https://support.apple.com/en-us/HT210722" ], "module": "CoreAudio", "rsr": "", "update": "November 6, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Dany Lisiansky (@DanyL931)", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2019-8593", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT210118", "https://support.apple.com/en-us/HT210120", "https://support.apple.com/en-us/HT210122" ], "module": "AppleFileConduit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 version 18362.145 or higher", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.4", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and included in macOS Mojave 10.14.5" ], "credit": "Suyoung Lee and Sooel Son of KAIST Web Security & Privacy Lab and HyungSeok Han and Sang Kil Cha of KAIST SoftSec Lab", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8594", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210118", "https://support.apple.com/en-us/HT210119", "https://support.apple.com/en-us/HT210120", "https://support.apple.com/en-us/HT210123", "https://support.apple.com/en-us/HT210124", "https://support.apple.com/en-us/HT210125", "https://support.apple.com/en-us/HT210212" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 version 18362.145 or higher", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.4", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and included in macOS Mojave 10.14.5" ], "credit": "G. Geshev from MWR Labs working with Trend Micro Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8595", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210118", "https://support.apple.com/en-us/HT210119", "https://support.apple.com/en-us/HT210120", "https://support.apple.com/en-us/HT210123", "https://support.apple.com/en-us/HT210124", "https://support.apple.com/en-us/HT210125", "https://support.apple.com/en-us/HT210212" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 version 18362.145 or higher", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.4", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and included in macOS Mojave 10.14.5" ], "credit": "Wen Xu of SSLab at Georgia Tech", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8596", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210118", "https://support.apple.com/en-us/HT210119", "https://support.apple.com/en-us/HT210120", "https://support.apple.com/en-us/HT210123", "https://support.apple.com/en-us/HT210124", "https://support.apple.com/en-us/HT210125", "https://support.apple.com/en-us/HT210212" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 version 18362.145 or higher", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.4", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and included in macOS Mojave 10.14.5" ], "credit": "01 working with Trend Micro Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8597", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210118", "https://support.apple.com/en-us/HT210119", "https://support.apple.com/en-us/HT210120", "https://support.apple.com/en-us/HT210123", "https://support.apple.com/en-us/HT210124", "https://support.apple.com/en-us/HT210125", "https://support.apple.com/en-us/HT210212" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 version 18362.145 or higher", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.4" ], "credit": "Omer Gull of Checkpoint Research", "description": "An input validation issue was addressed with improved input validation.", "id": "CVE-2019-8598", "impact": "A malicious application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT210118", "https://support.apple.com/en-us/HT210119", "https://support.apple.com/en-us/HT210120", "https://support.apple.com/en-us/HT210122", "https://support.apple.com/en-us/HT210124", "https://support.apple.com/en-us/HT210125", "https://support.apple.com/en-us/HT210212" ], "module": "SQLite", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Jeremy Pe\u00f1a-Lopez (aka Radio) of the University of North Florida", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2019-8599", "impact": "A person with physical access to an iOS device may be able to see the email address used for iTunes", "links": [ "https://support.apple.com/en-us/HT210118" ], "module": "Lock Screen", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 version 18362.145 or higher", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.4" ], "credit": "Omer Gull of Checkpoint Research", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2019-8600", "impact": "A maliciously crafted SQL query may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210118", "https://support.apple.com/en-us/HT210119", "https://support.apple.com/en-us/HT210120", "https://support.apple.com/en-us/HT210122", "https://support.apple.com/en-us/HT210124", "https://support.apple.com/en-us/HT210125", "https://support.apple.com/en-us/HT210212" ], "module": "SQLite", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 version 18362.145 or higher", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.4", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and included in macOS Mojave 10.14.5" ], "credit": "Fluoroacetate working with Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8601", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210118", "https://support.apple.com/en-us/HT210119", "https://support.apple.com/en-us/HT210120", "https://support.apple.com/en-us/HT210122", "https://support.apple.com/en-us/HT210123", "https://support.apple.com/en-us/HT210124", "https://support.apple.com/en-us/HT210125", "https://support.apple.com/en-us/HT210212" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 version 18362.145 or higher", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.4" ], "credit": "Omer Gull of Checkpoint Research", "description": "A memory corruption issue was addressed by removing the vulnerable code.", "id": "CVE-2019-8602", "impact": "A malicious application may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/HT210118", "https://support.apple.com/en-us/HT210119", "https://support.apple.com/en-us/HT210120", "https://support.apple.com/en-us/HT210122", "https://support.apple.com/en-us/HT210124", "https://support.apple.com/en-us/HT210125", "https://support.apple.com/en-us/HT210212" ], "module": "SQLite", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.4" ], "credit": "Phoenhex and qwerty (@_niklasb, @qwertyoruiopz, @bkth_) working with Trend Micro's Zero Day Initiative", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2019-8603", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT210119" ], "module": "Accessibility Framework", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.4" ], "credit": "Fluoroacetate working with Trend Micro's Zero Day Initiative", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2019-8604", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT210119" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.6" ], "credit": "Ned Williamson working with Google Project Zero", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2019-8605", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT210122", "https://support.apple.com/en-us/HT210548", "https://support.apple.com/en-us/HT210549", "https://support.apple.com/en-us/HT210550" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.6, macOS Mojave 10.14.4" ], "credit": "Phoenhex and qwerty (@_niklasb, @qwertyoruiopz, @bkth_) working with Trend Micro's Zero Day Initiative", "description": "A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks.", "id": "CVE-2019-8606", "impact": "A local user may be able to load unsigned kernel extensions", "links": [ "https://support.apple.com/en-us/HT210119" ], "module": "IOKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 version 18362.145 or higher", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.4", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and included in macOS Mojave 10.14.5" ], "credit": "Junho Jang and Hanul Choi of LINE Security Team", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2019-8607", "impact": "Processing maliciously crafted web content may result in the disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT210118", "https://support.apple.com/en-us/HT210119", "https://support.apple.com/en-us/HT210120", "https://support.apple.com/en-us/HT210122", "https://support.apple.com/en-us/HT210123", "https://support.apple.com/en-us/HT210124", "https://support.apple.com/en-us/HT210125", "https://support.apple.com/en-us/HT210212" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 version 18362.145 or higher", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.4", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and included in macOS Mojave 10.14.5" ], "credit": "G. Geshev working with Trend Micro Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8608", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210118", "https://support.apple.com/en-us/HT210119", "https://support.apple.com/en-us/HT210120", "https://support.apple.com/en-us/HT210123", "https://support.apple.com/en-us/HT210124", "https://support.apple.com/en-us/HT210125", "https://support.apple.com/en-us/HT210212" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 version 18362.145 or higher", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.4", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and included in macOS Mojave 10.14.5" ], "credit": "Wen Xu of SSLab, Georgia Tech", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8609", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210118", "https://support.apple.com/en-us/HT210119", "https://support.apple.com/en-us/HT210120", "https://support.apple.com/en-us/HT210123", "https://support.apple.com/en-us/HT210124", "https://support.apple.com/en-us/HT210125", "https://support.apple.com/en-us/HT210212" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 version 18362.145 or higher", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.4", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and included in macOS Mojave 10.14.5" ], "credit": "Anonymous working with Trend Micro Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8610", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210118", "https://support.apple.com/en-us/HT210119", "https://support.apple.com/en-us/HT210120", "https://support.apple.com/en-us/HT210123", "https://support.apple.com/en-us/HT210124", "https://support.apple.com/en-us/HT210125", "https://support.apple.com/en-us/HT210212" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 version 18362.145 or higher", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.4", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and included in macOS Mojave 10.14.5" ], "credit": "Samuel Gro\u00df of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8611", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210118", "https://support.apple.com/en-us/HT210119", "https://support.apple.com/en-us/HT210120", "https://support.apple.com/en-us/HT210123", "https://support.apple.com/en-us/HT210124", "https://support.apple.com/en-us/HT210125", "https://support.apple.com/en-us/HT210212" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.4", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6" ], "credit": "Milan Stute of Secure Mobile Networking Lab at Technische Universit\u00e4t Darmstadt", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2019-8612", "impact": "An attacker in a privileged network position can modify driver state", "links": [ "https://support.apple.com/en-us/HT209600", "https://support.apple.com/en-us/HT210118", "https://support.apple.com/en-us/HT210119", "https://support.apple.com/en-us/HT210120", "https://support.apple.com/en-us/HT210122" ], "module": "Wi-Fi", "rsr": "", "update": "May 30, 2019" }, { "available": [ "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "natashenka of Google Project Zero", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2019-8613", "impact": "A remote attacker may be able to cause arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210118", "https://support.apple.com/en-us/HT210122" ], "module": "Mail Message Framework", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 version 18362.145 or higher", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.4", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and included in macOS Mojave 10.14.5" ], "credit": "G. Geshev from MWR Labs working with Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8615", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210118", "https://support.apple.com/en-us/HT210119", "https://support.apple.com/en-us/HT210120", "https://support.apple.com/en-us/HT210123", "https://support.apple.com/en-us/HT210124", "https://support.apple.com/en-us/HT210125", "https://support.apple.com/en-us/HT210212" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.4" ], "credit": "Lilang Wu and Moony Li of Trend Micro Mobile Security Research Team working with Trend Micro's Zero Day Initiative", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2019-8616", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT210119" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "an anonymous researcher", "description": "An access issue was addressed with additional sandbox restrictions.", "id": "CVE-2019-8617", "impact": "A sandboxed process may be able to circumvent sandbox restrictions", "links": [ "https://support.apple.com/en-us/HT210118" ], "module": "Photos Storage", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD previously Apple TV (4th generation)", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.3" ], "credit": "Brandon Azad", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2019-8618", "impact": "A sandboxed process may be able to circumvent sandbox restrictions", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209600", "https://support.apple.com/en-us/HT209601", "https://support.apple.com/en-us/HT209602" ], "module": "Sandbox", "rsr": "", "update": "May 30, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 version 18362.145 or higher", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.4", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and included in macOS Mojave 10.14.5" ], "credit": "Wen Xu of SSLab at Georgia Tech and Hanqing Zhao of Chaitin Security Research Lab", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8619", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210118", "https://support.apple.com/en-us/HT210119", "https://support.apple.com/en-us/HT210120", "https://support.apple.com/en-us/HT210123", "https://support.apple.com/en-us/HT210124", "https://support.apple.com/en-us/HT210125", "https://support.apple.com/en-us/HT210212" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "David Kreitschmann and Milan Stute of Secure Mobile Networking Lab at Technische Universit\u00e4t Darmstadt", "description": "A user privacy issue was addressed by removing the broadcast MAC address.", "id": "CVE-2019-8620", "impact": "A device may be passively tracked by its Wi-Fi MAC address", "links": [ "https://support.apple.com/en-us/HT210118", "https://support.apple.com/en-us/HT210120", "https://support.apple.com/en-us/HT210122" ], "module": "Wi-Fi", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 version 18362.145 or higher", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.4", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and included in macOS Mojave 10.14.5" ], "credit": "Samuel Gro\u00df of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8622", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210118", "https://support.apple.com/en-us/HT210119", "https://support.apple.com/en-us/HT210120", "https://support.apple.com/en-us/HT210122", "https://support.apple.com/en-us/HT210123", "https://support.apple.com/en-us/HT210124", "https://support.apple.com/en-us/HT210125", "https://support.apple.com/en-us/HT210212" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 version 18362.145 or higher", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.4", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and included in macOS Mojave 10.14.5" ], "credit": "Samuel Gro\u00df of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8623", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210118", "https://support.apple.com/en-us/HT210119", "https://support.apple.com/en-us/HT210120", "https://support.apple.com/en-us/HT210122", "https://support.apple.com/en-us/HT210123", "https://support.apple.com/en-us/HT210124", "https://support.apple.com/en-us/HT210125", "https://support.apple.com/en-us/HT210212" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 1 and later" ], "credit": "Natalie Silvanovich of Google Project Zero", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2019-8624", "impact": "A remote attacker may be able to leak memory", "links": [ "https://support.apple.com/en-us/HT210353" ], "module": "Digital Touch", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later", "macOS Mojave 10.14.6 and macOS High Sierra 10.13.6" ], "credit": "Sergei Glazunov of Google Project Zero", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2019-8625", "impact": "Processing maliciously crafted web content may lead to universal cross site scripting", "links": [ "https://support.apple.com/en-us/HT210604", "https://support.apple.com/en-us/HT210606", "https://support.apple.com/en-us/HT210608", "https://support.apple.com/en-us/HT210635", "https://support.apple.com/en-us/HT210636", "https://support.apple.com/en-us/HT210637" ], "module": "WebKit", "rsr": "", "update": "October 29, 2019" }, { "available": [ "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "natashenka of Google Project Zero", "description": "An input validation issue was addressed with improved input validation.", "id": "CVE-2019-8626", "impact": "Processing a maliciously crafted message may lead to a denial of service", "links": [ "https://support.apple.com/en-us/HT210118", "https://support.apple.com/en-us/HT210122" ], "module": "Mail", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 version 18362.145 or higher", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.4", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and included in macOS Mojave 10.14.5" ], "credit": "Wen Xu of SSLab at Georgia Tech and Hanqing Zhao of Chaitin Security Research Lab", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8628", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210118", "https://support.apple.com/en-us/HT210119", "https://support.apple.com/en-us/HT210120", "https://support.apple.com/en-us/HT210123", "https://support.apple.com/en-us/HT210124", "https://support.apple.com/en-us/HT210125", "https://support.apple.com/en-us/HT210212" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.6, macOS Mojave 10.14.4" ], "credit": "Arash Tohidi of Solita Oy", "description": "A memory initialization issue was addressed with improved memory handling.", "id": "CVE-2019-8629", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT210119" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Jon M. Morlan", "description": "The issue was addressed with improved UI handling.", "id": "CVE-2019-8630", "impact": "The lock screen may show a locked icon after unlocking", "links": [ "https://support.apple.com/en-us/HT210118" ], "module": "Status Bar", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.4" ], "credit": "Jamie Bishop of Dynastic", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2019-8631", "impact": "Users removed from an iMessage conversation may still be able to alter state", "links": [ "https://support.apple.com/en-us/HT210118", "https://support.apple.com/en-us/HT210119", "https://support.apple.com/en-us/HT210120" ], "module": "Messages", "rsr": "", "update": "August 1, 2019" }, { "available": [ "Android version 4.1 and later", "iOS 9.0 and later" ], "credit": "David Coomber of Info-Sec.CA", "description": "Some analytics data was sent using HTTP rather than HTTPS. This was addressed by no longer sending this analytics data.", "id": "CVE-2019-8632", "impact": "An attacker in a privileged network position may be able to intercept analytics data", "links": [ "https://support.apple.com/en-us/HT210110", "https://support.apple.com/en-us/HT210111" ], "module": "Privacy", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.4, macOS High Sierra 10.13.6" ], "credit": "Zhuo Liang of Qihoo 360 Vulcan Team", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2019-8633", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT210118", "https://support.apple.com/en-us/HT210119", "https://support.apple.com/en-us/HT210120", "https://support.apple.com/en-us/HT210353" ], "module": "Kernel", "rsr": "", "update": "September 17, 2019" }, { "available": [ "macOS Mojave 10.14.4" ], "credit": "Jenny Sprenger and Maik Hoepfel", "description": "An authentication issue was addressed with improved state management.", "id": "CVE-2019-8634", "impact": "A user may be unexpectedly logged in to another user\u2019s account", "links": [ "https://support.apple.com/en-us/HT210119" ], "module": "EFI", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.4" ], "credit": "Lilang Wu and Moony Li of TrendMicro Mobile Security Research Team working with Trend Micro's Zero Day Initiative", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2019-8635", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT210119" ], "module": "AMD", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "Dany Lisiansky (@DanyL931)", "description": "An input validation issue was addressed with improved input validation.", "id": "CVE-2019-8637", "impact": "A malicious application may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/HT210118", "https://support.apple.com/en-us/HT210120", "https://support.apple.com/en-us/HT210122" ], "module": "MobileLockdown", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD previously Apple TV (4th generation)", "Apple Watch Series 1 and later", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and Mojave 10.14.4" ], "credit": "found by OSS-Fuzz", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8638", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209601", "https://support.apple.com/en-us/HT209602", "https://support.apple.com/en-us/HT209603", "https://support.apple.com/en-us/HT209604", "https://support.apple.com/en-us/HT209605" ], "module": "WebKit", "rsr": "", "update": "May 30, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD previously Apple TV (4th generation)", "Apple Watch Series 1 and later", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and Mojave 10.14.4" ], "credit": "found by OSS-Fuzz", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8639", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209601", "https://support.apple.com/en-us/HT209602", "https://support.apple.com/en-us/HT209603", "https://support.apple.com/en-us/HT209604", "https://support.apple.com/en-us/HT209605" ], "module": "WebKit", "rsr": "", "update": "May 30, 2019" }, { "available": [ "macOS Mojave 10.14.4" ], "credit": "Ash Fox of Fitbit Product Security", "description": "A logic issue was addressed with improved validation.", "id": "CVE-2019-8640", "impact": "A sandboxed process may be able to circumvent sandbox restrictions", "links": [ "https://support.apple.com/en-us/HT210119" ], "module": "Archive Utility", "rsr": "", "update": "August 1, 2019" }, { "available": [ "Apple Watch Series 1 and Apple Watch Series 2", "iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPad touch 6th generation", "iPhone 6s and later", "macOS Sierra 10.12.6, macOS Mojave 10.14.6, macOS High Sierra 10.13.6" ], "credit": "Samuel Gro\u00df and natashenka of Google Project Zero", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2019-8641", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT210588", "https://support.apple.com/en-us/HT210589", "https://support.apple.com/en-us/HT210590", "https://support.apple.com/en-us/HT210606" ], "module": "Foundation", "rsr": "", "update": "February 11, 2020" }, { "available": [ "macOS Mojave 10.14.3" ], "credit": "Maya Sigal of Freie Universit\u00e4t Berlin and Volker Roth of Freie Universit\u00e4t Berlin", "description": "An issue existed in the handling of S-MIME certificates. This issue was addressed with improved validation of S-MIME certificates.", "id": "CVE-2019-8642", "impact": "Processing a maliciously crafted mail message may lead to S/MIME signature spoofing", "links": [ "https://support.apple.com/en-us/HT209600" ], "module": "Mail", "rsr": "", "update": "August 1, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later", "macOS Mojave 10.14.5", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and included in macOS Mojave 10.14.6" ], "credit": "G. Geshev working with Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8644", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210346", "https://support.apple.com/en-us/HT210348", "https://support.apple.com/en-us/HT210351", "https://support.apple.com/en-us/HT210355", "https://support.apple.com/en-us/HT210356", "https://support.apple.com/en-us/HT210357", "https://support.apple.com/en-us/HT210358" ], "module": "WebKit", "rsr": "", "update": "September 17, 2019" }, { "available": [ "macOS Mojave 10.14.3" ], "credit": "Maya Sigal of Freie Universit\u00e4t Berlin and Volker Roth of Freie Universit\u00e4t Berlin", "description": "An issue existed in the handling of encrypted Mail. This issue was addressed with improved isolation of MIME in Mail.", "id": "CVE-2019-8645", "impact": "An attacker in a privileged network position may be able to intercept the contents of S/MIME-encrypted e-mail", "links": [ "https://support.apple.com/en-us/HT209600" ], "module": "Mail", "rsr": "", "update": "August 1, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later", "macOS Mojave 10.14.5" ], "credit": "natashenka of Google Project Zero", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2019-8646", "impact": "A remote attacker may be able to leak memory", "links": [ "https://support.apple.com/en-us/HT210346", "https://support.apple.com/en-us/HT210348", "https://support.apple.com/en-us/HT210351", "https://support.apple.com/en-us/HT210353" ], "module": "Core Data", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later" ], "credit": "Samuel Gro\u00df and natashenka of Google Project Zero", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2019-8647", "impact": "A remote attacker may be able to cause arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210346", "https://support.apple.com/en-us/HT210351", "https://support.apple.com/en-us/HT210353" ], "module": "Core Data", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later", "macOS Mojave 10.14.5" ], "credit": "Tao Huang and Tielei Wang of Team Pangu", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2019-8648", "impact": "A remote attacker may be able to cause arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210346", "https://support.apple.com/en-us/HT210348", "https://support.apple.com/en-us/HT210353" ], "module": "FaceTime", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later", "macOS Mojave 10.14.5", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and included in macOS Mojave 10.14.6" ], "credit": "Sergei Glazunov of Google Project Zero", "description": "A logic issue existed in the handling of synchronous page loads. This issue was addressed with improved state management.", "id": "CVE-2019-8649", "impact": "Processing maliciously crafted web content may lead to universal cross site scripting", "links": [ "https://support.apple.com/en-us/HT210346", "https://support.apple.com/en-us/HT210348", "https://support.apple.com/en-us/HT210351", "https://support.apple.com/en-us/HT210355", "https://support.apple.com/en-us/HT210356", "https://support.apple.com/en-us/HT210357", "https://support.apple.com/en-us/HT210358" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6" ], "credit": "Juno Im (@junorouse) of Theori", "description": "An inconsistent user interface issue was addressed with improved state management.", "id": "CVE-2019-8654", "impact": "Visiting a malicious website may lead to user interface spoofing", "links": [ "https://support.apple.com/en-us/HT210605" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.6, macOS Mojave 10.14.5, macOS High Sierra 10.13.6" ], "credit": "Filippo Cavallarin", "description": "This was addressed with additional checks by Gatekeeper on files mounted through a network share.", "id": "CVE-2019-8656", "impact": "Extracting a zip file containing a symbolic link to an endpoint in an NFS mount that is attacker controlled may bypass Gatekeeper", "links": [ "https://support.apple.com/en-us/HT210348" ], "module": "autofs", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.5" ], "credit": "riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2019-8657", "impact": "Parsing a maliciously crafted office document may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210346", "https://support.apple.com/en-us/HT210348", "https://support.apple.com/en-us/HT210351", "https://support.apple.com/en-us/HT210353" ], "module": "UIFoundation", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later", "macOS Mojave 10.14.5", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and included in macOS Mojave 10.14.6" ], "credit": "akayn working with Trend Micro's Zero Day Initiative", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2019-8658", "impact": "Processing maliciously crafted web content may lead to universal cross site scripting", "links": [ "https://support.apple.com/en-us/HT210346", "https://support.apple.com/en-us/HT210348", "https://support.apple.com/en-us/HT210351", "https://support.apple.com/en-us/HT210353", "https://support.apple.com/en-us/HT210355", "https://support.apple.com/en-us/HT210356", "https://support.apple.com/en-us/HT210357", "https://support.apple.com/en-us/HT210358" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 1 and later" ], "credit": "Ryan Kontos (@ryanjkontos), Will Christensen of University of Oregon", "description": "This issue was addressed with improved checks.", "id": "CVE-2019-8659", "impact": "Users removed from an iMessage conversation may still be able to alter state", "links": [ "https://support.apple.com/en-us/HT210353" ], "module": "Messages", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later", "macOS Mojave 10.14.5" ], "credit": "Samuel Gro\u00df and natashenka of Google Project Zero", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2019-8660", "impact": "A remote attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210346", "https://support.apple.com/en-us/HT210348", "https://support.apple.com/en-us/HT210351", "https://support.apple.com/en-us/HT210353" ], "module": "Core Data", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.5" ], "credit": "natashenka of Google Project Zero", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2019-8661", "impact": "A remote attacker may be able to cause arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210348" ], "module": "Carbon Core", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.5" ], "credit": "natashenka and Samuel Gro\u00df of Google Project Zero", "description": "This issue was addressed with improved checks.", "id": "CVE-2019-8662", "impact": "An attacker may be able to trigger a use-after-free in an application deserializing an untrusted NSDictionary", "links": [ "https://support.apple.com/en-us/HT210346", "https://support.apple.com/en-us/HT210348", "https://support.apple.com/en-us/HT210351", "https://support.apple.com/en-us/HT210353" ], "module": "Quick Look", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later", "macOS Mojave 10.14.5" ], "credit": "natashenka of Google Project Zero", "description": "This issue was addressed with improved checks.", "id": "CVE-2019-8663", "impact": "A remote attacker may be able to leak memory", "links": [ "https://support.apple.com/en-us/HT210346", "https://support.apple.com/en-us/HT210348" ], "module": "Found in Apps", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation" ], "credit": "natashenka of Google Project Zero", "description": "An input validation issue was addressed with improved input validation.", "id": "CVE-2019-8664", "impact": "Processing a maliciously crafted message may lead to a denial of service", "links": [ "https://support.apple.com/en-us/HT210118", "https://support.apple.com/en-us/HT210122" ], "module": "Messages", "rsr": "", "update": "August 1, 2019" }, { "available": [ "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later" ], "credit": "Michael Hernandez of XYZ Marketing", "description": "A denial of service issue was addressed with improved validation.", "id": "CVE-2019-8665", "impact": "A remote attacker may cause an unexpected application termination", "links": [ "https://support.apple.com/en-us/HT210346", "https://support.apple.com/en-us/HT210353" ], "module": "Messages", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later", "macOS Mojave 10.14.5", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and included in macOS Mojave 10.14.6" ], "credit": "Zongming Wang (\u738b\u5b97\u660e) and Zhe Jin (\u91d1\u54f2) from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd.", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8666", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210346", "https://support.apple.com/en-us/HT210348", "https://support.apple.com/en-us/HT210351", "https://support.apple.com/en-us/HT210355", "https://support.apple.com/en-us/HT210356", "https://support.apple.com/en-us/HT210357", "https://support.apple.com/en-us/HT210358" ], "module": "WebKit", "rsr": "", "update": "September 17, 2019" }, { "available": [ "macOS Mojave 10.14.5" ], "credit": "Roland Kletzing of cyber:con GmbH", "description": "An inconsistent user interface issue was addressed with improved state management.", "id": "CVE-2019-8667", "impact": "The encryption status of a Time Machine backup may be incorrect", "links": [ "https://support.apple.com/en-us/HT210348" ], "module": "Time Machine", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later" ], "credit": "an anonymous researcher", "description": "A denial of service issue was addressed with improved validation.", "id": "CVE-2019-8668", "impact": "Processing a maliciously crafted image may lead to a denial of service", "links": [ "https://support.apple.com/en-us/HT210346", "https://support.apple.com/en-us/HT210351", "https://support.apple.com/en-us/HT210353" ], "module": "Image Processing", "rsr": "", "update": "October 8, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later", "macOS Mojave 10.14.5", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and included in macOS Mojave 10.14.6" ], "credit": "akayn working with Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8669", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210346", "https://support.apple.com/en-us/HT210348", "https://support.apple.com/en-us/HT210351", "https://support.apple.com/en-us/HT210353", "https://support.apple.com/en-us/HT210355", "https://support.apple.com/en-us/HT210356", "https://support.apple.com/en-us/HT210357", "https://support.apple.com/en-us/HT210358" ], "module": "WebKit", "rsr": "", "update": "September 17, 2019" }, { "available": [ "macOS Mojave 10.14.5", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and included in macOS Mojave 10.14.6" ], "credit": "Tsubasa FUJII (@reinforchu)", "description": "An inconsistent user interface issue was addressed with improved state management.", "id": "CVE-2019-8670", "impact": "Visiting a malicious website may lead to address bar spoofing", "links": [ "https://support.apple.com/en-us/HT210348", "https://support.apple.com/en-us/HT210355" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later", "macOS Mojave 10.14.5", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and included in macOS Mojave 10.14.6" ], "credit": "Apple", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8671", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210346", "https://support.apple.com/en-us/HT210348", "https://support.apple.com/en-us/HT210351", "https://support.apple.com/en-us/HT210355", "https://support.apple.com/en-us/HT210356", "https://support.apple.com/en-us/HT210357", "https://support.apple.com/en-us/HT210358" ], "module": "WebKit", "rsr": "", "update": "September 17, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later", "macOS Mojave 10.14.5", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and included in macOS Mojave 10.14.6" ], "credit": "Samuel Gro\u00df of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8672", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210346", "https://support.apple.com/en-us/HT210348", "https://support.apple.com/en-us/HT210351", "https://support.apple.com/en-us/HT210353", "https://support.apple.com/en-us/HT210355", "https://support.apple.com/en-us/HT210356", "https://support.apple.com/en-us/HT210357", "https://support.apple.com/en-us/HT210358" ], "module": "WebKit", "rsr": "", "update": "September 17, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later", "macOS Mojave 10.14.5", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and included in macOS Mojave 10.14.6" ], "credit": "Soyeon Park and Wen Xu of SSLab at Georgia Tech", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8673", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210346", "https://support.apple.com/en-us/HT210348", "https://support.apple.com/en-us/HT210351", "https://support.apple.com/en-us/HT210355", "https://support.apple.com/en-us/HT210356", "https://support.apple.com/en-us/HT210357", "https://support.apple.com/en-us/HT210358" ], "module": "WebKit", "rsr": "", "update": "September 17, 2019" }, { "available": [ "iPhone 6s and later", "macOS Mojave 10.14.6 and macOS High Sierra 10.13.6" ], "credit": "Sergei Glazunov of Google Project Zero", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2019-8674", "impact": "Processing maliciously crafted web content may lead to universal cross site scripting", "links": [ "https://support.apple.com/en-us/HT210606", "https://support.apple.com/en-us/HT210608" ], "module": "WebKit Page Loading", "rsr": "", "update": "October 8, 2019" }, { "available": [ "macOS Sierra 10.12.6, macOS Mojave 10.14.5, macOS High Sierra 10.13.6" ], "credit": "Stephan Zeisberg (github.com/stze) of Security Research Labs (srlabs.de)", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2019-8675", "impact": "An attacker in a privileged network position may be able to execute arbitrary code", "links": [ "https://support.apple.com/en-us/HT210348" ], "module": "CUPS", "rsr": "", "update": "August 14, 2019, updated September 17, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later", "macOS Mojave 10.14.5", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and included in macOS Mojave 10.14.6" ], "credit": "Soyeon Park and Wen Xu of SSLab at Georgia Tech", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8676", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210346", "https://support.apple.com/en-us/HT210348", "https://support.apple.com/en-us/HT210351", "https://support.apple.com/en-us/HT210353", "https://support.apple.com/en-us/HT210355", "https://support.apple.com/en-us/HT210356", "https://support.apple.com/en-us/HT210357", "https://support.apple.com/en-us/HT210358" ], "module": "WebKit", "rsr": "", "update": "September 17, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later", "macOS Mojave 10.14.5", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and included in macOS Mojave 10.14.6" ], "credit": "Jihui Lu of Tencent KeenLab", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8677", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210346", "https://support.apple.com/en-us/HT210348", "https://support.apple.com/en-us/HT210351", "https://support.apple.com/en-us/HT210355", "https://support.apple.com/en-us/HT210356", "https://support.apple.com/en-us/HT210357", "https://support.apple.com/en-us/HT210358" ], "module": "WebKit", "rsr": "", "update": "September 17, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later", "macOS Mojave 10.14.5", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and included in macOS Mojave 10.14.6" ], "credit": "Anthony Lai (@darkfloyd1014) of Knownsec, Ken Wong (@wwkenwong) of VXRL, Jeonghoon Shin (@singi21a) of Theori, Johnny Yu (@straight_blast) of VX Browser Exploitation Group, Chris Chan (@dr4g0nfl4me) of VX Browser Exploitation Group, Phil Mok (@shadyhamsters) of VX Browser Exploitation Group, Alan Ho (@alan_h0) of Knownsec, Byron Wai of VX Browser Exploitation, P1umer of ADLab of Venustech", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8678", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210346", "https://support.apple.com/en-us/HT210348", "https://support.apple.com/en-us/HT210351", "https://support.apple.com/en-us/HT210355", "https://support.apple.com/en-us/HT210356", "https://support.apple.com/en-us/HT210357", "https://support.apple.com/en-us/HT210358" ], "module": "WebKit", "rsr": "", "update": "September 17, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later", "macOS Mojave 10.14.5", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and included in macOS Mojave 10.14.6" ], "credit": "Jihui Lu of Tencent KeenLab", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8679", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210346", "https://support.apple.com/en-us/HT210348", "https://support.apple.com/en-us/HT210351", "https://support.apple.com/en-us/HT210355", "https://support.apple.com/en-us/HT210356", "https://support.apple.com/en-us/HT210357", "https://support.apple.com/en-us/HT210358" ], "module": "WebKit", "rsr": "", "update": "September 17, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later", "macOS Mojave 10.14.5", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and included in macOS Mojave 10.14.6" ], "credit": "Jihui Lu of Tencent KeenLab", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8680", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210346", "https://support.apple.com/en-us/HT210348", "https://support.apple.com/en-us/HT210351", "https://support.apple.com/en-us/HT210355", "https://support.apple.com/en-us/HT210356", "https://support.apple.com/en-us/HT210357", "https://support.apple.com/en-us/HT210358" ], "module": "WebKit", "rsr": "", "update": "September 17, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later", "macOS Mojave 10.14.5", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and included in macOS Mojave 10.14.6" ], "credit": "G. Geshev working with Trend Micro Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8681", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210346", "https://support.apple.com/en-us/HT210348", "https://support.apple.com/en-us/HT210351", "https://support.apple.com/en-us/HT210355", "https://support.apple.com/en-us/HT210356", "https://support.apple.com/en-us/HT210357", "https://support.apple.com/en-us/HT210358" ], "module": "WebKit", "rsr": "", "update": "September 17, 2019" }, { "available": [ "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later" ], "credit": "Jeff Braswell (JeffBraswell.com)", "description": "The issue was addressed with improved UI handling.", "id": "CVE-2019-8682", "impact": "A user may inadvertently complete an in-app purchase while on the lock screen", "links": [ "https://support.apple.com/en-us/HT210346", "https://support.apple.com/en-us/HT210353" ], "module": "Wallet", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later", "macOS Mojave 10.14.5", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and included in macOS Mojave 10.14.6" ], "credit": "lokihardt of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8683", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210346", "https://support.apple.com/en-us/HT210348", "https://support.apple.com/en-us/HT210351", "https://support.apple.com/en-us/HT210353", "https://support.apple.com/en-us/HT210355", "https://support.apple.com/en-us/HT210356", "https://support.apple.com/en-us/HT210357", "https://support.apple.com/en-us/HT210358" ], "module": "WebKit", "rsr": "", "update": "September 17, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later", "macOS Mojave 10.14.5", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and included in macOS Mojave 10.14.6" ], "credit": "lokihardt of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8684", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210346", "https://support.apple.com/en-us/HT210348", "https://support.apple.com/en-us/HT210351", "https://support.apple.com/en-us/HT210353", "https://support.apple.com/en-us/HT210355", "https://support.apple.com/en-us/HT210356", "https://support.apple.com/en-us/HT210357", "https://support.apple.com/en-us/HT210358" ], "module": "WebKit", "rsr": "", "update": "September 17, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later", "macOS Mojave 10.14.5", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and included in macOS Mojave 10.14.6" ], "credit": "akayn, Dongzhuo Zhao working with ADLab of Venustech, Ken Wong (@wwkenwong) of VXRL, Anthony Lai (@darkfloyd1014) of VXRL, and Eric Lung (@Khlung1) of VXRL", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8685", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210346", "https://support.apple.com/en-us/HT210348", "https://support.apple.com/en-us/HT210351", "https://support.apple.com/en-us/HT210353", "https://support.apple.com/en-us/HT210355", "https://support.apple.com/en-us/HT210356", "https://support.apple.com/en-us/HT210357", "https://support.apple.com/en-us/HT210358" ], "module": "WebKit", "rsr": "", "update": "September 17, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later", "macOS Mojave 10.14.5", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and included in macOS Mojave 10.14.6" ], "credit": "G. Geshev working with Trend Micro's Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8686", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210346", "https://support.apple.com/en-us/HT210348", "https://support.apple.com/en-us/HT210351", "https://support.apple.com/en-us/HT210355", "https://support.apple.com/en-us/HT210356", "https://support.apple.com/en-us/HT210357", "https://support.apple.com/en-us/HT210358" ], "module": "WebKit", "rsr": "", "update": "September 17, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later", "macOS Mojave 10.14.5", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and included in macOS Mojave 10.14.6" ], "credit": "Apple", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8687", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210346", "https://support.apple.com/en-us/HT210348", "https://support.apple.com/en-us/HT210351", "https://support.apple.com/en-us/HT210355", "https://support.apple.com/en-us/HT210356", "https://support.apple.com/en-us/HT210357", "https://support.apple.com/en-us/HT210358" ], "module": "WebKit", "rsr": "", "update": "September 17, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later", "macOS Mojave 10.14.5", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and included in macOS Mojave 10.14.6" ], "credit": "Insu Yun of SSLab at Georgia Tech", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8688", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210346", "https://support.apple.com/en-us/HT210348", "https://support.apple.com/en-us/HT210351", "https://support.apple.com/en-us/HT210353", "https://support.apple.com/en-us/HT210355", "https://support.apple.com/en-us/HT210356", "https://support.apple.com/en-us/HT210357", "https://support.apple.com/en-us/HT210358" ], "module": "WebKit", "rsr": "", "update": "September 17, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later", "macOS Mojave 10.14.5", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and included in macOS Mojave 10.14.6" ], "credit": "lokihardt of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8689", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210346", "https://support.apple.com/en-us/HT210348", "https://support.apple.com/en-us/HT210351", "https://support.apple.com/en-us/HT210353", "https://support.apple.com/en-us/HT210355", "https://support.apple.com/en-us/HT210356", "https://support.apple.com/en-us/HT210357", "https://support.apple.com/en-us/HT210358" ], "module": "WebKit", "rsr": "", "update": "September 17, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later", "macOS Mojave 10.14.5", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and included in macOS Mojave 10.14.6" ], "credit": "Sergei Glazunov of Google Project Zero", "description": "A logic issue existed in the handling of document loads. This issue was addressed with improved state management.", "id": "CVE-2019-8690", "impact": "Processing maliciously crafted web content may lead to universal cross site scripting", "links": [ "https://support.apple.com/en-us/HT210346", "https://support.apple.com/en-us/HT210348", "https://support.apple.com/en-us/HT210351", "https://support.apple.com/en-us/HT210355", "https://support.apple.com/en-us/HT210356", "https://support.apple.com/en-us/HT210357", "https://support.apple.com/en-us/HT210358" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.5, macOS High Sierra 10.13.6" ], "credit": "Aleksandr Tarasikov (@astarasikov), Arash Tohidi of Solita, Lilang Wu and Moony Li of Trend Micro's Mobile Security Research Team working with Trend Micro's Zero Day Initiative", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2019-8691", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT210348" ], "module": "Graphics Drivers", "rsr": "", "update": "July 25, 2019" }, { "available": [ "macOS Mojave 10.14.5, macOS High Sierra 10.13.6" ], "credit": "Lilang Wu and Moony Li of Trend Micro Mobile Security Research Team working with Trend Micro's Zero Day Initiative", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2019-8692", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT210348" ], "module": "Graphics Drivers", "rsr": "", "update": "July 25, 2019" }, { "available": [ "macOS Mojave 10.14.5" ], "credit": "Arash Tohidi of Solita", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2019-8693", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT210348" ], "module": "AppleGraphicsControl", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.5" ], "credit": "Arash Tohidi of Solita", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2019-8694", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT210348" ], "module": "IOAcceleratorFamily", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.5" ], "credit": "riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2019-8695", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT210348" ], "module": "Grapher", "rsr": "", "update": "" }, { "available": [ "macOS Sierra 10.12.6, macOS Mojave 10.14.5, macOS High Sierra 10.13.6" ], "credit": "Stephan Zeisberg (github.com/stze) of Security Research Labs (srlabs.de)", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2019-8696", "impact": "An attacker in a privileged network position may be able to execute arbitrary code", "links": [ "https://support.apple.com/en-us/HT210348" ], "module": "CUPS", "rsr": "", "update": "August 14, 2019, updated September 17, 2019" }, { "available": [ "macOS Mojave 10.14.5", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6" ], "credit": "ccpwd working with Trend Micro\u2019s Zero Day Initiative", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2019-8697", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT210348" ], "module": "Disk Management", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later" ], "credit": "Luke Deshotels, Jordan Beichler, and William Enck of North Carolina State University; Costin Caraba\u0219 and R\u0103zvan Deaconescu of University POLITEHNICA of Bucharest", "description": "A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement.", "id": "CVE-2019-8698", "impact": "A malicious application may be able to restrict access to websites", "links": [ "https://support.apple.com/en-us/HT210346", "https://support.apple.com/en-us/HT210351" ], "module": "Profiles", "rsr": "", "update": "" }, { "available": [ "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later" ], "credit": "Marius Alexandru Boeru (@mboeru) and an anonymous researcher", "description": "A logic issue existed in the answering of phone calls. The issue was addressed with improved state management.", "id": "CVE-2019-8699", "impact": "The initiator of a phone call may be able to cause the recipient to answer a simultaneous Walkie-Talkie connection", "links": [ "https://support.apple.com/en-us/HT210346" ], "module": "Telephony", "rsr": "", "update": "July 25, 2019" }, { "available": [ "MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later)", "macOS Sierra 10.12.6, macOS High Sierra 10.13.6" ], "credit": "Simon Huang(@HuangShaomang), Rong Fan(@fanrong1992) and pjf of IceSword Lab of Qihoo 360", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2019-8701", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT210348", "https://support.apple.com/en-us/HT210634" ], "module": "sips", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later", "macOS Mojave 10.14.5" ], "credit": "Min (Spark) Zheng and Xiaolong Bai of Alibaba Inc.", "description": "This issue was addressed with a new entitlement.", "id": "CVE-2019-8702", "impact": "A local user may be able to read a persistent account identifier", "links": [ "https://support.apple.com/en-us/HT210346", "https://support.apple.com/en-us/HT210348", "https://support.apple.com/en-us/HT210351" ], "module": "Game Center", "rsr": "", "update": "February 24, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later)", "iPhone 6s and later" ], "credit": "an anonymous researcher", "description": "This issue was addressed with improved entitlements.", "id": "CVE-2019-8703", "impact": "An application may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT210604", "https://support.apple.com/en-us/HT210606", "https://support.apple.com/en-us/HT210607", "https://support.apple.com/en-us/HT210634" ], "module": "Kernel", "rsr": "", "update": "March 16, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "iPhone 6s and later" ], "credit": "\u738b \u90a6 \u5b87 (wAnyBug.Com) of SAINTSEC", "description": "An authentication issue was addressed with improved state management.", "id": "CVE-2019-8704", "impact": "A local user may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT210604", "https://support.apple.com/en-us/HT210606" ], "module": "Keyboards", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later)", "iPhone 6s and later", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6" ], "credit": "riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative", "description": "A memory corruption issue was addressed with improved validation.", "id": "CVE-2019-8705", "impact": "Processing a maliciously crafted movie may result in the disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT210604", "https://support.apple.com/en-us/HT210606", "https://support.apple.com/en-us/HT210607", "https://support.apple.com/en-us/HT210634", "https://support.apple.com/en-us/HT210722" ], "module": "CoreAudio", "rsr": "", "update": "February 11, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later)", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS High Sierra 10.13.6, macOS Mojave 10.14.6" ], "credit": "Yu Zhou of Ant-financial Light-Year Security Lab", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2019-8706", "impact": "Processing a maliciously crafted audio file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210603", "https://support.apple.com/en-us/HT210604", "https://support.apple.com/en-us/HT210607", "https://support.apple.com/en-us/HT210634", "https://support.apple.com/en-us/HT210722" ], "module": "Audio", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later", "macOS Mojave 10.14.6 and macOS High Sierra 10.13.6" ], "credit": "an anonymous researcher working with Trend Micro's Zero Day Initiative, cc working with Trend Micro Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8707", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210604", "https://support.apple.com/en-us/HT210606", "https://support.apple.com/en-us/HT210608", "https://support.apple.com/en-us/HT210635", "https://support.apple.com/en-us/HT210636", "https://support.apple.com/en-us/HT210637" ], "module": "WebKit", "rsr": "", "update": "October 29, 2019" }, { "available": [ "MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later)", "iPhone 6s and later", "macOS High Sierra 10.13.6, macOS Mojave 10.14.6" ], "credit": "an anonymous researcher", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2019-8708", "impact": "A local user may be able to check for the existence of arbitrary files", "links": [ "https://support.apple.com/en-us/HT210606", "https://support.apple.com/en-us/HT210634", "https://support.apple.com/en-us/HT210722" ], "module": "PluginKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later)", "iPhone 6s and later", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6" ], "credit": "derrek (@derrekr6) derrek (@derrekr6)", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2019-8709", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT210604", "https://support.apple.com/en-us/HT210606", "https://support.apple.com/en-us/HT210607", "https://support.apple.com/en-us/HT210634", "https://support.apple.com/en-us/HT210722" ], "module": "Kernel", "rsr": "", "update": "February 11, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6" ], "credit": "found by OSS-Fuzz", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8710", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210603", "https://support.apple.com/en-us/HT210604", "https://support.apple.com/en-us/HT210605", "https://support.apple.com/en-us/HT210607", "https://support.apple.com/en-us/HT210635", "https://support.apple.com/en-us/HT210727" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later" ], "credit": "Arjang of MARK ANTHONY GROUP INC., Cemil Ozkebapci (@cemilozkebapci) of Garanti BBVA, Oguzhan Meral of Deloitte Consulting, \u00d6mer Bozdo\u011fan-Ramazan At\u0131l Anadolu Lisesi Adana/T\u00dcRK\u0130YE", "description": "A logic issue existed with the display of notification previews. This issue was addressed with improved validation.", "id": "CVE-2019-8711", "impact": "Notification previews may show on Bluetooth accessories even when previews are disabled", "links": [ "https://support.apple.com/en-us/HT210606" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later" ], "credit": "Mohamed Ghannam (@_simo36)", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2019-8712", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT210604", "https://support.apple.com/en-us/HT210606", "https://support.apple.com/en-us/HT210607" ], "module": "Kernel", "rsr": "", "update": "October 29, 2019" }, { "available": [ "MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later)", "iPhone 6s and later", "macOS High Sierra 10.13.6, macOS Mojave 10.14.6" ], "credit": "an anonymous researcher", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2019-8715", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT210606", "https://support.apple.com/en-us/HT210634", "https://support.apple.com/en-us/HT210722" ], "module": "PluginKit", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.6, macOS Mojave 10.14.6" ], "credit": "Zhiyi Zhang of Codesafe Team of Legendsec at Qi'anxin Group, Zhuo Liang of Qihoo 360 Vulcan Team", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2019-8716", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT210722" ], "module": "AppleGraphicsControl", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later)", "iPhone 6s and later", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15" ], "credit": "Jann Horn of Google Project Zero", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2019-8717", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT210604", "https://support.apple.com/en-us/HT210606", "https://support.apple.com/en-us/HT210607", "https://support.apple.com/en-us/HT210634", "https://support.apple.com/en-us/HT210722" ], "module": "Kernel", "rsr": "", "update": "November 18, 2019, updated February 11, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later" ], "credit": "Joshua Hill and Sem Voigtl\u00e4nder", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2019-8718", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT210604", "https://support.apple.com/en-us/HT210606", "https://support.apple.com/en-us/HT210607" ], "module": "IOUSBDeviceFamily", "rsr": "", "update": "October 29, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later", "macOS Mojave 10.14.6 and macOS High Sierra 10.13.6" ], "credit": "Sergei Glazunov of Google Project Zero", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2019-8719", "impact": "Processing maliciously crafted web content may lead to universal cross site scripting", "links": [ "https://support.apple.com/en-us/HT210604", "https://support.apple.com/en-us/HT210606", "https://support.apple.com/en-us/HT210608", "https://support.apple.com/en-us/HT210635", "https://support.apple.com/en-us/HT210636", "https://support.apple.com/en-us/HT210637" ], "module": "WebKit", "rsr": "", "update": "October 29, 2019" }, { "available": [ "macOS Mojave 10.14.4 and later" ], "credit": "Pan ZhenPeng of Qihoo 360 Nirvan Team", "description": "Multiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4.", "id": "CVE-2019-8721", "impact": "Compiling code without proper input validation could lead to arbitrary code execution with user privilege", "links": [ "https://support.apple.com/en-us/HT210609" ], "module": "ld64", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.4 and later" ], "credit": "Pan ZhenPeng of Qihoo 360 Nirvan Team", "description": "Multiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4.", "id": "CVE-2019-8722", "impact": "Compiling code without proper input validation could lead to arbitrary code execution with user privilege", "links": [ "https://support.apple.com/en-us/HT210609" ], "module": "ld64", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.4 and later" ], "credit": "Pan ZhenPeng of Qihoo 360 Nirvan Team", "description": "Multiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4.", "id": "CVE-2019-8723", "impact": "Compiling code without proper input validation could lead to arbitrary code execution with user privilege", "links": [ "https://support.apple.com/en-us/HT210609" ], "module": "ld64", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.4 and later" ], "credit": "Pan ZhenPeng of Qihoo 360 Nirvan Team", "description": "Multiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4.", "id": "CVE-2019-8724", "impact": "Compiling code without proper input validation could lead to arbitrary code execution with user privilege", "links": [ "https://support.apple.com/en-us/HT210609" ], "module": "ld64", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6" ], "credit": "Michael Thwaite of Connect Medi", "description": "The issue was addressed with improved handling of service worker lifetime.", "id": "CVE-2019-8725", "impact": "Service workers may leak private browsing history", "links": [ "https://support.apple.com/en-us/HT210605" ], "module": "Service Workers", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later", "macOS Mojave 10.14.6 and macOS High Sierra 10.13.6" ], "credit": "Jihui Lu of Tencent KeenLab", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8726", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210604", "https://support.apple.com/en-us/HT210606", "https://support.apple.com/en-us/HT210608", "https://support.apple.com/en-us/HT210635", "https://support.apple.com/en-us/HT210636", "https://support.apple.com/en-us/HT210637" ], "module": "WebKit", "rsr": "", "update": "October 29, 2019" }, { "available": [ "iPhone 6s and later" ], "credit": "Divyanshu Shukla (@justm0rph3u5)", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2019-8727", "impact": "Visiting a malicious website may lead to address bar spoofing", "links": [ "https://support.apple.com/en-us/HT210606" ], "module": "Safari", "rsr": "", "update": "October 8, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later", "macOS Mojave 10.14.6 and macOS High Sierra 10.13.6" ], "credit": "Junho Jang of LINE Security Team and Hanul Choi of ABLY Corporation", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8728", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210604", "https://support.apple.com/en-us/HT210606", "https://support.apple.com/en-us/HT210607", "https://support.apple.com/en-us/HT210608", "https://support.apple.com/en-us/HT210635", "https://support.apple.com/en-us/HT210636", "https://support.apple.com/en-us/HT210637" ], "module": "WebKit", "rsr": "", "update": "October 29, 2019" }, { "available": [ "MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later)", "iPhone 6s and later" ], "credit": "Jamie Blumberg (@jamie_blumberg) of Virginia Polytechnic Institute and State University", "description": "The contents of locked notes sometimes appeared in search results. This issue was addressed with improved data cleanup.", "id": "CVE-2019-8730", "impact": "A local user may be able to view a user\u2019s locked notes", "links": [ "https://support.apple.com/en-us/HT210606", "https://support.apple.com/en-us/HT210634" ], "module": "Notes", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later" ], "credit": "Saif Hamed Hamdan Al Hinai of Oman National CERT, Yi\u011fit Can YILMAZ (@yilmazcanyigit)", "description": "A permissions issue existed in which execute permission was incorrectly granted. This issue was addressed with improved permission validation.", "id": "CVE-2019-8731", "impact": "Processing a maliciously crafted file may disclose user information", "links": [ "https://support.apple.com/en-us/HT210606" ], "module": "Quick Look", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later" ], "credit": "Mohamad El-Zein Berlin", "description": "The issue was addressed with improved data deletion.", "id": "CVE-2019-8732", "impact": "Deleted calls remained visible on the device", "links": [ "https://support.apple.com/en-us/HT210606" ], "module": "Call History", "rsr": "", "update": "November 18, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later", "macOS Mojave 10.14.6 and macOS High Sierra 10.13.6" ], "credit": "Sergei Glazunov of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8733", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210604", "https://support.apple.com/en-us/HT210606", "https://support.apple.com/en-us/HT210608", "https://support.apple.com/en-us/HT210635", "https://support.apple.com/en-us/HT210636", "https://support.apple.com/en-us/HT210637" ], "module": "WebKit", "rsr": "", "update": "October 29, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later", "macOS Mojave 10.14.6 and macOS High Sierra 10.13.6" ], "credit": "found by OSS-Fuzz", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8734", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210604", "https://support.apple.com/en-us/HT210606", "https://support.apple.com/en-us/HT210607", "https://support.apple.com/en-us/HT210608", "https://support.apple.com/en-us/HT210635", "https://support.apple.com/en-us/HT210636", "https://support.apple.com/en-us/HT210637" ], "module": "WebKit", "rsr": "", "update": "October 29, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later", "macOS Mojave 10.14.6 and macOS High Sierra 10.13.6" ], "credit": "G. Geshev working with Trend Micro Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8735", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210604", "https://support.apple.com/en-us/HT210606", "https://support.apple.com/en-us/HT210608", "https://support.apple.com/en-us/HT210635", "https://support.apple.com/en-us/HT210636", "https://support.apple.com/en-us/HT210637" ], "module": "WebKit", "rsr": "", "update": "October 29, 2019" }, { "available": [ "MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later)", "macOS High Sierra 10.13.6, macOS Mojave 10.14.6" ], "credit": "Pawel Gocyla of ING Tech Poland (ingtechpoland.com)", "description": "An input validation issue was addressed with improved input validation.", "id": "CVE-2019-8736", "impact": "An attacker in a privileged network position may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT210634", "https://support.apple.com/en-us/HT210722" ], "module": "CUPS", "rsr": "", "update": "" }, { "available": [ "MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later)", "macOS High Sierra 10.13.6, macOS Mojave 10.14.6" ], "credit": "Pawel Gocyla of ING Tech Poland (ingtechpoland.com)", "description": "A denial of service issue was addressed with improved validation.", "id": "CVE-2019-8737", "impact": "An attacker in a privileged position may be able to perform a denial of service attack", "links": [ "https://support.apple.com/en-us/HT210634", "https://support.apple.com/en-us/HT210722" ], "module": "CUPS", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.4 and later" ], "credit": "Pan ZhenPeng (@Peterpan0927) of Qihoo 360 Nirvan Team", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2019-8738", "impact": "Processing a maliciously crafted file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210609" ], "module": "otool", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.4 and later" ], "credit": "Pan ZhenPeng (@Peterpan0927) of Qihoo 360 Nirvan Team", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2019-8739", "impact": "Processing a maliciously crafted file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210609" ], "module": "otool", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation" ], "credit": "Mohamed Ghannam (@_simo36)", "description": "A memory corruption vulnerability was addressed with improved locking.", "id": "CVE-2019-8740", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT210603", "https://support.apple.com/en-us/HT210604", "https://support.apple.com/en-us/HT210607" ], "module": "Kernel", "rsr": "", "update": "October 29, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later)", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later" ], "credit": "Nicky Mouha of NIST", "description": "A denial of service issue was addressed with improved input validation.", "id": "CVE-2019-8741", "impact": "Processing a large input may lead to a denial of service", "links": [ "https://support.apple.com/en-us/HT210604", "https://support.apple.com/en-us/HT210606", "https://support.apple.com/en-us/HT210607", "https://support.apple.com/en-us/HT210634", "https://support.apple.com/en-us/HT210635", "https://support.apple.com/en-us/HT210636", "https://support.apple.com/en-us/HT210637" ], "module": "CoreCrypto", "rsr": "", "update": "October 29, 2019" }, { "available": [ "iPhone 6s and later" ], "credit": "videosdebarraquito", "description": "The issue was addressed by restricting options offered on a locked device.", "id": "CVE-2019-8742", "impact": "A person with physical access to an iOS device may be able to access contacts from the lock screen", "links": [ "https://support.apple.com/en-us/HT210606" ], "module": "Messages", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6" ], "credit": "zhunki from Codesafe Team of Legendsec at Qi'anxin Group", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8743", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210603", "https://support.apple.com/en-us/HT210604", "https://support.apple.com/en-us/HT210605", "https://support.apple.com/en-us/HT210635", "https://support.apple.com/en-us/HT210636", "https://support.apple.com/en-us/HT210637", "https://support.apple.com/en-us/HT210724" ], "module": "WebKit", "rsr": "", "update": "November 18, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later)", "iPhone 6s and later", "macOS High Sierra 10.13.6, macOS Mojave 10.14.6" ], "credit": "Zhuo Liang of Qihoo 360 Vulcan Team", "description": "A memory corruption issue existed in the handling of IPv6 packets. This issue was addressed with improved memory management.", "id": "CVE-2019-8744", "impact": "A malicious application may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT210604", "https://support.apple.com/en-us/HT210606", "https://support.apple.com/en-us/HT210607", "https://support.apple.com/en-us/HT210634", "https://support.apple.com/en-us/HT210722" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later)", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6" ], "credit": "riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative", "description": "A buffer overflow was addressed with improved bounds checking.", "id": "CVE-2019-8745", "impact": "Processing a maliciously crafted text file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210604", "https://support.apple.com/en-us/HT210606", "https://support.apple.com/en-us/HT210607", "https://support.apple.com/en-us/HT210634", "https://support.apple.com/en-us/HT210635", "https://support.apple.com/en-us/HT210636", "https://support.apple.com/en-us/HT210637", "https://support.apple.com/en-us/HT210722" ], "module": "UIFoundation", "rsr": "", "update": "February 11, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later)", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6" ], "credit": "natashenka and Samuel Gro\u00df of Google Project Zero", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2019-8746", "impact": "A remote attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210604", "https://support.apple.com/en-us/HT210606", "https://support.apple.com/en-us/HT210607", "https://support.apple.com/en-us/HT210634", "https://support.apple.com/en-us/HT210635", "https://support.apple.com/en-us/HT210636", "https://support.apple.com/en-us/HT210637", "https://support.apple.com/en-us/HT210722" ], "module": "Foundation", "rsr": "", "update": "February 11, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation" ], "credit": "Mohamed Ghannam (@_simo36)", "description": "A memory corruption vulnerability was addressed with improved locking.", "id": "CVE-2019-8747", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT210603", "https://support.apple.com/en-us/HT210604", "https://support.apple.com/en-us/HT210724" ], "module": "AppleFirmwareUpdateKext", "rsr": "", "update": "" }, { "available": [ "MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later)", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6" ], "credit": "Lilang Wu and Moony Li of TrendMicro Mobile Security Research Team", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2019-8748", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT210634", "https://support.apple.com/en-us/HT210722" ], "module": "AMD", "rsr": "", "update": "February 11, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later)", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later", "macOS High Sierra 10.13.6, macOS Mojave 10.14.6" ], "credit": "found by OSS-Fuzz", "description": "Multiple memory corruption issues were addressed with improved input validation.", "id": "CVE-2019-8749", "impact": "Multiple issues in libxml2", "links": [ "https://support.apple.com/en-us/HT210604", "https://support.apple.com/en-us/HT210606", "https://support.apple.com/en-us/HT210607", "https://support.apple.com/en-us/HT210634", "https://support.apple.com/en-us/HT210635", "https://support.apple.com/en-us/HT210636", "https://support.apple.com/en-us/HT210637", "https://support.apple.com/en-us/HT210722" ], "module": "libxml2", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later)", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS High Sierra 10.13.6, macOS Mojave 10.14.6" ], "credit": "found by OSS-Fuzz", "description": "Multiple memory corruption issues were addressed with improved input validation.", "id": "CVE-2019-8750", "impact": "Multiple issues in libxslt", "links": [ "https://support.apple.com/en-us/HT210603", "https://support.apple.com/en-us/HT210604", "https://support.apple.com/en-us/HT210634", "https://support.apple.com/en-us/HT210635", "https://support.apple.com/en-us/HT210722", "https://support.apple.com/en-us/HT210724", "https://support.apple.com/en-us/HT210727" ], "module": "libxslt", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6" ], "credit": "Dongzhuo Zhao working with ADLab of Venustech", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8751", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210603", "https://support.apple.com/en-us/HT210604", "https://support.apple.com/en-us/HT210605", "https://support.apple.com/en-us/HT210607", "https://support.apple.com/en-us/HT210635", "https://support.apple.com/en-us/HT210636", "https://support.apple.com/en-us/HT210637" ], "module": "WebKit", "rsr": "", "update": "October 29, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6" ], "credit": "Dongzhuo Zhao working with ADLab of Venustech", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8752", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210603", "https://support.apple.com/en-us/HT210604", "https://support.apple.com/en-us/HT210605", "https://support.apple.com/en-us/HT210607", "https://support.apple.com/en-us/HT210635", "https://support.apple.com/en-us/HT210636", "https://support.apple.com/en-us/HT210637" ], "module": "WebKit", "rsr": "", "update": "October 29, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later)", "iPhone 6s and later" ], "credit": "\u0141ukasz Pilorz of Standard Chartered GBS Poland", "description": "This issue was addressed with improved checks.", "id": "CVE-2019-8753", "impact": "Processing maliciously crafted web content may lead to a cross site scripting attack", "links": [ "https://support.apple.com/en-us/HT210604", "https://support.apple.com/en-us/HT210606", "https://support.apple.com/en-us/HT210607", "https://support.apple.com/en-us/HT210634" ], "module": "CFNetwork", "rsr": "", "update": "October 29, 2019" }, { "available": [ "macOS Catalina 10.15" ], "credit": "Renee Trisberg of SpectX", "description": "A cross-origin issue existed with \"iframe\" elements. This was addressed with improved tracking of security origins.", "id": "CVE-2019-8754", "impact": "A malicious HTML document may be able to render iframes with sensitive user information", "links": [ "https://support.apple.com/en-us/HT210722" ], "module": "UIFoundation", "rsr": "", "update": "February 24, 2020" }, { "available": [ "MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later)" ], "credit": "Lilang Wu and Moony Li of Trend Micro", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2019-8755", "impact": "A malicious application may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT210634" ], "module": "IOGraphics", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later)", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later", "macOS High Sierra 10.13.6, macOS Mojave 10.14.6" ], "credit": "found by OSS-Fuzz", "description": "Multiple memory corruption issues were addressed with improved input validation.", "id": "CVE-2019-8756", "impact": "Multiple issues in libxml2", "links": [ "https://support.apple.com/en-us/HT210604", "https://support.apple.com/en-us/HT210606", "https://support.apple.com/en-us/HT210607", "https://support.apple.com/en-us/HT210634", "https://support.apple.com/en-us/HT210635", "https://support.apple.com/en-us/HT210636", "https://support.apple.com/en-us/HT210637", "https://support.apple.com/en-us/HT210722" ], "module": "libxml2", "rsr": "", "update": "" }, { "available": [ "MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later)" ], "credit": "William Cerniuk of Core Development, LLC", "description": "A race condition existed when reading and writing user preferences. This was addressed with improved state handling.", "id": "CVE-2019-8757", "impact": "The \"Share Mac Analytics\" setting may not be disabled when a user deselects the switch to share analytics", "links": [ "https://support.apple.com/en-us/HT210634" ], "module": "Crash Reporter", "rsr": "", "update": "" }, { "available": [ "MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later)" ], "credit": "Lilang Wu and Moony Li of Trend Micro", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2019-8758", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT210634" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later)", "macOS High Sierra 10.13.6, macOS Mojave 10.14.6" ], "credit": "another of 360 Nirvan Team", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2019-8759", "impact": "A local user may be able to cause unexpected system termination or read kernel memory", "links": [ "https://support.apple.com/en-us/HT210634", "https://support.apple.com/en-us/HT210722" ], "module": "IOGraphics", "rsr": "", "update": "" }, { "available": [ "iPhone X and later" ], "credit": "Wish Wu (\u5434\u6f4d\u6d60 @wish_wu) of Ant-Financial Light-Year Security Lab", "description": "This issue was addressed by improving Face ID machine learning models.", "id": "CVE-2019-8760", "impact": "A 3D model constructed to look like the enrolled user may authenticate via Face ID", "links": [ "https://support.apple.com/en-us/HT210606" ], "module": "Face ID", "rsr": "", "update": "" }, { "available": [ "MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later)", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6" ], "credit": "Renee Trisberg of SpectX", "description": "This issue was addressed with improved checks.", "id": "CVE-2019-8761", "impact": "Parsing a maliciously crafted text file may lead to disclosure of user information", "links": [ "https://support.apple.com/en-us/HT210634", "https://support.apple.com/en-us/HT210722" ], "module": "UIFoundation", "rsr": "", "update": "August 10, 2020, updated July 21, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6" ], "credit": "Sergei Glazunov of Google Project Zero", "description": "A validation issue was addressed with improved logic.", "id": "CVE-2019-8762", "impact": "Processing maliciously crafted web content may lead to universal cross site scripting", "links": [ "https://support.apple.com/en-us/HT210603", "https://support.apple.com/en-us/HT210604", "https://support.apple.com/en-us/HT210605", "https://support.apple.com/en-us/HT210635", "https://support.apple.com/en-us/HT210636", "https://support.apple.com/en-us/HT210637" ], "module": "WebKit", "rsr": "", "update": "November 18, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6" ], "credit": "Sergei Glazunov of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8763", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210603", "https://support.apple.com/en-us/HT210604", "https://support.apple.com/en-us/HT210605", "https://support.apple.com/en-us/HT210635", "https://support.apple.com/en-us/HT210636", "https://support.apple.com/en-us/HT210637" ], "module": "WebKit", "rsr": "", "update": "October 29, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6" ], "credit": "Sergei Glazunov of Google Project Zero", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2019-8764", "impact": "Processing maliciously crafted web content may lead to universal cross site scripting", "links": [ "https://support.apple.com/en-us/HT210604", "https://support.apple.com/en-us/HT210605", "https://support.apple.com/en-us/HT210606", "https://support.apple.com/en-us/HT210635", "https://support.apple.com/en-us/HT210636", "https://support.apple.com/en-us/HT210637", "https://support.apple.com/en-us/HT210724" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6" ], "credit": "Samuel Gro\u00df of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8765", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210603", "https://support.apple.com/en-us/HT210604", "https://support.apple.com/en-us/HT210605", "https://support.apple.com/en-us/HT210635", "https://support.apple.com/en-us/HT210636", "https://support.apple.com/en-us/HT210637", "https://support.apple.com/en-us/HT210724" ], "module": "WebKit", "rsr": "", "update": "November 18, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6" ], "credit": "found by OSS-Fuzz", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8766", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210603", "https://support.apple.com/en-us/HT210604", "https://support.apple.com/en-us/HT210605", "https://support.apple.com/en-us/HT210635", "https://support.apple.com/en-us/HT210724", "https://support.apple.com/en-us/HT210727" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later)", "macOS High Sierra 10.13.6, macOS Mojave 10.14.6" ], "credit": "Stephen Zeisberg", "description": "A memory consumption issue was addressed with improved memory handling.", "id": "CVE-2019-8767", "impact": "Processing a maliciously crafted string may lead to heap corruption", "links": [ "https://support.apple.com/en-us/HT210634", "https://support.apple.com/en-us/HT210722" ], "module": "CUPS", "rsr": "", "update": "" }, { "available": [ "MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later)", "iPhone 6s and later" ], "credit": "Hugo S. Diaz (coldpointblue)", "description": "\"Clear History and Website Data\" did not clear the history. The issue was addressed with improved data deletion.", "id": "CVE-2019-8768", "impact": "A user may be unable to delete browsing history items", "links": [ "https://support.apple.com/en-us/HT210606", "https://support.apple.com/en-us/HT210634" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later)", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation" ], "credit": "Pi\u00e9rre Reimertz (@reimertz)", "description": "An issue existed in the drawing of web page elements. The issue was addressed with improved logic.", "id": "CVE-2019-8769", "impact": "Visiting a maliciously crafted website may reveal browsing history", "links": [ "https://support.apple.com/en-us/HT210603", "https://support.apple.com/en-us/HT210634" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later)" ], "credit": "Stanislav Zinukhov of Parallels International GmbH", "description": "The issue was addressed with improved permissions logic.", "id": "CVE-2019-8770", "impact": "A malicious application may be able to access recent documents", "links": [ "https://support.apple.com/en-us/HT210634" ], "module": "SharedFileList", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6" ], "credit": "Eliya Stein of Confiant", "description": "This issue was addressed with improved iframe sandbox enforcement.", "id": "CVE-2019-8771", "impact": "Maliciously crafted web content may violate iframe sandboxing policy", "links": [ "https://support.apple.com/en-us/HT210605", "https://support.apple.com/en-us/HT210606" ], "module": "WebKit", "rsr": "", "update": "October 8, 2019" }, { "available": [ "MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later)", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6" ], "credit": "Jens M\u00fcller of Ruhr University Bochum, Fabian Ising of FH M\u00fcnster University of Applied Sciences, Vladislav Mladenov of Ruhr University Bochum, Christian Mainka of Ruhr University Bochum, Sebastian Schinzel of FH M\u00fcnster University of Applied Sciences, and J\u00f6rg Schwenk of Ruhr University Bochum", "description": "An issue existed in the handling of links in encrypted PDFs. This issue was addressed by adding a confirmation prompt.", "id": "CVE-2019-8772", "impact": "An attacker may be able to exfiltrate the contents of an encrypted PDF", "links": [ "https://support.apple.com/en-us/HT210634", "https://support.apple.com/en-us/HT210722" ], "module": "PDFKit", "rsr": "", "update": "February 11, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6" ], "credit": "found by OSS-Fuzz", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8773", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210603", "https://support.apple.com/en-us/HT210604", "https://support.apple.com/en-us/HT210605", "https://support.apple.com/en-us/HT210607", "https://support.apple.com/en-us/HT210635", "https://support.apple.com/en-us/HT210636", "https://support.apple.com/en-us/HT210637" ], "module": "WebKit", "rsr": "", "update": "October 29, 2019" }, { "available": [ "MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later)", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation" ], "credit": "Gertjan Franken imec-DistriNet of KU Leuven", "description": "A resource exhaustion issue was addressed with improved input validation.", "id": "CVE-2019-8774", "impact": "Parsing a maliciously crafted iBooks file may lead to a persistent denial-of-service", "links": [ "https://support.apple.com/en-us/HT210603", "https://support.apple.com/en-us/HT210634" ], "module": "Books", "rsr": "", "update": "October 29, 2019" }, { "available": [ "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation" ], "credit": "videosdebarraquito", "description": "The issue was addressed by restricting options offered on a locked device.", "id": "CVE-2019-8775", "impact": "A person with physical access to an iOS device may be able to access contacts from the lock screen", "links": [ "https://support.apple.com/en-us/HT210603", "https://support.apple.com/en-us/HT210724" ], "module": "VoiceOver", "rsr": "", "update": "" }, { "available": [ "MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later)" ], "credit": "Jann Horn of Google Project Zero", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2019-8776", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT210634" ], "module": "dyld", "rsr": "", "update": "February 3, 2020" }, { "available": [ "macOS Mojave 10.14.3" ], "credit": "Abdullah H. AlJaber (@aljaber) of AJ.SA", "description": "A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management.", "id": "CVE-2019-8777", "impact": "A local attacker may be able to view contacts from the lock screen", "links": [ "https://support.apple.com/en-us/HT209600" ], "module": "FaceTime", "rsr": "", "update": "October 8, 2019" }, { "available": [ "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation" ], "credit": "Apple", "description": "A logic issue applied the incorrect restrictions. This issue was addressed by updating the logic to apply the correct restrictions.", "id": "CVE-2019-8779", "impact": "Third party app extensions may not receive the correct sandbox restrictions", "links": [ "https://support.apple.com/en-us/HT210624" ], "module": "Sandbox", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation" ], "credit": "Siguza", "description": "The issue was addressed with improved permissions logic.", "id": "CVE-2019-8780", "impact": "A malicious application may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT210603", "https://support.apple.com/en-us/HT210604" ], "module": "Kernel", "rsr": "", "update": "October 8, 2019" }, { "available": [ "MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later)" ], "credit": "Linus Henze (pinauten.de)", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2019-8781", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT210634" ], "module": "Kernel", "rsr": "", "update": "October 29, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave 10.14.6 and macOS High Sierra 10.13.6, and included in macOS Catalina 10.15.1" ], "credit": "Cheolung Lee of LINE+ Security Team", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8782", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210721", "https://support.apple.com/en-us/HT210723", "https://support.apple.com/en-us/HT210725", "https://support.apple.com/en-us/HT210726", "https://support.apple.com/en-us/HT210727" ], "module": "WebKit", "rsr": "", "update": "November 18, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave 10.14.6 and macOS High Sierra 10.13.6, and included in macOS Catalina 10.15.1" ], "credit": "Cheolung Lee of LINE+ Graylab Security Team", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8783", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210721", "https://support.apple.com/en-us/HT210723", "https://support.apple.com/en-us/HT210725", "https://support.apple.com/en-us/HT210726", "https://support.apple.com/en-us/HT210727", "https://support.apple.com/en-us/HT210728" ], "module": "WebKit", "rsr": "", "update": "November 18, 2019" }, { "available": [ "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Catalina 10.15" ], "credit": "Vasiliy Vasilyev and Ilya Finogeev of Webinar, LLC", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2019-8784", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT210721", "https://support.apple.com/en-us/HT210722", "https://support.apple.com/en-us/HT210726", "https://support.apple.com/en-us/HT210727", "https://support.apple.com/en-us/HT210728" ], "module": "Graphics Driver", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15" ], "credit": "Ian Beer of Google Project Zero", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2019-8785", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT210721", "https://support.apple.com/en-us/HT210722", "https://support.apple.com/en-us/HT210723", "https://support.apple.com/en-us/HT210724" ], "module": "Audio", "rsr": "", "update": "February 11, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15" ], "credit": "Wen Xu of Georgia Tech, Microsoft Offensive Security Research Intern", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2019-8786", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT210721", "https://support.apple.com/en-us/HT210722", "https://support.apple.com/en-us/HT210723", "https://support.apple.com/en-us/HT210724" ], "module": "Kernel", "rsr": "", "update": "November 18, 2019, updated February 11, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15" ], "credit": "Steffen Klee of Secure Mobile Networking Lab at Technische Universit\u00e4t Darmstadt", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2019-8787", "impact": "A remote attacker may be able to leak memory", "links": [ "https://support.apple.com/en-us/HT210721", "https://support.apple.com/en-us/HT210722", "https://support.apple.com/en-us/HT210723", "https://support.apple.com/en-us/HT210724" ], "module": "Accounts", "rsr": "", "update": "February 11, 2020" }, { "available": [ "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Catalina 10.15" ], "credit": "Juha Lindstedt of Pakastin, Mirko Tanania, Rauli Rikama of Zero Keyboard Ltd", "description": "An issue existed in the parsing of URLs. This issue was addressed with improved input validation.", "id": "CVE-2019-8788", "impact": "Improper URL processing may lead to data exfiltration", "links": [ "https://support.apple.com/en-us/HT210721", "https://support.apple.com/en-us/HT210722" ], "module": "Associated Domains", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Catalina 10.15" ], "credit": "Gertjan Franken of imec-DistriNet, KU Leuven", "description": "A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks.", "id": "CVE-2019-8789", "impact": "Parsing a maliciously crafted iBooks file may lead to disclosure of user information", "links": [ "https://support.apple.com/en-us/HT210721", "https://support.apple.com/en-us/HT210722" ], "module": "Books", "rsr": "", "update": "" }, { "available": [ "Ubuntu 14.04, 16.04, and 18.04" ], "credit": "Apple", "description": "This issue was addresses by updating incorrect URLSession file descriptors management logic to match Swift 5.0.", "id": "CVE-2019-8790", "impact": "Incorrect management of file descriptors in URLSession could lead to inadvertent data disclosure", "links": [ "https://support.apple.com/en-us/HT210647" ], "module": "Foundation", "rsr": "", "update": "" }, { "available": [ "Android: 9.24.1", "iOS 10 and later" ], "credit": "Ashley King", "description": "An issue existed in the parsing of URL schemes. This issue was addressed with improved URL validation.", "id": "CVE-2019-8791", "impact": "Processing a maliciously crafted URL may lead to an open redirect", "links": [ "https://support.apple.com/en-us/HT210744", "https://support.apple.com/en-us/HT210745" ], "module": "Shazam", "rsr": "", "update": "" }, { "available": [ "Android: 9.24.1", "iOS 10 and later" ], "credit": "Ashley King", "description": "An injection issue was addressed with improved validation.", "id": "CVE-2019-8792", "impact": "Processing a maliciously crafted URL may lead to arbitrary javascript code execution", "links": [ "https://support.apple.com/en-us/HT210744", "https://support.apple.com/en-us/HT210745" ], "module": "Shazam", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation" ], "credit": "Ryan Jenkins of Lake Forrest Prep School", "description": "A consistency issue existed in deciding when to show the screen recording indicator. The issue was resolved with improved state management.", "id": "CVE-2019-8793", "impact": "A local user may be able to record the screen without a visible screen recording indicator", "links": [ "https://support.apple.com/en-us/HT210721" ], "module": "Screen Recording", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Catalina 10.15" ], "credit": "08Tc3wBB working with SSD Secure Disclosure", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2019-8794", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT210721", "https://support.apple.com/en-us/HT210722", "https://support.apple.com/en-us/HT210723", "https://support.apple.com/en-us/HT210724" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation" ], "credit": "08Tc3wBB working with SSD Secure Disclosure", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2019-8795", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT210721", "https://support.apple.com/en-us/HT210723" ], "module": "AVEVideoEncoder", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 1 and later", "iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch 6th generation", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Catalina 10.15", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6" ], "credit": "Allison Husain of UC Berkeley", "description": "A logic issue was addressed with improved validation.", "id": "CVE-2019-8796", "impact": "AirDrop transfers may be unexpectedly accepted while in Everyone mode", "links": [ "https://support.apple.com/en-us/HT210721", "https://support.apple.com/en-us/HT210722", "https://support.apple.com/en-us/HT210724", "https://support.apple.com/en-us/HT211134" ], "module": "Accounts", "rsr": "", "update": "April 4, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15" ], "credit": "08Tc3wBB working with SSD Secure Disclosure", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2019-8797", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT210721", "https://support.apple.com/en-us/HT210722", "https://support.apple.com/en-us/HT210723", "https://support.apple.com/en-us/HT210724" ], "module": "Audio", "rsr": "", "update": "February 11, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS High Sierra 10.13.6, macOS Catalina 10.15" ], "credit": "ABC Research s.r.o. working with Trend Micro's Zero Day Initiative", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2019-8798", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT210721", "https://support.apple.com/en-us/HT210722", "https://support.apple.com/en-us/HT210723", "https://support.apple.com/en-us/HT210724" ], "module": "File System Events", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later)", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation" ], "credit": "David Kreitschmann and Milan Stute of Secure Mobile Networking Lab at Technische Universit\u00e4t Darmstadt", "description": "This issue was resolved by replacing device names with a random identifier.", "id": "CVE-2019-8799", "impact": "An attacker in physical proximity may be able to passively observe device names in AWDL communications", "links": [ "https://support.apple.com/en-us/HT210603", "https://support.apple.com/en-us/HT210604", "https://support.apple.com/en-us/HT210607", "https://support.apple.com/en-us/HT210634" ], "module": "mDNSResponder", "rsr": "", "update": "October 29, 2019" }, { "available": [ "macOS Mojave 10.14.4 and later" ], "credit": "Pan ZhenPeng of Qihoo 360 Nirvan Team", "description": "A memory corruption issue was addressed with improved validation.", "id": "CVE-2019-8800", "impact": "Processing a maliciously crafted file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210729" ], "module": "llvm", "rsr": "", "update": "" }, { "available": [ "Windows 7 and later", "macOS Catalina 10.15" ], "credit": "Hou JingYi (@hjy79425575) of Qihoo 360 CERT", "description": "A dynamic library loading issue existed in iTunes setup. This was addressed with improved path searching.", "id": "CVE-2019-8801", "impact": "Running the iTunes installer in an untrusted directory may result in arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210722", "https://support.apple.com/en-us/HT210726" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.6, macOS Catalina 10.15" ], "credit": "Csaba Fitzl (@theevilbit)", "description": "A validation issue was addressed with improved logic.", "id": "CVE-2019-8802", "impact": "A malicious application may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/HT210722" ], "module": "manpages", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Catalina 10.15" ], "credit": "Kiyeon An, \ucc28\ubbfc\uaddc (CHA Minkyu)", "description": "An authentication issue was addressed with improved state management.", "id": "CVE-2019-8803", "impact": "A local attacker may be able to login to the account of a previously logged in user without valid credentials.", "links": [ "https://support.apple.com/en-us/HT210721", "https://support.apple.com/en-us/HT210722", "https://support.apple.com/en-us/HT210723", "https://support.apple.com/en-us/HT210724" ], "module": "App Store", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation" ], "credit": "Christy Philip Mathew of Zimperium, Inc", "description": "An inconsistency in Wi-Fi network configuration settings was addressed.", "id": "CVE-2019-8804", "impact": "An attacker in physical proximity may be able to force a user onto a malicious Wi-Fi network during device setup", "links": [ "https://support.apple.com/en-us/HT210721" ], "module": "Setup Assistant", "rsr": "", "update": "" }, { "available": [ "macOS Catalina 10.15" ], "credit": "Scott Knight (@sdotknight) of VMware Carbon Black TAU", "description": "A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement.", "id": "CVE-2019-8805", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT210722" ], "module": "System Extensions", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.4 and later" ], "credit": "Pan ZhenPeng of Qihoo 360 Nirvan Team", "description": "A memory corruption issue was addressed with improved validation.", "id": "CVE-2019-8806", "impact": "Processing a maliciously crafted file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210729" ], "module": "llvm", "rsr": "", "update": "" }, { "available": [ "macOS Catalina 10.15" ], "credit": "Yu Wang of Didi Research America", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2019-8807", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT210722" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave 10.14.6 and macOS High Sierra 10.13.6, and included in macOS Catalina 10.15.1" ], "credit": "found by OSS-Fuzz", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8808", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210721", "https://support.apple.com/en-us/HT210723", "https://support.apple.com/en-us/HT210724", "https://support.apple.com/en-us/HT210725", "https://support.apple.com/en-us/HT210726" ], "module": "WebKit", "rsr": "", "update": "November 18, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later)", "iPhone 6s and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation" ], "credit": "Apple", "description": "A validation issue was addressed with improved logic.", "id": "CVE-2019-8809", "impact": "A local app may be able to read a persistent account identifier", "links": [ "https://support.apple.com/en-us/HT210603", "https://support.apple.com/en-us/HT210604", "https://support.apple.com/en-us/HT210606", "https://support.apple.com/en-us/HT210607", "https://support.apple.com/en-us/HT210634" ], "module": "Kernel", "rsr": "", "update": "October 29, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave 10.14.6 and macOS High Sierra 10.13.6, and included in macOS Catalina 10.15.1" ], "credit": "Soyeon Park of SSLab at Georgia Tech", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8811", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210721", "https://support.apple.com/en-us/HT210723", "https://support.apple.com/en-us/HT210724", "https://support.apple.com/en-us/HT210725", "https://support.apple.com/en-us/HT210726", "https://support.apple.com/en-us/HT210727", "https://support.apple.com/en-us/HT210728" ], "module": "WebKit", "rsr": "", "update": "November 18, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave 10.14.6 and macOS High Sierra 10.13.6, and included in macOS Catalina 10.15.1" ], "credit": "JunDong Xie of Ant-financial Light-Year Security Lab", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8812", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210721", "https://support.apple.com/en-us/HT210723", "https://support.apple.com/en-us/HT210724", "https://support.apple.com/en-us/HT210725", "https://support.apple.com/en-us/HT210726" ], "module": "WebKit", "rsr": "", "update": "November 18, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave 10.14.6 and macOS High Sierra 10.13.6, and included in macOS Catalina 10.15.1" ], "credit": "an anonymous researcher", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2019-8813", "impact": "Processing maliciously crafted web content may lead to universal cross site scripting", "links": [ "https://support.apple.com/en-us/HT210721", "https://support.apple.com/en-us/HT210723", "https://support.apple.com/en-us/HT210725", "https://support.apple.com/en-us/HT210726", "https://support.apple.com/en-us/HT210727" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave 10.14.6 and macOS High Sierra 10.13.6, and included in macOS Catalina 10.15.1" ], "credit": "Cheolung Lee of LINE+ Security Team", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8814", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210721", "https://support.apple.com/en-us/HT210723", "https://support.apple.com/en-us/HT210725", "https://support.apple.com/en-us/HT210726", "https://support.apple.com/en-us/HT210727", "https://support.apple.com/en-us/HT210728" ], "module": "WebKit", "rsr": "", "update": "November 18, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave 10.14.6 and macOS High Sierra 10.13.6, and included in macOS Catalina 10.15.1" ], "credit": "Apple", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8815", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210721", "https://support.apple.com/en-us/HT210723", "https://support.apple.com/en-us/HT210725", "https://support.apple.com/en-us/HT210726", "https://support.apple.com/en-us/HT210727", "https://support.apple.com/en-us/HT210728" ], "module": "WebKit Process Model", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave 10.14.6 and macOS High Sierra 10.13.6, and included in macOS Catalina 10.15.1" ], "credit": "Soyeon Park of SSLab at Georgia Tech", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8816", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210721", "https://support.apple.com/en-us/HT210723", "https://support.apple.com/en-us/HT210724", "https://support.apple.com/en-us/HT210725", "https://support.apple.com/en-us/HT210726", "https://support.apple.com/en-us/HT210727", "https://support.apple.com/en-us/HT210728" ], "module": "WebKit", "rsr": "", "update": "November 18, 2019" }, { "available": [ "macOS Catalina 10.15" ], "credit": "Arash Tohidi", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2019-8817", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT210722" ], "module": "AppleGraphicsControl", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave 10.14.6 and macOS High Sierra 10.13.6, and included in macOS Catalina 10.15.1" ], "credit": "Cheolung Lee of LINE+ Security Team", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8819", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210721", "https://support.apple.com/en-us/HT210723", "https://support.apple.com/en-us/HT210725", "https://support.apple.com/en-us/HT210726", "https://support.apple.com/en-us/HT210727", "https://support.apple.com/en-us/HT210728" ], "module": "WebKit", "rsr": "", "update": "November 18, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave 10.14.6 and macOS High Sierra 10.13.6, and included in macOS Catalina 10.15.1" ], "credit": "Samuel Gro\u00df of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8820", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210721", "https://support.apple.com/en-us/HT210723", "https://support.apple.com/en-us/HT210724", "https://support.apple.com/en-us/HT210725", "https://support.apple.com/en-us/HT210726", "https://support.apple.com/en-us/HT210727", "https://support.apple.com/en-us/HT210728" ], "module": "WebKit", "rsr": "", "update": "November 18, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave 10.14.6 and macOS High Sierra 10.13.6, and included in macOS Catalina 10.15.1" ], "credit": "Sergei Glazunov of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8821", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210721", "https://support.apple.com/en-us/HT210723", "https://support.apple.com/en-us/HT210725", "https://support.apple.com/en-us/HT210726", "https://support.apple.com/en-us/HT210727", "https://support.apple.com/en-us/HT210728" ], "module": "WebKit", "rsr": "", "update": "November 18, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave 10.14.6 and macOS High Sierra 10.13.6, and included in macOS Catalina 10.15.1" ], "credit": "Sergei Glazunov of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8822", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210721", "https://support.apple.com/en-us/HT210723", "https://support.apple.com/en-us/HT210725", "https://support.apple.com/en-us/HT210726", "https://support.apple.com/en-us/HT210727", "https://support.apple.com/en-us/HT210728" ], "module": "WebKit", "rsr": "", "update": "November 18, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave 10.14.6 and macOS High Sierra 10.13.6, and included in macOS Catalina 10.15.1" ], "credit": "Sergei Glazunov of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8823", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210721", "https://support.apple.com/en-us/HT210723", "https://support.apple.com/en-us/HT210725", "https://support.apple.com/en-us/HT210726", "https://support.apple.com/en-us/HT210727", "https://support.apple.com/en-us/HT210728" ], "module": "WebKit", "rsr": "", "update": "November 18, 2019" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15" ], "credit": "Mac working with Trend Micro's Zero Day Initiative", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2019-8824", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT210722" ], "module": "APFS", "rsr": "", "update": "February 11, 2020" }, { "available": [ "MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later)", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6" ], "credit": "Found by GWP-ASan in Google Chrome", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2019-8825", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210606", "https://support.apple.com/en-us/HT210634", "https://support.apple.com/en-us/HT210635", "https://support.apple.com/en-us/HT210636", "https://support.apple.com/en-us/HT210637", "https://support.apple.com/en-us/HT210722" ], "module": "CoreMedia", "rsr": "", "update": "February 11, 2020" }, { "available": [ "MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later)" ], "credit": "Found by GWP-ASan in Google Chrome", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2019-8826", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210634" ], "module": "Menus", "rsr": "", "update": "October 29, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave 10.14.6 and macOS High Sierra 10.13.6, and included in macOS Catalina 10.15.1" ], "credit": "Artur Janc, Krzysztof Kotowicz, Lukas Weichselbaum, and Roberto Clapis of Google Security Team", "description": "The HTTP referrer header may be used to leak browsing history. The issue was resolved by downgrading all third party referrers to their origin.", "id": "CVE-2019-8827", "impact": "Visiting a maliciously crafted website may reveal the sites a user has visited", "links": [ "https://support.apple.com/en-us/HT210721", "https://support.apple.com/en-us/HT210723", "https://support.apple.com/en-us/HT210725", "https://support.apple.com/en-us/HT210726", "https://support.apple.com/en-us/HT210728" ], "module": "WebKit", "rsr": "", "update": "February 3, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15" ], "credit": "Cim Stordal of Cognite", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2019-8828", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT210785", "https://support.apple.com/en-us/HT210788", "https://support.apple.com/en-us/HT210789", "https://support.apple.com/en-us/HT210790" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Catalina 10.15" ], "credit": "Jann Horn of Google Project Zero", "description": "A memory corruption vulnerability was addressed with improved locking.", "id": "CVE-2019-8829", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT210721", "https://support.apple.com/en-us/HT210722", "https://support.apple.com/en-us/HT210723", "https://support.apple.com/en-us/HT210724" ], "module": "Kernel", "rsr": "", "update": "November 6, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Apple Watch Series 1, Apple Watch Series 2, Apple Watch Series 3, and Apple Watch Series 4 when paired to a device with iOS 12 installed", "iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch 6th generation", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15" ], "credit": "natashenka of Google Project Zero", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2019-8830", "impact": "Processing malicious video via FaceTime may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210785", "https://support.apple.com/en-us/HT210787", "https://support.apple.com/en-us/HT210788", "https://support.apple.com/en-us/HT210789", "https://support.apple.com/en-us/HT210790", "https://support.apple.com/en-us/HT210791" ], "module": "FaceTime", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later)", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6" ], "credit": "riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2019-8831", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT210603", "https://support.apple.com/en-us/HT210604", "https://support.apple.com/en-us/HT210607", "https://support.apple.com/en-us/HT210634", "https://support.apple.com/en-us/HT210722" ], "module": "UIFoundation", "rsr": "", "update": "February 11, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15" ], "credit": "Insu Yun of SSLab at Georgia Tech", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2019-8832", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT210785", "https://support.apple.com/en-us/HT210788", "https://support.apple.com/en-us/HT210789", "https://support.apple.com/en-us/HT210790" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15" ], "credit": "Ian Beer of Google Project Zero", "description": "A memory corruption issue was addressed by removing the vulnerable code.", "id": "CVE-2019-8833", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT210785", "https://support.apple.com/en-us/HT210788", "https://support.apple.com/en-us/HT210789", "https://support.apple.com/en-us/HT210790" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Catalina 10.15" ], "credit": "Rob Sayre (@sayrer)", "description": "A configuration issue was addressed with additional restrictions.", "id": "CVE-2019-8834", "impact": "An attacker in a privileged network position may be able to bypass HSTS for a limited number of specific top-level domains previously not in the HSTS preload list", "links": [ "https://support.apple.com/en-us/HT210785", "https://support.apple.com/en-us/HT210788", "https://support.apple.com/en-us/HT210789", "https://support.apple.com/en-us/HT210790", "https://support.apple.com/en-us/HT210793", "https://support.apple.com/en-us/HT210794", "https://support.apple.com/en-us/HT210795" ], "module": "CFNetwork", "rsr": "", "update": "April 4, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave and macOS High Sierra, and included in macOS Catalina" ], "credit": "Anonymous working with Trend Micro's Zero Day Initiative, Mike Zhang of Pangu Team", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8835", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210785", "https://support.apple.com/en-us/HT210790", "https://support.apple.com/en-us/HT210792", "https://support.apple.com/en-us/HT210793", "https://support.apple.com/en-us/HT210794", "https://support.apple.com/en-us/HT210795" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15" ], "credit": "Csaba Fitzl (@theevilbit)", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2019-8837", "impact": "A malicious application may be able to access restricted files", "links": [ "https://support.apple.com/en-us/HT210788" ], "module": "ATS", "rsr": "", "update": "December 18, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15" ], "credit": "Dr Silvio Cesare of InfoSect", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2019-8838", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT210785", "https://support.apple.com/en-us/HT210788", "https://support.apple.com/en-us/HT210789", "https://support.apple.com/en-us/HT210790" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15" ], "credit": "Stephan Zeisberg of Security Research Labs", "description": "A buffer overflow was addressed with improved bounds checking.", "id": "CVE-2019-8839", "impact": "An attacker in a privileged position may be able to perform a denial of service attack", "links": [ "https://support.apple.com/en-us/HT210788" ], "module": "CUPS", "rsr": "", "update": "December 18, 2019" }, { "available": [ "macOS Mojave 10.14.4 and later" ], "credit": "Pan ZhenPeng (@Peterpan0927) of Qihoo 360 Nirvan Team", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2019-8840", "impact": "Compiling with untrusted sources may lead to arbitrary code execution with user privileges", "links": [ "https://support.apple.com/en-us/HT210796" ], "module": "ld64", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation" ], "credit": "Corellium", "description": "An information disclosure issue was addressed by removing the vulnerable code.", "id": "CVE-2019-8841", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT210785" ], "module": "IOSurfaceAccelerator", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15" ], "credit": "Niky1235 of China Mobile", "description": "A buffer overflow was addressed with improved bounds checking.", "id": "CVE-2019-8842", "impact": "In certain configurations, a remote attacker may be able to submit arbitrary print jobs", "links": [ "https://support.apple.com/en-us/HT210788" ], "module": "CUPS", "rsr": "", "update": "December 18, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave and macOS High Sierra, and included in macOS Catalina" ], "credit": "William Bowling (@wcbowling)", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2019-8844", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210785", "https://support.apple.com/en-us/HT210789", "https://support.apple.com/en-us/HT210790", "https://support.apple.com/en-us/HT210792", "https://support.apple.com/en-us/HT210793", "https://support.apple.com/en-us/HT210794", "https://support.apple.com/en-us/HT210795" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave and macOS High Sierra, and included in macOS Catalina" ], "credit": "Marcin Towalski of Cisco Talos", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2019-8846", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210785", "https://support.apple.com/en-us/HT210790", "https://support.apple.com/en-us/HT210792", "https://support.apple.com/en-us/HT210793", "https://support.apple.com/en-us/HT210794", "https://support.apple.com/en-us/HT210795" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15" ], "credit": "Apple", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2019-8847", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT210788" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15" ], "credit": "Zhuo Liang of Qihoo 360 Vulcan Team", "description": "This issue was addressed with improved checks.", "id": "CVE-2019-8848", "impact": "An application may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT210785", "https://support.apple.com/en-us/HT210788", "https://support.apple.com/en-us/HT210789", "https://support.apple.com/en-us/HT210790", "https://support.apple.com/en-us/HT210793", "https://support.apple.com/en-us/HT210794", "https://support.apple.com/en-us/HT210795" ], "module": "CFNetwork Proxies", "rsr": "", "update": "" }, { "available": [ "SwiftNIO SSL 2.0.0 through 2.4.0 on Ubuntu 14.04 and later" ], "credit": "Apple", "description": "The issue was addressed by signaling that an executable stack is not required.", "id": "CVE-2019-8849", "impact": "A SwiftNIO application using TLS may be able to execute arbitrary code", "links": [ "https://support.apple.com/en-us/HT210772" ], "module": "SwiftNIO", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later)", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6" ], "credit": "Anonymous working with Trend Micro Zero Day Initiative", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2019-8850", "impact": "Processing a maliciously crafted audio file may disclose restricted memory", "links": [ "https://support.apple.com/en-us/HT210603", "https://support.apple.com/en-us/HT210604", "https://support.apple.com/en-us/HT210607", "https://support.apple.com/en-us/HT210634", "https://support.apple.com/en-us/HT210722" ], "module": "Audio", "rsr": "", "update": "December 18, 2019" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15" ], "credit": "Vladik Khononov of DoiT International", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2019-8851", "impact": "A Mac may not lock immediately upon wake", "links": [ "https://support.apple.com/en-us/HT210788" ], "module": "IOGraphics", "rsr": "", "update": "February 3, 2020" }, { "available": [ "macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15" ], "credit": "pattern-f (@pattern_F_) of WaCai", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2019-8852", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT210788" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Catalina 10.15" ], "credit": "Jianjun Dai of Qihoo 360 Alpha Lab", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2019-8853", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT210788" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later)", "iPhone 6s and later" ], "credit": "FuriousMacTeam of the United States Naval Academy and the Mitre Cooperation, Ta-Lun Yen of UCCU Hacker", "description": "A user privacy issue was addressed by removing the broadcast MAC address.", "id": "CVE-2019-8854", "impact": "A device may be passively tracked by its Wi-Fi MAC address", "links": [ "https://support.apple.com/en-us/HT210604", "https://support.apple.com/en-us/HT210606", "https://support.apple.com/en-us/HT210607", "https://support.apple.com/en-us/HT210634" ], "module": "Wi-Fi", "rsr": "", "update": "December 4, 2019, updated December 18, 2019" }, { "available": [ "MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later)" ], "credit": "Apple", "description": "An access issue was addressed with additional sandbox restrictions.", "id": "CVE-2019-8855", "impact": "A malicious application may be able to access restricted files", "links": [ "https://support.apple.com/en-us/HT210634" ], "module": "Sandbox", "rsr": "", "update": "December 18, 2019" }, { "available": [ "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Catalina 10.15" ], "credit": "Fabrice TERRANCLE of TERRANCLE SARL", "description": "An API issue existed in the handling of outgoing phone calls initiated with Siri. This issue was addressed with improved state handling.", "id": "CVE-2019-8856", "impact": "Calls made using Siri may be initiated using the wrong cellular plan on devices with two active plans", "links": [ "https://support.apple.com/en-us/HT210785", "https://support.apple.com/en-us/HT210788", "https://support.apple.com/en-us/HT210789" ], "module": "CallKit", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation" ], "credit": "Tor Bruce", "description": "The issue was addressed with improved validation when an iCloud Link is created.", "id": "CVE-2019-8857", "impact": "Live Photo audio and video data may be shared via iCloud links even if Live Photo is disabled in the Share Sheet carousel", "links": [ "https://support.apple.com/en-us/HT210785" ], "module": "Photos", "rsr": "", "update": "" }, { "available": [ "macOS Catalina 10.15" ], "credit": "Saul van der Bijl of Saul\u2019s Place Counseling B.V.", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2019-8858", "impact": "A user who shares their screen may not be able to end screen sharing", "links": [ "https://support.apple.com/en-us/HT210722" ], "module": "Screen Sharing Server", "rsr": "", "update": "December 18, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave and macOS High Sierra, and included in macOS Catalina" ], "credit": "Michael Kleber of Google", "description": "An information disclosure issue existed in the handling of the Storage Access API. This issue was addressed with improved logic.", "id": "CVE-2019-8898", "impact": "Visiting a maliciously crafted website may reveal sites a user has visited", "links": [ "https://support.apple.com/en-us/HT210785", "https://support.apple.com/en-us/HT210790", "https://support.apple.com/en-us/HT210792", "https://support.apple.com/en-us/HT210793" ], "module": "WebKit", "rsr": "", "update": "February 11, 2020, updated February 20, 2020" }, { "available": [ "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation" ], "credit": "an anonymous researcher", "description": "This issue was addressed by verifying host keys when connecting to a previously-known SSH server.", "id": "CVE-2019-8901", "impact": "An attacker in a privileged network position may be able to intercept SSH traffic from the \u201cRun script over SSH\u201d action", "links": [ "https://support.apple.com/en-us/HT210603" ], "module": "Shortcuts", "rsr": "", "update": "February 11, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD previously Apple TV (4th generation)", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation", "macOS Mojave 10.14.3" ], "credit": "Francisco Alonso", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2019-8906", "impact": "Processing a maliciously crafted file might disclose user information", "links": [ "https://support.apple.com/en-us/HT209599", "https://support.apple.com/en-us/HT209600", "https://support.apple.com/en-us/HT209601", "https://support.apple.com/en-us/HT209602" ], "module": "file", "rsr": "", "update": "April 15, 2019" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later", "macOS Sierra 10.12.6, macOS Mojave 10.14.5, macOS High Sierra 10.13.6" ], "credit": "Daniele Antonioli of SUTD, Singapore, Dr. Nils Ole Tippenhauer of CISPA, Germany, and Prof. Kasper Rasmussen of University of Oxford, England", "description": "An input validation issue existed in Bluetooth. This issue was addressed with improved input validation.", "id": "CVE-2019-9506", "impact": "An attacker in a privileged network position may be able to intercept Bluetooth traffic (Key Negotiation of Bluetooth - KNOB)", "links": [ "https://support.apple.com/en-us/HT210346", "https://support.apple.com/en-us/HT210348", "https://support.apple.com/en-us/HT210351", "https://support.apple.com/en-us/HT210353" ], "module": "Bluetooth", "rsr": "", "update": "August 13, 2019, updated June 25, 2020" }, { "available": [ "SwiftNIO HTTP/2 1.0.0 through 1.4.0 on macOS Sierra 10.12 and later and Ubuntu 14.04 and later" ], "credit": "Jonathan Looney of Netflix", "description": "This issue was addressed with improved buffer size management.", "id": "CVE-2019-9512", "impact": "A HTTP/2 server may consume unbounded amounts of memory when receiving certain traffic patterns and eventually suffer resource exhaustion", "links": [ "https://support.apple.com/en-us/HT210436" ], "module": "SwiftNIO HTTP/2", "rsr": "", "update": "" }, { "available": [ "SwiftNIO HTTP/2 1.0.0 through 1.4.0 on macOS Sierra 10.12 and later and Ubuntu 14.04 and later" ], "credit": "Jonathan Looney of Netflix", "description": "This issue was addressed with improved buffer size management.", "id": "CVE-2019-9514", "impact": "A HTTP/2 server may consume unbounded amounts of memory when receiving certain traffic patterns and eventually suffer resource exhaustion", "links": [ "https://support.apple.com/en-us/HT210436" ], "module": "SwiftNIO HTTP/2", "rsr": "", "update": "" }, { "available": [ "SwiftNIO HTTP/2 1.0.0 through 1.4.0 on macOS Sierra 10.12 and later and Ubuntu 14.04 and later" ], "credit": "Jonathan Looney of Netflix", "description": "This issue was addressed with improved buffer size management.", "id": "CVE-2019-9515", "impact": "A HTTP/2 server may consume unbounded amounts of memory when receiving certain traffic patterns and eventually suffer resource exhaustion", "links": [ "https://support.apple.com/en-us/HT210436" ], "module": "SwiftNIO HTTP/2", "rsr": "", "update": "" }, { "available": [ "SwiftNIO HTTP/2 1.0.0 through 1.4.0 on macOS Sierra 10.12 and later and Ubuntu 14.04 and later" ], "credit": "Jonathan Looney of Netflix", "description": "This issue was addressed with improved buffer size management.", "id": "CVE-2019-9516", "impact": "A HTTP/2 server may consume unbounded amounts of memory when receiving certain traffic patterns and eventually suffer resource exhaustion", "links": [ "https://support.apple.com/en-us/HT210436" ], "module": "SwiftNIO HTTP/2", "rsr": "", "update": "" }, { "available": [ "SwiftNIO HTTP/2 1.0.0 through 1.4.0 on macOS Sierra 10.12 and later and Ubuntu 14.04 and later" ], "credit": "Piotr Sikora of Google, Envoy Security Team", "description": "This issue was addressed with improved input validation.", "id": "CVE-2019-9518", "impact": "A HTTP/2 server may consume excessive CPU resources when receiving certain traffic patterns", "links": [ "https://support.apple.com/en-us/HT210436" ], "module": "SwiftNIO HTTP/2", "rsr": "", "update": "" }, { "available": [ "macOS Catalina 10.15" ], "credit": "Allison Husain of UC Berkeley", "description": "A parsing issue in the handling of directory paths was addressed with improved path validation.", "id": "CVE-2020-9782", "impact": "A remote attacker may be able to overwrite existing files", "links": [ "https://support.apple.com/en-us/HT210788" ], "module": "Notes", "rsr": "", "update": "April 4, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6" ], "credit": "Dongzhuo Zhao working with ADLab of Venustech", "description": "A memory corruption issue was addressed with improved validation.", "id": "CVE-2020-9932", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210603", "https://support.apple.com/en-us/HT210604", "https://support.apple.com/en-us/HT210605" ], "module": "WebKit", "rsr": "", "update": "July 28, 2020" } ] ================================================ FILE: 2019/README.md ================================================ # Apple CVE 2019 * data source: https://support.apple.com/en-us/HT201222 * [2019.json](2019.json) ## Modules | Index | Module Name | CVE Count | |:-----:|:------------------ |:---------:| | 1 | WebKit | 114 | | 2 | Kernel | 40 | | 3 | tcpdump | 27 | | 4 | Wi-Fi | 8 | | 5 | AirPort Base Station Firmware | 8 | | 6 | Bluetooth | 7 | | 7 | SQLite | 7 | | 8 | Messages | 7 | | 9 | CUPS | 7 | | 10 | OpenLDAP | 6 | | 11 | FaceTime | 6 | | 12 | Intel Graphics Driver | 5 | | 13 | libpcap | 5 | | 14 | Security | 5 | | 15 | UIFoundation | 5 | | 16 | ld64 | 5 | | 17 | SwiftNIO HTTP/2 | 5 | | 18 | Microcode | 4 | | 19 | IOKit | 4 | | 20 | Mail | 4 | | 21 | Foundation | 4 | | 22 | IOGraphics | 4 | | 23 | Safari | 4 | | 24 | AppleGraphicsControl | 4 | | 25 | Audio | 4 | | 26 | Perl | 3 | | 27 | Graphics | 3 | | 28 | Safari Reader | 3 | | 29 | Shortcuts | 3 | | 30 | Graphics Drivers | 3 | | 31 | Notes | 3 | | 32 | Accounts | 3 | | 33 | CoreAudio | 3 | | 34 | Sandbox | 3 | | 35 | Core Data | 3 | | 36 | Contacts | 2 | | 37 | IOAcceleratorFamily | 2 | | 38 | apache_mod_php | 2 | | 39 | libxslt | 2 | | 40 | Core Media | 2 | | 41 | QuartzCore | 2 | | 42 | CoreAnimation | 2 | | 43 | iTunes | 2 | | 44 | Time Machine | 2 | | 45 | Feedback Assistant | 2 | | 46 | APFS | 2 | | 47 | Disk Management | 2 | | 48 | Privacy | 2 | | 49 | CoreCrypto | 2 | | 50 | AMD | 2 | | 51 | Quick Look | 2 | | 52 | PluginKit | 2 | | 53 | otool | 2 | | 54 | libxml2 | 2 | | 55 | CFNetwork | 2 | | 56 | Books | 2 | | 57 | Shazam | 2 | | 58 | llvm | 2 | | 59 | Heimdal | 1 | | 60 | libmalloc | 1 | | 61 | Hypervisor | 1 | | 62 | Git | 1 | | 63 | libexpat | 1 | | 64 | IDE SCM | 1 | | 65 | 802.1X | 1 | | 66 | Keyboard | 1 | | 67 | WebRTC | 1 | | 68 | libxpc | 1 | | 69 | Natural Language Processing | 1 | | 70 | AppleKeyStore | 1 | | 71 | Windows Installer | 1 | | 72 | xar | 1 | | 73 | Bom | 1 | | 74 | Live Photos in FaceTime | 1 | | 75 | Siri | 1 | | 76 | File Quarantine | 1 | | 77 | Exchange ActiveSync | 1 | | 78 | CFString | 1 | | 79 | TrueTypeScaler | 1 | | 80 | DiskArbitration | 1 | | 81 | IOKit SCSI | 1 | | 82 | XPC | 1 | | 83 | MediaLibrary | 1 | | 84 | IOHIDFamily | 1 | | 85 | Passcode | 1 | | 86 | Power Management | 1 | | 87 | configd | 1 | | 88 | GeoServices | 1 | | 89 | Disk Images | 1 | | 90 | PackageKit | 1 | | 91 | ReplayKit | 1 | | 92 | MobileInstallation | 1 | | 93 | Touch Bar Support | 1 | | 94 | sysdiagnose | 1 | | 95 | Modem CCL | 1 | | 96 | CoreText | 1 | | 97 | DesktopServices | 1 | | 98 | Application Firewall | 1 | | 99 | AppleFileConduit | 1 | | 100 | Lock Screen | 1 | | 101 | Accessibility Framework | 1 | | 102 | Mail Message Framework | 1 | | 103 | Photos Storage | 1 | | 104 | Digital Touch | 1 | | 105 | Status Bar | 1 | | 106 | EFI | 1 | | 107 | MobileLockdown | 1 | | 108 | Archive Utility | 1 | | 109 | autofs | 1 | | 110 | Carbon Core | 1 | | 111 | Found in Apps | 1 | | 112 | Image Processing | 1 | | 113 | WebKit Page Loading | 1 | | 114 | Wallet | 1 | | 115 | Grapher | 1 | | 116 | Profiles | 1 | | 117 | Telephony | 1 | | 118 | sips | 1 | | 119 | Game Center | 1 | | 120 | Keyboards | 1 | | 121 | IOUSBDeviceFamily | 1 | | 122 | Service Workers | 1 | | 123 | Call History | 1 | | 124 | AppleFirmwareUpdateKext | 1 | | 125 | Crash Reporter | 1 | | 126 | Face ID | 1 | | 127 | SharedFileList | 1 | | 128 | PDFKit | 1 | | 129 | VoiceOver | 1 | | 130 | dyld | 1 | | 131 | Graphics Driver | 1 | | 132 | Associated Domains | 1 | | 133 | Screen Recording | 1 | | 134 | AVEVideoEncoder | 1 | | 135 | File System Events | 1 | | 136 | mDNSResponder | 1 | | 137 | manpages | 1 | | 138 | App Store | 1 | | 139 | Setup Assistant | 1 | | 140 | System Extensions | 1 | | 141 | WebKit Process Model | 1 | | 142 | CoreMedia | 1 | | 143 | Menus | 1 | | 144 | ATS | 1 | | 145 | IOSurfaceAccelerator | 1 | | 146 | CFNetwork Proxies | 1 | | 147 | SwiftNIO | 1 | | 148 | CallKit | 1 | | 149 | Photos | 1 | | 150 | Screen Sharing Server | 1 | | 151 | file | 1 | ================================================ FILE: 2020/2020.json ================================================ [ { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Catalina 10.15.4", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6" ], "credit": "gaojianfeng", "description": "A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks.", "id": "CVE-2014-9512", "impact": "A remote attacker may be able to overwrite existing files", "links": [ "https://support.apple.com/en-us/HT211168", "https://support.apple.com/en-us/HT211170", "https://support.apple.com/en-us/HT211171", "https://support.apple.com/en-us/HT211175", "https://support.apple.com/en-us/HT211289" ], "module": "rsync", "rsr": "", "update": "July 24, 2020" }, { "available": [ "macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.2" ], "credit": "", "description": "Multiple issues were addressed by updating to PHP version 7.3.11.", "id": "CVE-2019-11043", "impact": "Multiple issues in PHP", "links": [ "https://support.apple.com/en-us/HT210919" ], "module": "apache_mod_php", "rsr": "", "update": "" }, { "available": [ "macOS Catalina 10.15.3" ], "credit": "Wenjian HE of Hong Kong University of Science and Technology, Wei Zhang of Hong Kong University of Science and Technology, Sharad Sinha of Indian Institute of Technology Goa, and Sanjeev Das of University of North Carolina", "description": "An information disclosure issue was addressed with improved state management.", "id": "CVE-2019-14615", "impact": "A malicious application may disclose restricted memory", "links": [ "https://support.apple.com/en-us/HT211100" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4" ], "credit": "", "description": "An issue existed in the handling of environment variables. This issue was addressed with improved validation.", "id": "CVE-2019-14868", "impact": "A local user may be able to execute arbitrary shell commands", "links": [ "https://support.apple.com/en-us/HT211170" ], "module": "ksh", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Catalina 10.15.5" ], "credit": "William J. Tolley, Beau Kujath, and Jedidiah R. Crandall", "description": "A routing issue was addressed with improved restrictions.", "id": "CVE-2019-14899", "impact": "An attacker in a privileged network position may be able to inject into active connections within a VPN tunnel", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211289", "https://support.apple.com/en-us/HT211290", "https://support.apple.com/en-us/HT211850", "https://support.apple.com/en-us/HT211931" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.2" ], "credit": "Apple", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2019-18634", "impact": "Certain configurations may allow a local attacker to execute arbitrary code", "links": [ "https://support.apple.com/en-us/HT210919" ], "module": "sudo", "rsr": "", "update": "" }, { "available": [ "macOS Catalina 10.15.3" ], "credit": "", "description": "This issue was addressed by updating to sudo version 1.8.31.", "id": "CVE-2019-19232", "impact": "An attacker may be able to run commands as a non-existent user", "links": [ "https://support.apple.com/en-us/HT211100" ], "module": "sudo", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Catalina 10.15.5" ], "credit": "", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2019-19906", "impact": "A remote attacker may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211289" ], "module": "Mail", "rsr": "", "update": "July 24, 2020, updated September 8, 2020" }, { "available": [ "macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4" ], "credit": "Sam Foxman", "description": "An authorization issue was addressed with improved state management.", "id": "CVE-2019-20044", "impact": "A local attacker may be able to elevate their privileges", "links": [ "https://support.apple.com/en-us/HT211170" ], "module": "zsh", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave and macOS High Sierra, and included in macOS Catalina" ], "credit": "natashenka of Google Project Zero", "description": "An access issue was addressed with improved memory management.", "id": "CVE-2019-20503", "impact": "Processing maliciously crafted web content may result in the disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT211168", "https://support.apple.com/en-us/HT211171", "https://support.apple.com/en-us/HT211175", "https://support.apple.com/en-us/HT211177" ], "module": "WebRTC", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.6, macOS Mojave 10.14.6" ], "credit": "Guilherme de Almeida Suckevicz", "description": "This issue was addressed with improved checks.", "id": "CVE-2019-20807", "impact": "A remote attacker may be able to cause arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211289" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)" ], "credit": "", "description": "Multiple issues were addressed by updating to version 8.44.", "id": "CVE-2019-20838", "impact": "Multiple issues in pcre", "links": [ "https://support.apple.com/en-us/HT211931" ], "module": "PCRE", "rsr": "", "update": "" }, { "available": [ "Windows 10 and later via the Microsoft Store" ], "credit": "Artur Janc, Krzysztof Kotowicz, Lukas Weichselbaum, and Roberto Clapis of Google Security Team", "description": "The HTTP referrer header may be used to leak browsing history. The issue was resolved by downgrading all third party referrers to their origin.", "id": "CVE-2019-8827", "impact": "Visiting a maliciously crafted website may reveal the sites a user has visited", "links": [ "https://support.apple.com/en-us/HT210947" ], "module": "WebKit", "rsr": "", "update": "February 3, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Xiaolong Bai and Min (Spark) Zheng of Alibaba Inc. and Luyi Xing of Indiana University Bloomington", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2019-8836", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT210918", "https://support.apple.com/en-us/HT210920", "https://support.apple.com/en-us/HT210921" ], "module": "IOUSBDeviceFamily", "rsr": "", "update": "June 22, 2020" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6" ], "credit": "Jianjun Dai of Qihoo 360 Alpha Lab", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2019-8853", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT211100" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.6, macOS Catalina 10.15.7" ], "credit": "Niky of China Mobile", "description": "An input validation issue was addressed with improved memory handling.", "id": "CVE-2020-10001", "impact": "A malicious application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT212011" ], "module": "CUPS", "rsr": "", "update": "February 1, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "Windows 10 and later", "Windows 10 and later via the Microsoft Store", "iPhone 6s and later, iPod touch (7th generation), iPad Air 2 and later, and iPad mini 4 and later", "macOS Mojave 10.14.6, macOS Catalina 10.15.7" ], "credit": "James Hutchins", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2020-10002", "impact": "A local user may be able to read arbitrary files", "links": [ "https://support.apple.com/en-us/HT211928", "https://support.apple.com/en-us/HT211929", "https://support.apple.com/en-us/HT211930", "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT211933", "https://support.apple.com/en-us/HT211935", "https://support.apple.com/en-us/HT212011" ], "module": "Foundation", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "iPhone 6s and later, iPod touch (7th generation), iPad Air 2 and later, and iPad mini 4 and later" ], "credit": "Tim Michaud (@TimGMichaud) of Leviathan", "description": "An issue existed within the path validation logic for symlinks. This issue was addressed with improved path sanitization.", "id": "CVE-2020-10003", "impact": "A local attacker may be able to elevate their privileges", "links": [ "https://support.apple.com/en-us/HT211928", "https://support.apple.com/en-us/HT211929", "https://support.apple.com/en-us/HT211930", "https://support.apple.com/en-us/HT211931" ], "module": "Crash Reporter", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "iPhone 6s and later, iPod touch (7th generation), iPad Air 2 and later, and iPad mini 4 and later", "macOS Mojave 10.14.6, macOS Catalina 10.15.7" ], "credit": "Aleksandar Nikolic of Cisco Talos", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2020-10004", "impact": "Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211929", "https://support.apple.com/en-us/HT211930", "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT212011" ], "module": "Model I/O", "rsr": "", "update": "" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)" ], "credit": "Apple", "description": "A resource exhaustion issue was addressed with improved input validation.", "id": "CVE-2020-10005", "impact": "An attacker in a privileged network position may be able to perform denial of service", "links": [ "https://support.apple.com/en-us/HT211931" ], "module": "smbx", "rsr": "", "update": "October 25, 2021" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)" ], "credit": "Wojciech Regu\u0142a (@_r3ggi) of SecuRing", "description": "This issue was addressed with improved entitlements.", "id": "CVE-2020-10006", "impact": "A malicious application may be able to access restricted files", "links": [ "https://support.apple.com/en-us/HT211931" ], "module": "Xsan", "rsr": "", "update": "" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "macOS Mojave 10.14.6, macOS Catalina 10.15.7" ], "credit": "singi@theori working with Trend Micro Zero Day Initiative", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2020-10007", "impact": "A malicious application may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT212011" ], "module": "Power Management", "rsr": "", "update": "" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)" ], "credit": "Wojciech Regu\u0142a of SecuRing (wojciechregula.blog)", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2020-10008", "impact": "A malicious application with root privileges may be able to access private information", "links": [ "https://support.apple.com/en-us/HT211931" ], "module": "TCC", "rsr": "", "update": "December 14, 2020" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "macOS Mojave 10.14.6, macOS Catalina 10.15.7" ], "credit": "Thijs Alkemade of Computest Research Division", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2020-10009", "impact": "A sandboxed process may be able to circumvent sandbox restrictions", "links": [ "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT212011" ], "module": "System Preferences", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "iPhone 6s and later, iPod touch (7th generation), iPad Air 2 and later, and iPad mini 4 and later", "macOS Mojave 10.14.6, macOS Catalina 10.15.7" ], "credit": "Tommy Muir (@Muirey03)", "description": "A path handling issue was addressed with improved validation.", "id": "CVE-2020-10010", "impact": "A local attacker may be able to elevate their privileges", "links": [ "https://support.apple.com/en-us/HT211928", "https://support.apple.com/en-us/HT211929", "https://support.apple.com/en-us/HT211930", "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT212011" ], "module": "Logging", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "iPhone 6s and later, iPod touch (7th generation), iPad Air 2 and later, and iPad mini 4 and later", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15" ], "credit": "Aleksandar Nikolic of Cisco Talos", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2020-10011", "impact": "Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211849", "https://support.apple.com/en-us/HT211929", "https://support.apple.com/en-us/HT211930", "https://support.apple.com/en-us/HT211931" ], "module": "Model I/O", "rsr": "", "update": "December 14, 2020" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "macOS Mojave 10.14.6, macOS Catalina 10.15.7" ], "credit": "Heige of KnownSec 404 Team (knownsec.com) and Bo Qu of Palo Alto Networks (paloaltonetworks.com)", "description": "An access issue was addressed with improved access restrictions.", "id": "CVE-2020-10012", "impact": "Processing a maliciously crafted document may lead to a cross site scripting attack", "links": [ "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT212011" ], "module": "Quick Look", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15" ], "credit": "Yu Wang of Didi Research America", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2020-10013", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT211843", "https://support.apple.com/en-us/HT211849", "https://support.apple.com/en-us/HT211850" ], "module": "Wi-Fi", "rsr": "", "update": "March 16, 2021" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "macOS Mojave 10.14.6, macOS Catalina 10.15.7" ], "credit": "Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab", "description": "A parsing issue in the handling of directory paths was addressed with improved path validation.", "id": "CVE-2020-10014", "impact": "A malicious application may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT212011" ], "module": "libxpc", "rsr": "", "update": "" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "macOS Mojave 10.14.6, macOS Catalina 10.15.7" ], "credit": "ABC Research s.r.o. working with Trend Micro Zero Day Initiative", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2020-10015", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT212011" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "iPhone 6s and later, iPod touch (7th generation), iPad Air 2 and later, and iPad mini 4 and later", "macOS Mojave 10.14.6, macOS Catalina 10.15.7" ], "credit": "Alex Helie", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2020-10016", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT211928", "https://support.apple.com/en-us/HT211929", "https://support.apple.com/en-us/HT211930", "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT212011" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "iPhone 6s and later, iPod touch (7th generation), iPad Air 2 and later, and iPad mini 4 and later", "macOS Mojave 10.14.6, macOS Catalina 10.15.7" ], "credit": "Francis working with Trend Micro Zero Day Initiative, JunDong Xie of Ant Security Light-Year Lab", "description": "An out-of-bounds write was addressed with improved input validation.", "id": "CVE-2020-10017", "impact": "Processing a maliciously crafted audio file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211928", "https://support.apple.com/en-us/HT211929", "https://support.apple.com/en-us/HT211930", "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT212011" ], "module": "CoreAudio", "rsr": "", "update": "" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)" ], "credit": "Jeremy Evans", "description": "This issue was addressed with improved checks.", "id": "CVE-2020-10663", "impact": "When parsing certain JSON documents, the json gem can be coerced into creating arbitrary objects in the target system", "links": [ "https://support.apple.com/en-us/HT211931" ], "module": "Ruby", "rsr": "", "update": "" }, { "available": [ "macOS Catalina 10.15.5" ], "credit": "Hugo van der Sanden and Slaven Rezic", "description": "This issue was addressed with improved checks.", "id": "CVE-2020-10878", "impact": "An integer overflow in the Perl regular expression compiler may allow a remote attacker to insert instructions into the compiled form of a regular expression", "links": [ "https://support.apple.com/en-us/HT211289" ], "module": "Perl", "rsr": "", "update": "March 16, 2021" }, { "available": [ "macOS Catalina 10.15.2 and later" ], "credit": "Carlo Arenas", "description": "This issue was addressed by forbidding a newline character in any value passed via the credential protocol.", "id": "CVE-2020-11008", "impact": "A crafted git URL that contains a newline in it may cause credential information to be provided for the wrong host", "links": [ "https://support.apple.com/en-us/HT211183" ], "module": "Git", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.5" ], "credit": "Xingwei Lin of Ant-Financial Light-Year Security Lab", "description": "Multiple issues in openEXR were addressed with improved checks.", "id": "CVE-2020-11758", "impact": "Multiple buffer overflow issues existed in openEXR", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211289", "https://support.apple.com/en-us/HT211290", "https://support.apple.com/en-us/HT211291", "https://support.apple.com/en-us/HT211293", "https://support.apple.com/en-us/HT211294", "https://support.apple.com/en-us/HT211295" ], "module": "ImageIO", "rsr": "", "update": "September 8, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.5" ], "credit": "Xingwei Lin of Ant-Financial Light-Year Security Lab", "description": "Multiple issues in openEXR were addressed with improved checks.", "id": "CVE-2020-11759", "impact": "Multiple buffer overflow issues existed in openEXR", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211289", "https://support.apple.com/en-us/HT211290", "https://support.apple.com/en-us/HT211291", "https://support.apple.com/en-us/HT211293", "https://support.apple.com/en-us/HT211294", "https://support.apple.com/en-us/HT211295" ], "module": "ImageIO", "rsr": "", "update": "September 8, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.5" ], "credit": "Xingwei Lin of Ant-Financial Light-Year Security Lab", "description": "Multiple issues in openEXR were addressed with improved checks.", "id": "CVE-2020-11760", "impact": "Multiple buffer overflow issues existed in openEXR", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211289", "https://support.apple.com/en-us/HT211290", "https://support.apple.com/en-us/HT211291", "https://support.apple.com/en-us/HT211293", "https://support.apple.com/en-us/HT211294", "https://support.apple.com/en-us/HT211295" ], "module": "ImageIO", "rsr": "", "update": "September 8, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.5" ], "credit": "Xingwei Lin of Ant-Financial Light-Year Security Lab", "description": "Multiple issues in openEXR were addressed with improved checks.", "id": "CVE-2020-11761", "impact": "Multiple buffer overflow issues existed in openEXR", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211289", "https://support.apple.com/en-us/HT211290", "https://support.apple.com/en-us/HT211291", "https://support.apple.com/en-us/HT211293", "https://support.apple.com/en-us/HT211294", "https://support.apple.com/en-us/HT211295" ], "module": "ImageIO", "rsr": "", "update": "September 8, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.5" ], "credit": "Xingwei Lin of Ant-Financial Light-Year Security Lab", "description": "Multiple issues in openEXR were addressed with improved checks.", "id": "CVE-2020-11762", "impact": "Multiple buffer overflow issues existed in openEXR", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211289", "https://support.apple.com/en-us/HT211290", "https://support.apple.com/en-us/HT211291", "https://support.apple.com/en-us/HT211293", "https://support.apple.com/en-us/HT211294", "https://support.apple.com/en-us/HT211295" ], "module": "ImageIO", "rsr": "", "update": "September 8, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.5" ], "credit": "Xingwei Lin of Ant-Financial Light-Year Security Lab", "description": "Multiple issues in openEXR were addressed with improved checks.", "id": "CVE-2020-11763", "impact": "Multiple buffer overflow issues existed in openEXR", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211289", "https://support.apple.com/en-us/HT211290", "https://support.apple.com/en-us/HT211291", "https://support.apple.com/en-us/HT211293", "https://support.apple.com/en-us/HT211294", "https://support.apple.com/en-us/HT211295" ], "module": "ImageIO", "rsr": "", "update": "September 8, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.5" ], "credit": "Xingwei Lin of Ant-Financial Light-Year Security Lab", "description": "Multiple issues in openEXR were addressed with improved checks.", "id": "CVE-2020-11764", "impact": "Multiple buffer overflow issues existed in openEXR", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211289", "https://support.apple.com/en-us/HT211290", "https://support.apple.com/en-us/HT211291", "https://support.apple.com/en-us/HT211293", "https://support.apple.com/en-us/HT211294", "https://support.apple.com/en-us/HT211295" ], "module": "ImageIO", "rsr": "", "update": "September 8, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.5" ], "credit": "Xingwei Lin of Ant-Financial Light-Year Security Lab", "description": "Multiple issues in openEXR were addressed with improved checks.", "id": "CVE-2020-11765", "impact": "Multiple buffer overflow issues existed in openEXR", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211289", "https://support.apple.com/en-us/HT211290", "https://support.apple.com/en-us/HT211291", "https://support.apple.com/en-us/HT211293", "https://support.apple.com/en-us/HT211294", "https://support.apple.com/en-us/HT211295" ], "module": "ImageIO", "rsr": "", "update": "September 8, 2020" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.5" ], "credit": "", "description": "This issue was addressed with improved checks.", "id": "CVE-2020-12243", "impact": "A remote attacker may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT211289" ], "module": "OpenLDAP", "rsr": "", "update": "September 21, 2020" }, { "available": [ "macOS Catalina 10.15.5" ], "credit": "Sergey Aleynikov", "description": "This issue was addressed with improved checks.", "id": "CVE-2020-12723", "impact": "A remote attacker may be able to cause arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211289" ], "module": "Perl", "rsr": "", "update": "March 16, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "", "description": "This issue was addressed with improved checks.", "id": "CVE-2020-13434", "impact": "A remote attacker may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT211843", "https://support.apple.com/en-us/HT211844", "https://support.apple.com/en-us/HT211850", "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT211935", "https://support.apple.com/en-us/HT211952" ], "module": "SQLite", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "", "description": "This issue was addressed with improved checks.", "id": "CVE-2020-13435", "impact": "A remote attacker may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT211843", "https://support.apple.com/en-us/HT211844", "https://support.apple.com/en-us/HT211850", "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT211935", "https://support.apple.com/en-us/HT211952" ], "module": "SQLite", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Catalina 10.15.7", "macOS Mojave 10.14.6, macOS Catalina 10.15" ], "credit": "Aleksandar Nikolic of Cisco Talos", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2020-13520", "impact": "Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211849", "https://support.apple.com/en-us/HT211850", "https://support.apple.com/en-us/HT212011" ], "module": "Model I/O", "rsr": "", "update": "February 1, 2021" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "iPhone 6s and later, iPod touch (7th generation), iPad Air 2 and later, and iPad mini 4 and later", "macOS Mojave 10.14.6, macOS Catalina 10.15.7" ], "credit": "Aleksandar Nikolic of Cisco Talos", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2020-13524", "impact": "Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211929", "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT212011" ], "module": "Model I/O", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2020-13630", "impact": "A remote attacker may be able to cause arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211843", "https://support.apple.com/en-us/HT211844", "https://support.apple.com/en-us/HT211850", "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT211935", "https://support.apple.com/en-us/HT211952" ], "module": "SQLite", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "", "description": "This issue was addressed with improved checks.", "id": "CVE-2020-13631", "impact": "A maliciously crafted SQL query may lead to data corruption", "links": [ "https://support.apple.com/en-us/HT211843", "https://support.apple.com/en-us/HT211844", "https://support.apple.com/en-us/HT211850", "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT211935", "https://support.apple.com/en-us/HT211952" ], "module": "SQLite", "rsr": "", "update": "" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)" ], "credit": "", "description": "Multiple issues were addressed by updating to version 8.44.", "id": "CVE-2020-14155", "impact": "Multiple issues in pcre", "links": [ "https://support.apple.com/en-us/HT211931" ], "module": "PCRE", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "", "description": "Multiple issues were addressed with improved checks.", "id": "CVE-2020-15358", "impact": "Multiple issues in SQLite", "links": [ "https://support.apple.com/en-us/HT211843", "https://support.apple.com/en-us/HT211844", "https://support.apple.com/en-us/HT211847", "https://support.apple.com/en-us/HT211850", "https://support.apple.com/en-us/HT211931" ], "module": "SQLite", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur 11.0.1", "macOS Catalina and macOS Mojave" ], "credit": "an anonymous researcher", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2020-15969", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212003", "https://support.apple.com/en-us/HT212005", "https://support.apple.com/en-us/HT212007", "https://support.apple.com/en-us/HT212009", "https://support.apple.com/en-us/HT212011" ], "module": "WebRTC", "rsr": "", "update": "" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)" ], "credit": "pcsgomes", "description": "An issue existed in screen sharing. This issue was addressed with improved state management.", "id": "CVE-2020-27893", "impact": "A user with screen sharing access may be able to view another user's screen", "links": [ "https://support.apple.com/en-us/HT211931" ], "module": "Screen Sharing", "rsr": "", "update": "March 16, 2021" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)" ], "credit": "Manuel Trezza of Shuggr (shuggr.com)", "description": "The issue was addressed with additional user controls.", "id": "CVE-2020-27894", "impact": "Users may be unable to remove metadata indicating where files were downloaded from", "links": [ "https://support.apple.com/en-us/HT211931" ], "module": "Finder", "rsr": "", "update": "" }, { "available": [ "Windows 10 and later" ], "credit": "Sourav Newatia (linkedin.com/in/sourav-newatia-5b0848a8/)", "description": "An information disclosure issue existed in the transition of program state. This issue was addressed with improved state handling.", "id": "CVE-2020-27895", "impact": "A malicious application may be able to access local users Apple IDs", "links": [ "https://support.apple.com/en-us/HT211933" ], "module": "Windows Security", "rsr": "", "update": "" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "macOS Mojave 10.14.6, macOS Catalina 10.15.7" ], "credit": "an anonymous researcher", "description": "A path handling issue was addressed with improved validation.", "id": "CVE-2020-27896", "impact": "A remote attacker may be able to modify the file system", "links": [ "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT212011" ], "module": "Ruby", "rsr": "", "update": "" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "macOS Mojave 10.14.6, macOS Catalina 10.15.7" ], "credit": "Xiaolong Bai and Min (Spark) Zheng of Alibaba Inc. and Luyi Xing of Indiana University Bloomington", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2020-27897", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT212011" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "macOS Mojave 10.14.6, macOS Catalina 10.15.7" ], "credit": "Stephan Marais of University of Johannesburg", "description": "A denial of service issue was addressed with improved state handling.", "id": "CVE-2020-27898", "impact": "An attacker may be able to bypass Managed Frame Protection", "links": [ "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT212011" ], "module": "Wi-Fi", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "iPhone 6s and later, iPod touch (7th generation), iPad Air 2 and later, and iPad mini 4 and later" ], "credit": "08Tc3wBB working with ZecOps", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2020-27899", "impact": "A local attacker may be able to elevate their privileges", "links": [ "https://support.apple.com/en-us/HT211928", "https://support.apple.com/en-us/HT211929", "https://support.apple.com/en-us/HT211930", "https://support.apple.com/en-us/HT211931" ], "module": "Symptom Framework", "rsr": "", "update": "December 14, 2020" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)" ], "credit": "Thijs Alkemade of Computest Research Division", "description": "An issue existed in the handling of snapshots. The issue was resolved with improved permissions logic.", "id": "CVE-2020-27900", "impact": "A malicious application may be able to preview files it does not have access to", "links": [ "https://support.apple.com/en-us/HT211931" ], "module": "NSRemoteView", "rsr": "", "update": "" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "macOS Mojave 10.14.6, macOS Catalina 10.15.7" ], "credit": "Thijs Alkemade of Computest Research Division", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2020-27901", "impact": "A sandboxed process may be able to circumvent sandbox restrictions", "links": [ "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT212011" ], "module": "NSRemoteView", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPod touch (7th generation), iPad Air 2 and later, and iPad mini 4 and later" ], "credit": "Connor Ford (@connorford2)", "description": "An authentication issue was addressed with improved state management.", "id": "CVE-2020-27902", "impact": "A person with physical access to an iOS device may be able to access stored passwords without authentication", "links": [ "https://support.apple.com/en-us/HT211929" ], "module": "Keyboard", "rsr": "", "update": "" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "macOS Mojave 10.14.6, macOS Catalina 10.15.7" ], "credit": "Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab", "description": "This issue was addressed by removing the vulnerable code.", "id": "CVE-2020-27903", "impact": "An application may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT212011" ], "module": "App Store", "rsr": "", "update": "" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)" ], "credit": "Zuozhi Fan (@pattern_F_) of Ant Group Tianqong Security Lab", "description": "A logic issue existed resulting in memory corruption. This was addressed with improved state management.", "id": "CVE-2020-27904", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT211931" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPod touch (7th generation), iPad Air 2 and later, and iPad mini 4 and later" ], "credit": "Mohamed Ghannam (@_simo36)", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2020-27905", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT211928", "https://support.apple.com/en-us/HT211929", "https://support.apple.com/en-us/HT211930" ], "module": "IOAcceleratorFamily", "rsr": "", "update": "" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "macOS Mojave 10.14.6, macOS Catalina 10.15.7" ], "credit": "Zuozhi Fan (@pattern_F_) of Ant Group Tianqiong Security Lab", "description": "Multiple integer overflows were addressed with improved input validation.", "id": "CVE-2020-27906", "impact": "A remote attacker may be able to cause unexpected application termination or heap corruption", "links": [ "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT212011" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "macOS Mojave 10.14.6, macOS Catalina 10.15.7" ], "credit": "ABC Research s.r.o. working with Trend Micro Zero Day Initiative, Liu Long of Ant Security Light-Year Lab", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2020-27907", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT212011" ], "module": "Intel Graphics Driver", "rsr": "", "update": "March 16, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "iPhone 6s and later, iPod touch 7th generation, iPad Air 2 and later, and iPad mini 4 and later", "macOS Mojave 10.14.6, macOS Catalina 10.15.7" ], "credit": "Anonymous working with Trend Micro Zero Day Initiative, JunDong Xie and Xingwei Lin of Ant Security Light-Year Lab", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2020-27908", "impact": "Processing a maliciously crafted audio file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211928", "https://support.apple.com/en-us/HT211929", "https://support.apple.com/en-us/HT211930", "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT212011" ], "module": "CoreAudio", "rsr": "", "update": "March 16, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "iPhone 6s and later, iPod touch 7th generation, iPad Air 2 and later, and iPad mini 4 and later" ], "credit": "Anonymous working with Trend Micro Zero Day Initiative, JunDong Xie and Xingwei Lin of Ant Security Light-Year Lab", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2020-27909", "impact": "Processing a maliciously crafted audio file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211928", "https://support.apple.com/en-us/HT211929", "https://support.apple.com/en-us/HT211930", "https://support.apple.com/en-us/HT211931" ], "module": "CoreAudio", "rsr": "", "update": "December 14, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "iPhone 6s and later, iPod touch (7th generation), iPad Air 2 and later, and iPad mini 4 and later", "macOS Mojave 10.14.6, macOS Catalina 10.15.7" ], "credit": "JunDong Xie and XingWei Lin of Ant Security Light-Year Lab", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2020-27910", "impact": "Processing a maliciously crafted audio file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211928", "https://support.apple.com/en-us/HT211929", "https://support.apple.com/en-us/HT211930", "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT212011" ], "module": "Audio", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "Windows 10 and later", "Windows 10 and later via the Microsoft Store", "iPhone 6s and later, iPod touch (7th generation), iPad Air 2 and later, and iPad mini 4 and later", "macOS Mojave 10.14.6, macOS Catalina 10.15.7" ], "credit": "found by OSS-Fuzz", "description": "An integer overflow was addressed through improved input validation.", "id": "CVE-2020-27911", "impact": "A remote attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211928", "https://support.apple.com/en-us/HT211929", "https://support.apple.com/en-us/HT211930", "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT211933", "https://support.apple.com/en-us/HT211935", "https://support.apple.com/en-us/HT212011" ], "module": "libxml2", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "Windows 10 and later", "Windows 10 and later via the Microsoft Store", "iPhone 6s and later, iPod touch 7th generation, iPad Air 2 and later, and iPad mini 4 and later", "macOS Mojave 10.14.6, macOS Catalina 10.15.7" ], "credit": "Xingwei Lin of Ant Security Light-Year Lab", "description": "An out-of-bounds write was addressed with improved input validation.", "id": "CVE-2020-27912", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211928", "https://support.apple.com/en-us/HT211929", "https://support.apple.com/en-us/HT211930", "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT211933", "https://support.apple.com/en-us/HT211935", "https://support.apple.com/en-us/HT212011" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "macOS Mojave 10.14.6, macOS Catalina 10.15.7" ], "credit": "Yu Wang of Didi Research America", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2020-27914", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT212011" ], "module": "AMD", "rsr": "", "update": "" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "macOS Mojave 10.14.6, macOS Catalina 10.15.7" ], "credit": "Yu Wang of Didi Research America", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2020-27915", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT212011" ], "module": "AMD", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "iPhone 6s and later, iPod touch (7th generation), iPad Air 2 and later, and iPad mini 4 and later", "macOS Mojave 10.14.6, macOS Catalina 10.15.7" ], "credit": "JunDong Xie of Ant Security Light-Year Lab", "description": "An out-of-bounds write was addressed with improved input validation.", "id": "CVE-2020-27916", "impact": "Processing a maliciously crafted audio file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211928", "https://support.apple.com/en-us/HT211929", "https://support.apple.com/en-us/HT211930", "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT212011" ], "module": "Audio", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "Windows 10 and later", "Windows 10 and later via the Microsoft Store", "iPhone 6s and later, iPod touch 7th generation, iPad Air 2 and later, and iPad mini 4 and later" ], "credit": "found by OSS-Fuzz", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2020-27917", "impact": "Processing maliciously crafted web content may lead to code execution", "links": [ "https://support.apple.com/en-us/HT211928", "https://support.apple.com/en-us/HT211929", "https://support.apple.com/en-us/HT211930", "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT211933", "https://support.apple.com/en-us/HT211935" ], "module": "libxml2", "rsr": "", "update": "" }, { "available": [ "", "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "Windows 10 and later", "Windows 10 and later via the Microsoft Store", "iPhone 6s and later, iPod touch 7th generation, iPad Air 2 and later, and iPad mini 4 and later", "macOS Catalina and macOS Mojave" ], "credit": "an anonymous researcher", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2020-27918", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211928", "https://support.apple.com/en-us/HT211929", "https://support.apple.com/en-us/HT211930", "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT211933", "https://support.apple.com/en-us/HT211934", "https://support.apple.com/en-us/HT211935" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "macOS Mojave 10.14.6, macOS Catalina 10.15.7" ], "credit": "Hou JingYi (@hjy79425575) of Qihoo 360 CERT, Xingwei Lin of Ant Security Light-Year Lab", "description": "An out-of-bounds write was addressed with improved input validation.", "id": "CVE-2020-27919", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT212011" ], "module": "Image Processing", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "iPhone 6s and later, iPod touch 7th generation, iPad Air 2 and later, and iPad mini 4 and later", "macOS Mojave 10.14.6, macOS Catalina 10.15.7" ], "credit": "found by OSS-Fuzz", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2020-27920", "impact": "Processing maliciously crafted web content may lead to code execution", "links": [ "https://support.apple.com/en-us/HT211928", "https://support.apple.com/en-us/HT211929", "https://support.apple.com/en-us/HT211930", "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT212011" ], "module": "libxml2", "rsr": "", "update": "" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "macOS Mojave 10.14.6, macOS Catalina 10.15.7" ], "credit": "Linus Henze (pinauten.de)", "description": "A race condition was addressed with improved state handling.", "id": "CVE-2020-27921", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT212011" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "iPhone 6s and later, iPod touch 7th generation, iPad Air 2 and later, and iPad mini 4 and later", "macOS Mojave 10.14.6, macOS Catalina 10.15.7" ], "credit": "Mickey Jin of Trend Micro", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2020-27922", "impact": "Processing a maliciously crafted font file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211928", "https://support.apple.com/en-us/HT211929", "https://support.apple.com/en-us/HT211930", "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT212011" ], "module": "CoreText", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "iPhone 6s and later, iPod touch 7th generation, iPad Air 2 and later, and iPad mini 4 and later", "macOS Mojave 10.14.6, macOS Catalina 10.15.7" ], "credit": "Lei Sun", "description": "An out-of-bounds write was addressed with improved input validation.", "id": "CVE-2020-27923", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211928", "https://support.apple.com/en-us/HT211929", "https://support.apple.com/en-us/HT211930", "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT212011" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "iPhone 6s and later, iPod touch 7th generation, iPad Air 2 and later, and iPad mini 4 and later", "macOS Mojave 10.14.6, macOS Catalina 10.15.7, macOS Big Sur 11.0.1" ], "credit": "Lei Sun", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2020-27924", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211928", "https://support.apple.com/en-us/HT211929", "https://support.apple.com/en-us/HT211930", "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT212011" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPod touch (7th generation), iPad Air 2 and later, and iPad mini 4 and later" ], "credit": "Nick Tangri", "description": "An issue existed in the handling of incoming calls. The issue was addressed with additional state checks.", "id": "CVE-2020-27925", "impact": "A user may answer two calls simultaneously without indication they have answered a second call", "links": [ "https://support.apple.com/en-us/HT211929" ], "module": "CallKit", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPod touch (7th generation), iPad Air 2 and later, and iPad mini 4 and later", "macOS Mojave 10.14.6, macOS Catalina 10.15.7" ], "credit": "found by OSS-Fuzz", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2020-27926", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211929", "https://support.apple.com/en-us/HT212011" ], "module": "libxml2", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "iPhone 6s and later, iPod touch (7th generation), iPad Air 2 and later, and iPad mini 4 and later" ], "credit": "Xingwei Lin of Ant Security Light-Year Lab", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2020-27927", "impact": "Processing a maliciously crafted font file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211928", "https://support.apple.com/en-us/HT211929", "https://support.apple.com/en-us/HT211930", "https://support.apple.com/en-us/HT211931" ], "module": "FontParser", "rsr": "", "update": "" }, { "available": [ "iPhone 5s, iPhone 6 and 6 Plus, iPad Air, iPad mini 2 and 3, iPod touch (6th generation)" ], "credit": "James P (@Jam_Penn)", "description": "A logic issue existed in the handling of Group FaceTime calls. The issue was addressed with improved state management.", "id": "CVE-2020-27929", "impact": "A user may send video in Group FaceTime calls without knowing that they have done so", "links": [ "https://support.apple.com/en-us/HT211940" ], "module": "FaceTime", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 1 and later", "Apple Watch Series 1, Apple Watch Series 2, Apple Watch Series 3, and Apple Watch Series 4 when paired to an iPhone with iOS 12 installed", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "iPhone 5s, iPhone 6 and 6 Plus, iPad Air, iPad mini 2 and 3, iPod touch (6th generation)", "iPhone 6s and later, iPod touch (7th generation), iPad Air 2 and later, and iPad mini 4 and later", "macOS Catalina 10.15.7", "macOS High Sierra 10.13.6, macOS Mojave 10.14.6" ], "credit": "Google Project Zero", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2020-27930", "impact": "Processing a maliciously crafted font may lead to arbitrary code execution. Apple is aware of reports that an exploit for this issue exists in the wild.", "links": [ "https://support.apple.com/en-us/HT211928", "https://support.apple.com/en-us/HT211929", "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT211940", "https://support.apple.com/en-us/HT211944", "https://support.apple.com/en-us/HT211945", "https://support.apple.com/en-us/HT211946", "https://support.apple.com/en-us/HT211947" ], "module": "FontParser", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Big Sur 11.0.1" ], "credit": "Apple", "description": "A memory corruption issue existed in the processing of font files. This issue was addressed with improved input validation.", "id": "CVE-2020-27931", "impact": "Processing a maliciously crafted font file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211843", "https://support.apple.com/en-us/HT211844", "https://support.apple.com/en-us/HT211850", "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT212011" ], "module": "FontParser", "rsr": "", "update": "December 22, 2020" }, { "available": [ "Apple Watch Series 1 and later", "Apple Watch Series 1, Apple Watch Series 2, Apple Watch Series 3, and Apple Watch Series 4 when paired to an iPhone with iOS 12 installed", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "iPhone 5s, iPhone 6 and 6 Plus, iPad Air, iPad mini 2 and 3, iPod touch (6th generation)", "iPhone 6s and later, iPod touch (7th generation), iPad Air 2 and later, and iPad mini 4 and later", "macOS Catalina 10.15.7", "macOS High Sierra 10.13.6, macOS Mojave 10.14.6" ], "credit": "Google Project Zero", "description": "A type confusion issue was addressed with improved state handling.", "id": "CVE-2020-27932", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges. Apple is aware of reports that an exploit for this issue exists in the wild.", "links": [ "https://support.apple.com/en-us/HT211928", "https://support.apple.com/en-us/HT211929", "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT211940", "https://support.apple.com/en-us/HT211944", "https://support.apple.com/en-us/HT211945", "https://support.apple.com/en-us/HT211946", "https://support.apple.com/en-us/HT211947" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Catalina 10.15.5" ], "credit": "Xingwei Lin of Ant-Financial Light-Year Security Lab", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2020-27933", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211289", "https://support.apple.com/en-us/HT211290", "https://support.apple.com/en-us/HT211291", "https://support.apple.com/en-us/HT211293", "https://support.apple.com/en-us/HT211294", "https://support.apple.com/en-us/HT211295" ], "module": "ImageIO", "rsr": "", "update": "March 16, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "iPhone 6s and later, iPod touch (7th generation), iPad Air 2 and later, and iPad mini 4 and later" ], "credit": "Lior Halphon (@LIJI32)", "description": "Multiple issues were addressed with improved logic.", "id": "CVE-2020-27935", "impact": "A sandboxed process may be able to circumvent sandbox restrictions", "links": [ "https://support.apple.com/en-us/HT211928", "https://support.apple.com/en-us/HT211929", "https://support.apple.com/en-us/HT211930", "https://support.apple.com/en-us/HT211931" ], "module": "XNU", "rsr": "", "update": "December 17, 2020" }, { "available": [ "macOS Big Sur 11.0.1" ], "credit": "Yu Wang of Didi Research America", "description": "An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation.", "id": "CVE-2020-27936", "impact": "A local user may be able to cause unexpected system termination or read kernel memory", "links": [ "https://support.apple.com/en-us/HT212011" ], "module": "AMD", "rsr": "", "update": "February 1, 2021" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)" ], "credit": "Wojciech Regu\u0142a (@_r3ggi) of SecuRing", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2020-27937", "impact": "A malicious application may be able to access private information", "links": [ "https://support.apple.com/en-us/HT211931" ], "module": "Directory Utility", "rsr": "", "update": "March 16, 2021" }, { "available": [ "macOS Big Sur 11.0.1" ], "credit": "Tim Michaud (@TimGMichaud) of Leviathan", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2020-27938", "impact": "A malicious application may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/HT212011" ], "module": "Power Management", "rsr": "", "update": "February 1, 2021" }, { "available": [ "macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.7" ], "credit": "Xingwei Lin of Ant Security Light-Year Lab", "description": "This issue was addressed with improved checks.", "id": "CVE-2020-27939", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212011" ], "module": "ImageIO", "rsr": "", "update": "December 22, 2020, updated February 1, 2021" }, { "available": [ "Apple TV version 5.1 and later" ], "credit": "Razvan Sima (0xraaz)", "description": "This issue was addressed with improved file handling.", "id": "CVE-2020-27940", "impact": "An attacker with file system access may modify scripts used by the app", "links": [ "https://support.apple.com/en-us/HT212197" ], "module": "Apple TV app", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.6, macOS Catalina 10.15.7, macOS Big Sur 11.0.1" ], "credit": "shrek_wzw", "description": "A validation issue was addressed with improved logic.", "id": "CVE-2020-27941", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT212011" ], "module": "AppleGraphicsControl", "rsr": "", "update": "" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)" ], "credit": "an anonymous researcher", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2020-27942", "impact": "Processing a maliciously crafted font file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211931" ], "module": "FontParser", "rsr": "", "update": "October 25, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Big Sur 11.0.1" ], "credit": "Mateusz Jurczyk of Google Project Zero", "description": "A memory corruption issue existed in the processing of font files. This issue was addressed with improved input validation.", "id": "CVE-2020-27943", "impact": "Processing a maliciously crafted font file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212003", "https://support.apple.com/en-us/HT212005", "https://support.apple.com/en-us/HT212009", "https://support.apple.com/en-us/HT212011" ], "module": "FontParser", "rsr": "", "update": "December 22, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Big Sur 11.0.1" ], "credit": "Mateusz Jurczyk of Google Project Zero", "description": "A memory corruption issue existed in the processing of font files. This issue was addressed with improved input validation.", "id": "CVE-2020-27944", "impact": "Processing a maliciously crafted font file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212003", "https://support.apple.com/en-us/HT212005", "https://support.apple.com/en-us/HT212009", "https://support.apple.com/en-us/HT212011" ], "module": "FontParser", "rsr": "", "update": "December 22, 2020" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)" ], "credit": "Zhuo Liang of Qihoo 360 Vulcan Team", "description": "An integer overflow was addressed with improved input validation.", "id": "CVE-2020-27945", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211931" ], "module": "CFNetwork Cache", "rsr": "", "update": "March 16, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur 11.0.1" ], "credit": "Mateusz Jurczyk of Google Project Zero", "description": "An information disclosure issue was addressed with improved state management.", "id": "CVE-2020-27946", "impact": "Processing a maliciously crafted font may result in the disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT212003", "https://support.apple.com/en-us/HT212005", "https://support.apple.com/en-us/HT212009", "https://support.apple.com/en-us/HT212011" ], "module": "FontParser", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.6, macOS Catalina 10.15.7, macOS Big Sur 11.0.1" ], "credit": "ABC Research s.r.o. working with Trend Micro Zero Day Initiative, Liu Long of Ant Security Light-Year Lab", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2020-27947", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT212011" ], "module": "Graphics Drivers", "rsr": "", "update": "March 16, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave 10.14.6, macOS Catalina 10.15.7, macOS Big Sur 11.0.1" ], "credit": "JunDong Xie of Ant Security Light-Year Lab", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2020-27948", "impact": "Processing a maliciously crafted audio file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212003", "https://support.apple.com/en-us/HT212005", "https://support.apple.com/en-us/HT212009", "https://support.apple.com/en-us/HT212011" ], "module": "CoreAudio", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.6, macOS Catalina 10.15.7, macOS Big Sur 11.0.1" ], "credit": "Steffen Klee (@_kleest) of TU Darmstadt, Secure Mobile Networking Lab", "description": "This issue was addressed with improved checks to prevent unauthorized actions.", "id": "CVE-2020-27949", "impact": "A malicious application may cause unexpected changes in memory belonging to processes traced by DTrace", "links": [ "https://support.apple.com/en-us/HT212011" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 1 and later", "Apple Watch Series 1, Apple Watch Series 2, Apple Watch Series 3, and Apple Watch Series 4 when paired to an iPhone with iOS 12 installed", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "iPhone 5s, iPhone 6 and 6 Plus, iPad Air, iPad mini 2 and 3, iPod touch (6th generation)", "iPhone 6s and later, iPod touch (7th generation), iPad Air 2 and later, and iPad mini 4 and later", "macOS Catalina 10.15.7", "macOS High Sierra 10.13.6, macOS Mojave 10.14.6" ], "credit": "Google Project Zero", "description": "A memory initialization issue was addressed.", "id": "CVE-2020-27950", "impact": "A malicious application may be able to disclose kernel memory. Apple is aware of reports that an exploit for this issue exists in the wild.", "links": [ "https://support.apple.com/en-us/HT211928", "https://support.apple.com/en-us/HT211929", "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT211940", "https://support.apple.com/en-us/HT211944", "https://support.apple.com/en-us/HT211945", "https://support.apple.com/en-us/HT211946", "https://support.apple.com/en-us/HT211947" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 1 and Apple Watch Series 2", "Apple Watch Series 3 and later", "iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation)", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Apple", "description": "This issue was addressed with improved checks.", "id": "CVE-2020-27951", "impact": "Unauthorized code execution may lead to an authentication policy violation", "links": [ "https://support.apple.com/en-us/HT212003", "https://support.apple.com/en-us/HT212004", "https://support.apple.com/en-us/HT212006", "https://support.apple.com/en-us/HT212009" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "macOS Mojave 10.14.6, macOS Catalina 10.15.7" ], "credit": "an anonymous researcher, Mickey Jin and Junzhi Lu of Trend Micro", "description": "An out-of-bounds write was addressed with improved input validation.", "id": "CVE-2020-27952", "impact": "Processing a maliciously crafted font file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT212011" ], "module": "FontParser", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur 11.0.1" ], "credit": "Xingwei Lin of Ant Security Light-Year Lab", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2020-29608", "impact": "A remote attacker may be able to leak memory", "links": [ "https://support.apple.com/en-us/HT212003", "https://support.apple.com/en-us/HT212005", "https://support.apple.com/en-us/HT212009", "https://support.apple.com/en-us/HT212011" ], "module": "FontParser", "rsr": "", "update": "March 16, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur 11.0.1" ], "credit": "Anonymous working with Trend Micro Zero Day Initiative", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2020-29610", "impact": "Processing a maliciously crafted audio file may disclose restricted memory", "links": [ "https://support.apple.com/en-us/HT212003", "https://support.apple.com/en-us/HT212005", "https://support.apple.com/en-us/HT212009", "https://support.apple.com/en-us/HT212011" ], "module": "Audio", "rsr": "", "update": "March 16, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Big Sur 11.0.1" ], "credit": "Alexandru-Vlad Niculae working with Google Project Zero", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2020-29611", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212003", "https://support.apple.com/en-us/HT212005", "https://support.apple.com/en-us/HT212009", "https://support.apple.com/en-us/HT212011" ], "module": "ImageIO", "rsr": "", "update": "December 17, 2020" }, { "available": [ "macOS Mojave 10.14.6, macOS Catalina 10.15.7, macOS Big Sur 11.0.1" ], "credit": "ABC Research s.r.o. working with Trend Micro Zero Day Initiative", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2020-29612", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT212011" ], "module": "Graphics Drivers", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Ryan Pickren (ryanpickren.com)", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2020-29613", "impact": "An enterprise application installation prompt may display the wrong domain", "links": [ "https://support.apple.com/en-us/HT212003" ], "module": "App Store", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur 11.0.1" ], "credit": "ZhiWei Sun(@5n1p3r0010) of Topsec Alpha Lab", "description": "This issue was addressed with improved checks.", "id": "CVE-2020-29614", "impact": "Processing a maliciously crafted file may lead to heap corruption", "links": [ "https://support.apple.com/en-us/HT212003", "https://support.apple.com/en-us/HT212005", "https://support.apple.com/en-us/HT212011" ], "module": "Model I/O", "rsr": "", "update": "March 16, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Catalina 10.15.7, macOS Big Sur 11.0.1" ], "credit": "Xingwei Lin of Ant Security Light-Year Lab", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2020-29615", "impact": "Processing a maliciously crafted image may lead to a denial of service", "links": [ "https://support.apple.com/en-us/HT212003", "https://support.apple.com/en-us/HT212005", "https://support.apple.com/en-us/HT212009", "https://support.apple.com/en-us/HT212011" ], "module": "ImageIO", "rsr": "", "update": "March 16, 2021" }, { "available": [ "macOS Big Sur 11.0.1" ], "credit": "zhouat working with Trend Micro Zero Day Initiative", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2020-29616", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212011" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave 10.14.6, macOS Catalina 10.15.7, macOS Big Sur 11.0.1" ], "credit": "Xingwei Lin of Ant Security Light-Year Lab", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2020-29617", "impact": "Processing a maliciously crafted image may lead to heap corruption", "links": [ "https://support.apple.com/en-us/HT212003", "https://support.apple.com/en-us/HT212005", "https://support.apple.com/en-us/HT212009", "https://support.apple.com/en-us/HT212011" ], "module": "ImageIO", "rsr": "", "update": "March 16, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave 10.14.6, macOS Catalina 10.15.7, macOS Big Sur 11.0.1" ], "credit": "Xingwei Lin of Ant Security Light-Year Lab", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2020-29618", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212003", "https://support.apple.com/en-us/HT212005", "https://support.apple.com/en-us/HT212009", "https://support.apple.com/en-us/HT212011" ], "module": "ImageIO", "rsr": "", "update": "March 16, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave 10.14.6, macOS Catalina 10.15.7, macOS Big Sur 11.0.1" ], "credit": "Xingwei Lin of Ant Security Light-Year Lab", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2020-29619", "impact": "Processing a maliciously crafted image may lead to heap corruption", "links": [ "https://support.apple.com/en-us/HT212003", "https://support.apple.com/en-us/HT212005", "https://support.apple.com/en-us/HT212009", "https://support.apple.com/en-us/HT212011" ], "module": "ImageIO", "rsr": "", "update": "March 16, 2021" }, { "available": [ "macOS Big Sur 11.0.1" ], "credit": "Csaba Fitzl (@theevilbit) of Offensive Security", "description": "This issue was addressed with improved entitlements.", "id": "CVE-2020-29620", "impact": "A malicious application may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/HT212011" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur 11.0.1" ], "credit": "Wojciech Regu\u0142a (@_r3ggi) of SecuRing", "description": "This issue was addressed with improved checks.", "id": "CVE-2020-29621", "impact": "A malicious application may be able to bypass Privacy preferences", "links": [ "https://support.apple.com/en-us/HT212011" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur 11.0.1" ], "credit": "Simon Hunt of OvalTwo LTD", "description": "\"Clear History and Website Data\" did not clear the history. The issue was addressed with improved data deletion.", "id": "CVE-2020-29623", "impact": "A user may be unable to fully delete browsing history", "links": [ "https://support.apple.com/en-us/HT212003", "https://support.apple.com/en-us/HT212005", "https://support.apple.com/en-us/HT212011" ], "module": "WebKit Storage", "rsr": "", "update": "March 16, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Big Sur 11.0.1" ], "credit": "Mateusz Jurczyk of Google Project Zero", "description": "A memory corruption issue existed in the processing of font files. This issue was addressed with improved input validation.", "id": "CVE-2020-29624", "impact": "Processing a maliciously crafted font file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212003", "https://support.apple.com/en-us/HT212005", "https://support.apple.com/en-us/HT212009", "https://support.apple.com/en-us/HT212011" ], "module": "FontParser", "rsr": "", "update": "December 22, 2020" }, { "available": [ "macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.7" ], "credit": "XingWei Lin of Ant Security Light-Year Lab", "description": "This issue was addressed with improved checks.", "id": "CVE-2020-29625", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212011" ], "module": "ImageIO", "rsr": "", "update": "December 22, 2020, updated February 1, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "an anonymous researcher", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2020-29629", "impact": "A malicious application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT211843", "https://support.apple.com/en-us/HT211844", "https://support.apple.com/en-us/HT211850", "https://support.apple.com/en-us/HT211931" ], "module": "FontParser", "rsr": "", "update": "October 25, 2021" }, { "available": [ "macOS Big Sur 11.0.1" ], "credit": "Jewel Lambert of Original Spin, LLC.", "description": "An authentication issue was addressed with improved state management.", "id": "CVE-2020-29633", "impact": "An attacker in a privileged network position may be able to bypass authentication policy", "links": [ "https://support.apple.com/en-us/HT212011" ], "module": "Login Window", "rsr": "", "update": "February 1, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Mickey Jin & Qi Sun of Trend Micro working with Trend Micro's Zero Day Initiative", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2020-29639", "impact": "Processing a maliciously crafted font may result in the disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT211843", "https://support.apple.com/en-us/HT211844", "https://support.apple.com/en-us/HT211850", "https://support.apple.com/en-us/HT211931" ], "module": "FontParser", "rsr": "", "update": "July 21, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Xingwei Lin of Ant-Financial Light-Year Security Lab", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2020-36521", "impact": "Processing a maliciously crafted tiff file may lead to a denial-of-service or potentially disclose memory contents", "links": [ "https://support.apple.com/en-us/HT211843", "https://support.apple.com/en-us/HT211844", "https://support.apple.com/en-us/HT211846", "https://support.apple.com/en-us/HT211847", "https://support.apple.com/en-us/HT211850", "https://support.apple.com/en-us/HT211952" ], "module": "ImageIO", "rsr": "", "update": "May 25, 2022" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)" ], "credit": "Peter Nguyen Hoang Vu (@peternguyen14) of STAR Labs", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2020-36615", "impact": "Processing a maliciously crafted font may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211931" ], "module": "FontParser", "rsr": "", "update": "May 11, 2023" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave and macOS High Sierra, and included in macOS Catalina" ], "credit": "Przemys\u0142aw Sporysz of Euvic", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2020-3825", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210918", "https://support.apple.com/en-us/HT210920", "https://support.apple.com/en-us/HT210922", "https://support.apple.com/en-us/HT210923", "https://support.apple.com/en-us/HT210947", "https://support.apple.com/en-us/HT210948" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.2" ], "credit": "Samuel Gro\u00df of Google Project Zero", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2020-3826", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210918", "https://support.apple.com/en-us/HT210919", "https://support.apple.com/en-us/HT210920", "https://support.apple.com/en-us/HT210921", "https://support.apple.com/en-us/HT210923", "https://support.apple.com/en-us/HT210947", "https://support.apple.com/en-us/HT210948" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.2" ], "credit": "Samuel Gro\u00df of Google Project Zero", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2020-3827", "impact": "Viewing a maliciously crafted JPEG file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210919" ], "module": "Image Processing", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "an anonymous researcher", "description": "A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management.", "id": "CVE-2020-3828", "impact": "A person with physical access to an iOS device may be able to access contacts from the lock screen", "links": [ "https://support.apple.com/en-us/HT210918" ], "module": "Phone", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.2" ], "credit": "Ian Beer of Google Project Zero", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2020-3829", "impact": "An application may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT210918", "https://support.apple.com/en-us/HT210919", "https://support.apple.com/en-us/HT210920", "https://support.apple.com/en-us/HT210921" ], "module": "libxpc", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.2" ], "credit": "Csaba Fitzl (@theevilbit)", "description": "A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks.", "id": "CVE-2020-3830", "impact": "A malicious application may be able to overwrite arbitrary files", "links": [ "https://support.apple.com/en-us/HT210919" ], "module": "PackageKit", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Chilik Tamir of Zimperium zLabs, Corellium, Proteas of Qihoo 360 Nirvan Team", "description": "A race condition was addressed with improved locking.", "id": "CVE-2020-3831", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT210918" ], "module": "Kernel", "rsr": "", "update": "March 19, 2020" }, { "available": [ "macOS Mojave and macOS High Sierra, and included in macOS Catalina" ], "credit": "Nikhil Mittal (@c0d3G33k) of Payatu Labs (payatu.com)", "description": "An inconsistent user interface issue was addressed with improved state management.", "id": "CVE-2020-3833", "impact": "Visiting a malicious website may lead to address bar spoofing", "links": [ "https://support.apple.com/en-us/HT210922" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 1 and later" ], "credit": "Xiaolong Bai and Min (Spark) Zheng of Alibaba Inc, Luyi Xing of Indiana University Bloomington", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2020-3834", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT210921" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.2" ], "credit": "Csaba Fitzl (@theevilbit)", "description": "A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks.", "id": "CVE-2020-3835", "impact": "A malicious application may be able to access restricted files", "links": [ "https://support.apple.com/en-us/HT210919" ], "module": "Crash Reporter", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.2" ], "credit": "Brandon Azad of Google Project Zero", "description": "An access issue was addressed with improved memory management.", "id": "CVE-2020-3836", "impact": "A malicious application may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT210918", "https://support.apple.com/en-us/HT210919", "https://support.apple.com/en-us/HT210920", "https://support.apple.com/en-us/HT210921" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Catalina 10.15.2" ], "credit": "Brandon Azad of Google Project Zero", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2020-3837", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT210918", "https://support.apple.com/en-us/HT210919", "https://support.apple.com/en-us/HT210920", "https://support.apple.com/en-us/HT210921" ], "module": "IOAcceleratorFamily", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.2" ], "credit": "Dayton Pidhirney (@_watbulb)", "description": "The issue was addressed with improved permissions logic.", "id": "CVE-2020-3838", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT210918", "https://support.apple.com/en-us/HT210919", "https://support.apple.com/en-us/HT210920", "https://support.apple.com/en-us/HT210921" ], "module": "wifivelocityd", "rsr": "", "update": "" }, { "available": [ "macOS Catalina 10.15.2" ], "credit": "s0ngsari of Theori and Lee of Seoul National University working with Trend Micro's Zero Day Initiative", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2020-3839", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT210919" ], "module": "Wi-Fi", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Catalina 10.15.2" ], "credit": "@littlelailo", "description": "An off by one issue existed in the handling of racoon configuration files. This issue was addressed through improved bounds checking.", "id": "CVE-2020-3840", "impact": "Loading a maliciously crafted racoon configuration file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210918", "https://support.apple.com/en-us/HT210919", "https://support.apple.com/en-us/HT210920" ], "module": "IPSec", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave and macOS High Sierra, and included in macOS Catalina" ], "credit": "Sebastian Bicchi (@secresDoge) from Sec-Research", "description": "The issue was addressed with improved UI handling.", "id": "CVE-2020-3841", "impact": "A local user may unknowingly send a password unencrypted over the network", "links": [ "https://support.apple.com/en-us/HT210918", "https://support.apple.com/en-us/HT210922" ], "module": "Safari Login AutoFill", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.2" ], "credit": "Ned Williamson working with Google Project Zero", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2020-3842", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT210918", "https://support.apple.com/en-us/HT210919", "https://support.apple.com/en-us/HT210920", "https://support.apple.com/en-us/HT210921" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 1, Apple Watch Series 2, Apple Watch Series 3, and Apple Watch Series 4 when paired to an iPhone with iOS 12 installed", "iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch 6th generation", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.2" ], "credit": "Ian Beer of Google Project Zero", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2020-3843", "impact": "A remote attacker may be able to cause unexpected system termination or corrupt kernel memory", "links": [ "https://support.apple.com/en-us/HT210918", "https://support.apple.com/en-us/HT210919", "https://support.apple.com/en-us/HT211169", "https://support.apple.com/en-us/HT211176" ], "module": "Wi-Fi", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Ayden Panhuyzen (@aydenpanhuyzen) and Jamie Bishop (@jamiebishop123) of Dynastic, Lance Rodgers of Oxon Hill High School", "description": "This issue was addressed with improved checks.", "id": "CVE-2020-3844", "impact": "Users removed from an iMessage conversation may still be able to alter state", "links": [ "https://support.apple.com/en-us/HT210918" ], "module": "Messages", "rsr": "", "update": "January 29, 2020" }, { "available": [ "macOS Mojave 10.14.6, macOS Catalina 10.15.2" ], "credit": "Zhuo Liang of Qihoo 360 Vulcan Team", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2020-3845", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT210919" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.2" ], "credit": "Ranier Vilela", "description": "A buffer overflow was addressed with improved size validation.", "id": "CVE-2020-3846", "impact": "Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210918", "https://support.apple.com/en-us/HT210919", "https://support.apple.com/en-us/HT210920", "https://support.apple.com/en-us/HT210921", "https://support.apple.com/en-us/HT210923", "https://support.apple.com/en-us/HT210947", "https://support.apple.com/en-us/HT210948" ], "module": "libxml2", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.2" ], "credit": "Jianjun Dai of Qihoo 360 Alpha Lab", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2020-3847", "impact": "A remote attacker may be able to leak memory", "links": [ "https://support.apple.com/en-us/HT210919" ], "module": "CoreBluetooth", "rsr": "", "update": "February 3, 2020" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.2" ], "credit": "Jianjun Dai of Qihoo 360 Alpha Lab", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2020-3848", "impact": "A remote attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210919" ], "module": "CoreBluetooth", "rsr": "", "update": "February 3, 2020" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.2" ], "credit": "Jianjun Dai of Qihoo 360 Alpha Lab", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2020-3849", "impact": "A remote attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210919" ], "module": "CoreBluetooth", "rsr": "", "update": "February 3, 2020" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.2" ], "credit": "Jianjun Dai of Qihoo 360 Alpha Lab", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2020-3850", "impact": "A remote attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210919" ], "module": "CoreBluetooth", "rsr": "", "update": "February 3, 2020" }, { "available": [ "macOS Catalina 10.15.2", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6" ], "credit": "Xiaolong Bai and Min (Spark) Zheng of Alibaba Inc. and Luyi Xing of Indiana University Bloomington", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2020-3851", "impact": "An application may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT210919", "https://support.apple.com/en-us/HT211100" ], "module": "IOThunderboltFamily", "rsr": "", "update": "" }, { "available": [ "macOS Mojave and macOS High Sierra, and included in macOS Catalina" ], "credit": "Ryan Pickren (ryanpickren.com)", "description": "A logic issue was addressed with improved validation.", "id": "CVE-2020-3852", "impact": "A URL scheme may be incorrectly ignored when determining multimedia permission for a website", "links": [ "https://support.apple.com/en-us/HT210922" ], "module": "Safari", "rsr": "", "update": "February 6, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.2" ], "credit": "Brandon Azad of Google Project Zero", "description": "A type confusion issue was addressed with improved memory handling.", "id": "CVE-2020-3853", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT210918", "https://support.apple.com/en-us/HT210919", "https://support.apple.com/en-us/HT210920", "https://support.apple.com/en-us/HT210921" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Catalina 10.15.2" ], "credit": "Jakob Rieck (@0xdead10cc) and Maximilian Blochberger of the Security in Distributed Systems Group of University of Hamburg", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2020-3854", "impact": "A malicious application may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/HT210919" ], "module": "Security", "rsr": "", "update": "February 3, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS High Sierra 10.13.6, macOS Mojave 10.14.6" ], "credit": "Csaba Fitzl (@theevilbit)", "description": "An access issue was addressed with improved access restrictions.", "id": "CVE-2020-3855", "impact": "A malicious application may be able to overwrite arbitrary files", "links": [ "https://support.apple.com/en-us/HT210918", "https://support.apple.com/en-us/HT210919", "https://support.apple.com/en-us/HT210920", "https://support.apple.com/en-us/HT210921" ], "module": "files", "rsr": "", "update": "January 19, 2022" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.2" ], "credit": "Ian Beer of Google Project Zero", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2020-3856", "impact": "Processing a maliciously crafted string may lead to heap corruption", "links": [ "https://support.apple.com/en-us/HT210918", "https://support.apple.com/en-us/HT210919", "https://support.apple.com/en-us/HT210920", "https://support.apple.com/en-us/HT210921" ], "module": "libxpc", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Catalina 10.15.2" ], "credit": "Zhuo Liang of Qihoo 360 Vulcan Team", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2020-3857", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT210918", "https://support.apple.com/en-us/HT210919", "https://support.apple.com/en-us/HT210920", "https://support.apple.com/en-us/HT210921" ], "module": "Audio", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Xiaolong Bai and Min (Spark) Zheng of Alibaba Inc, Luyi Xing of Indiana University Bloomington", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2020-3858", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT210918" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Andrew Gonzalez, Simone PC", "description": "An inconsistent user interface issue was addressed with improved state management.", "id": "CVE-2020-3859", "impact": "A person with physical access to an iOS device may be able to access contacts from the lock screen", "links": [ "https://support.apple.com/en-us/HT210918" ], "module": "Messages", "rsr": "", "update": "January 29, 2020" }, { "available": [ "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Proteas of Qihoo 360 Nirvan Team", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2020-3860", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT210918", "https://support.apple.com/en-us/HT210921" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Windows 7 and later" ], "credit": "Andrea Pierini (@decoder_it), Christian Danieli (@padovah4ck)", "description": "The issue was addressed with improved permissions logic.", "id": "CVE-2020-3861", "impact": "A user may gain access to protected parts of the file system", "links": [ "https://support.apple.com/en-us/HT210923" ], "module": "Mobile Device Service", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave and macOS High Sierra, and included in macOS Catalina" ], "credit": "Srikanth Gatta of Google Chrome", "description": "A denial of service issue was addressed with improved memory handling.", "id": "CVE-2020-3862", "impact": "A malicious website may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT210918", "https://support.apple.com/en-us/HT210920", "https://support.apple.com/en-us/HT210922", "https://support.apple.com/en-us/HT210923", "https://support.apple.com/en-us/HT210947", "https://support.apple.com/en-us/HT210948" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Catalina 10.15.2" ], "credit": "James Hutchins", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2020-3863", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT210919" ], "module": "crontab", "rsr": "", "update": "September 8, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave and macOS High Sierra, and included in macOS Catalina" ], "credit": "Ryan Pickren (ryanpickren.com)", "description": "A logic issue was addressed with improved validation.", "id": "CVE-2020-3864", "impact": "A DOM object context may not have had a unique security origin", "links": [ "https://support.apple.com/en-us/HT210918", "https://support.apple.com/en-us/HT210920", "https://support.apple.com/en-us/HT210922", "https://support.apple.com/en-us/HT210923", "https://support.apple.com/en-us/HT210947", "https://support.apple.com/en-us/HT210948" ], "module": "WebKit Page Loading", "rsr": "", "update": "February 11, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave and macOS High Sierra, and included in macOS Catalina" ], "credit": "Ryan Pickren (ryanpickren.com)", "description": "A logic issue was addressed with improved validation.", "id": "CVE-2020-3865", "impact": "A top-level DOM object context may have incorrectly been considered secure", "links": [ "https://support.apple.com/en-us/HT210918", "https://support.apple.com/en-us/HT210920", "https://support.apple.com/en-us/HT210922", "https://support.apple.com/en-us/HT210923", "https://support.apple.com/en-us/HT210947", "https://support.apple.com/en-us/HT210948" ], "module": "WebKit Page Loading", "rsr": "", "update": "February 11, 2020" }, { "available": [ "macOS Catalina 10.15.2" ], "credit": "Jose Castro Almeida (@HackerOn2Wheels) and Ren\u00e9 Kroka (@rene_kroka)", "description": "This was addressed with additional checks by Gatekeeper on files mounted through a network share.", "id": "CVE-2020-3866", "impact": "Searching for and opening a file from an attacker controlled NFS mount may bypass Gatekeeper", "links": [ "https://support.apple.com/en-us/HT210919" ], "module": "autofs", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave and macOS High Sierra, and included in macOS Catalina" ], "credit": "an anonymous researcher", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2020-3867", "impact": "Processing maliciously crafted web content may lead to universal cross site scripting", "links": [ "https://support.apple.com/en-us/HT210918", "https://support.apple.com/en-us/HT210920", "https://support.apple.com/en-us/HT210922", "https://support.apple.com/en-us/HT210923", "https://support.apple.com/en-us/HT210947", "https://support.apple.com/en-us/HT210948" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave and macOS High Sierra, and included in macOS Catalina" ], "credit": "Marcin Towalski of Cisco Talos", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2020-3868", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210918", "https://support.apple.com/en-us/HT210920", "https://support.apple.com/en-us/HT210922", "https://support.apple.com/en-us/HT210923", "https://support.apple.com/en-us/HT210947", "https://support.apple.com/en-us/HT210948" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Elisa Lee", "description": "An issue existed in the handling of the local user's self-view. The issue was corrected with improved logic.", "id": "CVE-2020-3869", "impact": "A remote FaceTime user may be able to cause the local user's camera self-view to display the incorrect camera", "links": [ "https://support.apple.com/en-us/HT210918" ], "module": "FaceTime", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.2" ], "credit": "", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2020-3870", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210918", "https://support.apple.com/en-us/HT210919", "https://support.apple.com/en-us/HT210920", "https://support.apple.com/en-us/HT210921" ], "module": "ImageIO", "rsr": "", "update": "April 4, 2020" }, { "available": [ "macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.2" ], "credit": "Corellium", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2020-3871", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT210919" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Catalina 10.15.2" ], "credit": "Haakon Garseg M\u00f8rk of Cognite and Cim Stordal of Cognite", "description": "A memory initialization issue was addressed with improved memory handling.", "id": "CVE-2020-3872", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT210918", "https://support.apple.com/en-us/HT210919", "https://support.apple.com/en-us/HT210920", "https://support.apple.com/en-us/HT210921" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Alexander Heinrich (@Sn0wfreeze) of Technische Universit\u00e4t Darmstadt, Hudson Pridham of Bridgeable, Stuart Chapman", "description": "This issue was addressed with improved setting propagation.", "id": "CVE-2020-3873", "impact": "Turning off \"Load remote content in messages\u201d may not apply to all mail previews", "links": [ "https://support.apple.com/en-us/HT210918" ], "module": "Mail", "rsr": "", "update": "March 19, 2020" }, { "available": [ "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Nicolas Luckie of Durham College", "description": "An issued existed in the naming of screenshots. The issue was corrected with improved naming.", "id": "CVE-2020-3874", "impact": "Screenshots of the Messages app may reveal additional message content", "links": [ "https://support.apple.com/en-us/HT210918" ], "module": "Screenshots", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.2" ], "credit": "Brandon Azad of Google Project Zero", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2020-3875", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT210918", "https://support.apple.com/en-us/HT210919", "https://support.apple.com/en-us/HT210920", "https://support.apple.com/en-us/HT210921" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 1 and later", "macOS Catalina 10.15.2" ], "credit": "an anonymous researcher working with Trend Micro's Zero Day Initiative", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2020-3877", "impact": "A remote attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210919", "https://support.apple.com/en-us/HT210921" ], "module": "AnnotationKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Catalina 10.15.4", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.2" ], "credit": "Samuel Gro\u00df of Google Project Zero", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2020-3878", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210918", "https://support.apple.com/en-us/HT210919", "https://support.apple.com/en-us/HT210920", "https://support.apple.com/en-us/HT210921", "https://support.apple.com/en-us/HT211168", "https://support.apple.com/en-us/HT211170", "https://support.apple.com/en-us/HT211171", "https://support.apple.com/en-us/HT211175", "https://support.apple.com/en-us/HT211178", "https://support.apple.com/en-us/HT211179", "https://support.apple.com/en-us/HT211181" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.2" ], "credit": "Samuel Gro\u00df of Google Project Zero", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2020-3880", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT210918", "https://support.apple.com/en-us/HT210919", "https://support.apple.com/en-us/HT210920", "https://support.apple.com/en-us/HT210921" ], "module": "ImageIO", "rsr": "", "update": "April 4, 2020" }, { "available": [ "macOS Catalina 10.15.3" ], "credit": "Yuval Ron, Amichai Shulman and Eli Biham of Technion - Israel Institute of Technology", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2020-3881", "impact": "A local user may be able to view sensitive user information", "links": [ "https://support.apple.com/en-us/HT211100" ], "module": "FaceTime", "rsr": "", "update": "" }, { "available": [ "macOS Catalina 10.15.4" ], "credit": "Andy Grant of NCC Group", "description": "This issue was addressed with improved checks.", "id": "CVE-2020-3882", "impact": "Importing a maliciously crafted calendar invitation may exfiltrate user information", "links": [ "https://support.apple.com/en-us/HT211170" ], "module": "Calendar", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Catalina 10.15.3" ], "credit": "Linus Henze (pinauten.de)", "description": "This issue was addressed with improved checks.", "id": "CVE-2020-3883", "impact": "An application may be able to use arbitrary entitlements", "links": [ "https://support.apple.com/en-us/HT211100", "https://support.apple.com/en-us/HT211101", "https://support.apple.com/en-us/HT211102", "https://support.apple.com/en-us/HT211103" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.6, macOS Catalina 10.15.3" ], "credit": "Apple", "description": "An injection issue was addressed with improved validation.", "id": "CVE-2020-3884", "impact": "A remote attacker may be able to cause arbitrary javascript code execution", "links": [ "https://support.apple.com/en-us/HT211100" ], "module": "Mail", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave and macOS High Sierra, and included in macOS Catalina" ], "credit": "Ryan Pickren (ryanpickren.com)", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2020-3885", "impact": "A file URL may be incorrectly processed", "links": [ "https://support.apple.com/en-us/HT211101", "https://support.apple.com/en-us/HT211102", "https://support.apple.com/en-us/HT211104", "https://support.apple.com/en-us/HT211105", "https://support.apple.com/en-us/HT211106", "https://support.apple.com/en-us/HT211107" ], "module": "WebKit Page Loading", "rsr": "", "update": "" }, { "available": [ "macOS Catalina 10.15.3" ], "credit": "Proteas", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2020-3886", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT211100" ], "module": "Intel Graphics Driver", "rsr": "", "update": "March 16, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave and macOS High Sierra, and included in macOS Catalina" ], "credit": "Ryan Pickren (ryanpickren.com)", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2020-3887", "impact": "A download's origin may be incorrectly associated", "links": [ "https://support.apple.com/en-us/HT211101", "https://support.apple.com/en-us/HT211102", "https://support.apple.com/en-us/HT211104", "https://support.apple.com/en-us/HT211105", "https://support.apple.com/en-us/HT211106", "https://support.apple.com/en-us/HT211107" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation" ], "credit": "Darren Jones of Dappological Ltd.", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2020-3888", "impact": "A maliciously crafted page may interfere with other web contexts", "links": [ "https://support.apple.com/en-us/HT211102" ], "module": "Web App", "rsr": "", "update": "" }, { "available": [ "macOS Catalina 10.15.3" ], "credit": "Lasse Trolle Borup of Danish Cyber Defence", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2020-3889", "impact": "A local user may be able to read arbitrary files", "links": [ "https://support.apple.com/en-us/HT211100" ], "module": "Time Machine", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation" ], "credit": "an anonymous researcher", "description": "The issue was addressed with improved deletion.", "id": "CVE-2020-3890", "impact": "Deleted messages groups may still be suggested as an autocompletion", "links": [ "https://support.apple.com/en-us/HT211102" ], "module": "Messages Composition", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation" ], "credit": "Peter Scott", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2020-3891", "impact": "A person with physical access to a locked iOS device may be able to respond to messages even when replies are disabled", "links": [ "https://support.apple.com/en-us/HT211102", "https://support.apple.com/en-us/HT211103" ], "module": "Messages", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.3" ], "credit": "Yu Wang of Didi Research America", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2020-3892", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT211100" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.3" ], "credit": "Yu Wang of Didi Research America", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2020-3893", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT211100" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave and macOS High Sierra, and included in macOS Catalina" ], "credit": "Sergei Glazunov of Google Project Zero", "description": "A race condition was addressed with additional validation.", "id": "CVE-2020-3894", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT211101", "https://support.apple.com/en-us/HT211102", "https://support.apple.com/en-us/HT211104", "https://support.apple.com/en-us/HT211105", "https://support.apple.com/en-us/HT211106", "https://support.apple.com/en-us/HT211107" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave and macOS High Sierra, and included in macOS Catalina" ], "credit": "grigoritchy", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2020-3895", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211101", "https://support.apple.com/en-us/HT211102", "https://support.apple.com/en-us/HT211103", "https://support.apple.com/en-us/HT211104", "https://support.apple.com/en-us/HT211105", "https://support.apple.com/en-us/HT211106", "https://support.apple.com/en-us/HT211107" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Catalina 10.15.3" ], "credit": "Christoph Falta", "description": "This issue was addressed by removing the vulnerable code.", "id": "CVE-2020-3896", "impact": "A malicious application may be able to overwrite arbitrary files", "links": [ "https://support.apple.com/en-us/HT211100" ], "module": "iTunes", "rsr": "", "update": "March 16, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave and macOS High Sierra, and included in macOS Catalina" ], "credit": "Brendan Draper (@6r3nd4n) working with Trend Micro\u2019s Zero Day Initiative", "description": "A type confusion issue was addressed with improved memory handling.", "id": "CVE-2020-3897", "impact": "A remote attacker may be able to cause arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211101", "https://support.apple.com/en-us/HT211102", "https://support.apple.com/en-us/HT211103", "https://support.apple.com/en-us/HT211104", "https://support.apple.com/en-us/HT211105", "https://support.apple.com/en-us/HT211106", "https://support.apple.com/en-us/HT211107" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.3" ], "credit": "Stephan Zeisberg (github.com/stze) of Security Research Labs (srlabs.de)", "description": "A memory corruption issue was addressed with improved validation.", "id": "CVE-2020-3898", "impact": "An application may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT211100" ], "module": "CUPS", "rsr": "", "update": "April 8, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave and macOS High Sierra, and included in macOS Catalina" ], "credit": "found by OSS-Fuzz", "description": "A memory consumption issue was addressed with improved memory handling.", "id": "CVE-2020-3899", "impact": "A remote attacker may be able to cause arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211101", "https://support.apple.com/en-us/HT211102", "https://support.apple.com/en-us/HT211103", "https://support.apple.com/en-us/HT211104", "https://support.apple.com/en-us/HT211105", "https://support.apple.com/en-us/HT211106", "https://support.apple.com/en-us/HT211107" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave and macOS High Sierra, and included in macOS Catalina" ], "credit": "Dongzhuo Zhao working with ADLab of Venustech", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2020-3900", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211101", "https://support.apple.com/en-us/HT211102", "https://support.apple.com/en-us/HT211103", "https://support.apple.com/en-us/HT211104", "https://support.apple.com/en-us/HT211105", "https://support.apple.com/en-us/HT211106", "https://support.apple.com/en-us/HT211107" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave and macOS High Sierra, and included in macOS Catalina" ], "credit": "Benjamin Randazzo (@____benjamin)", "description": "A type confusion issue was addressed with improved memory handling.", "id": "CVE-2020-3901", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211101", "https://support.apple.com/en-us/HT211102", "https://support.apple.com/en-us/HT211103", "https://support.apple.com/en-us/HT211104", "https://support.apple.com/en-us/HT211105", "https://support.apple.com/en-us/HT211106", "https://support.apple.com/en-us/HT211107" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Catalina 10.15.3", "macOS Mojave and macOS High Sierra, and included in macOS Catalina" ], "credit": "Yi\u011fit Can YILMAZ (@yilmazcanyigit)", "description": "An input validation issue was addressed with improved input validation.", "id": "CVE-2020-3902", "impact": "Processing maliciously crafted web content may lead to a cross site scripting attack", "links": [ "https://support.apple.com/en-us/HT211100", "https://support.apple.com/en-us/HT211101", "https://support.apple.com/en-us/HT211102", "https://support.apple.com/en-us/HT211104", "https://support.apple.com/en-us/HT211105", "https://support.apple.com/en-us/HT211106", "https://support.apple.com/en-us/HT211107" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.3" ], "credit": "Proteas of Qihoo 360 Nirvan Team", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2020-3903", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT211100" ], "module": "Apple HSSPI Support", "rsr": "", "update": "May 1, 2020" }, { "available": [ "macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.3" ], "credit": "Proteas of Qihoo 360 Nirvan Team", "description": "Multiple memory corruption issues were addressed with improved state management.", "id": "CVE-2020-3904", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT211100" ], "module": "AppleGraphicsControl", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.3" ], "credit": "Yu Wang of Didi Research America", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2020-3905", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT211100" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.6, macOS Catalina 10.15.3" ], "credit": "Patrick Wardle of Jamf", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2020-3906", "impact": "A maliciously crafted application may be able to bypass code signing enforcement", "links": [ "https://support.apple.com/en-us/HT211100" ], "module": "TCC", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.3" ], "credit": "Yu Wang of Didi Research America", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2020-3907", "impact": "A local user may be able to cause unexpected system termination or read kernel memory", "links": [ "https://support.apple.com/en-us/HT211100" ], "module": "Bluetooth", "rsr": "", "update": "September 21, 2020" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.3" ], "credit": "Yu Wang of Didi Research America", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2020-3908", "impact": "A local user may be able to cause unexpected system termination or read kernel memory", "links": [ "https://support.apple.com/en-us/HT211100" ], "module": "Bluetooth", "rsr": "", "update": "September 21, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.3" ], "credit": "LGTM.com", "description": "A buffer overflow was addressed with improved bounds checking.", "id": "CVE-2020-3909", "impact": "Multiple issues in libxml2", "links": [ "https://support.apple.com/en-us/HT211100", "https://support.apple.com/en-us/HT211101", "https://support.apple.com/en-us/HT211102", "https://support.apple.com/en-us/HT211103", "https://support.apple.com/en-us/HT211105", "https://support.apple.com/en-us/HT211106", "https://support.apple.com/en-us/HT211107" ], "module": "libxml2", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.3" ], "credit": "LGTM.com", "description": "A buffer overflow was addressed with improved size validation.", "id": "CVE-2020-3910", "impact": "Multiple issues in libxml2", "links": [ "https://support.apple.com/en-us/HT211100", "https://support.apple.com/en-us/HT211101", "https://support.apple.com/en-us/HT211102", "https://support.apple.com/en-us/HT211103", "https://support.apple.com/en-us/HT211105", "https://support.apple.com/en-us/HT211106", "https://support.apple.com/en-us/HT211107" ], "module": "libxml2", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.3" ], "credit": "found by OSS-Fuzz", "description": "A buffer overflow was addressed with improved bounds checking.", "id": "CVE-2020-3911", "impact": "Multiple issues in libxml2", "links": [ "https://support.apple.com/en-us/HT211100", "https://support.apple.com/en-us/HT211101", "https://support.apple.com/en-us/HT211102", "https://support.apple.com/en-us/HT211103", "https://support.apple.com/en-us/HT211105", "https://support.apple.com/en-us/HT211106", "https://support.apple.com/en-us/HT211107" ], "module": "libxml2", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.3" ], "credit": "Yu Wang of Didi Research America", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2020-3912", "impact": "A local user may be able to cause unexpected system termination or read kernel memory", "links": [ "https://support.apple.com/en-us/HT211100" ], "module": "Bluetooth", "rsr": "", "update": "September 21, 2020" }, { "available": [ "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Catalina 10.15.3" ], "credit": "Timo Christ of Avira Operations GmbH & Co. KG", "description": "A permissions issue existed. This issue was addressed with improved permission validation.", "id": "CVE-2020-3913", "impact": "A malicious application may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/HT211100", "https://support.apple.com/en-us/HT211102", "https://support.apple.com/en-us/HT211103" ], "module": "CoreFoundation", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.3" ], "credit": "pattern-f (@pattern_F_) of WaCai", "description": "A memory initialization issue was addressed with improved memory handling.", "id": "CVE-2020-3914", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT211100", "https://support.apple.com/en-us/HT211101", "https://support.apple.com/en-us/HT211102", "https://support.apple.com/en-us/HT211103" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.3" ], "credit": "An anonymous researcher working with iDefense Labs (https://vcp.idefense.com/), HyungSeok Han (DaramG) @Theori working with TrendMicro\u2019s Zero Day Initiative", "description": "A path handling issue was addressed with improved validation.", "id": "CVE-2020-3915", "impact": "A malicious application may be able to overwrite arbitrary files", "links": [ "https://support.apple.com/en-us/HT211100" ], "module": "Printing", "rsr": "", "update": "May 1, 2020" }, { "available": [ "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation" ], "credit": "Vitaliy Alekseev (@villy21)", "description": "An access issue was addressed with additional sandbox restrictions.", "id": "CVE-2020-3916", "impact": "Setting an alternate app icon may disclose a photo without needing permission to access photos", "links": [ "https://support.apple.com/en-us/HT211102", "https://support.apple.com/en-us/HT211103" ], "module": "Icons", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation" ], "credit": "Steven Troughton-Smith (@stroughtonsmith)", "description": "This issue was addressed with a new entitlement.", "id": "CVE-2020-3917", "impact": "An application may be able to use an SSH client provided by private frameworks", "links": [ "https://support.apple.com/en-us/HT211101", "https://support.apple.com/en-us/HT211102", "https://support.apple.com/en-us/HT211103" ], "module": "ActionKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Catalina 10.15.3" ], "credit": "an anonymous researcher, Augusto Alvarez of Outcourse Limited", "description": "An access issue was addressed with additional sandbox restrictions.", "id": "CVE-2020-3918", "impact": "A local user may be able to view sensitive user information", "links": [ "https://support.apple.com/en-us/HT211100", "https://support.apple.com/en-us/HT211101", "https://support.apple.com/en-us/HT211102", "https://support.apple.com/en-us/HT211103" ], "module": "Sandbox", "rsr": "", "update": "May 1, 2020, updated May 21, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.3" ], "credit": "Alex Plaskett of F-Secure Consulting", "description": "A memory initialization issue was addressed with improved memory handling.", "id": "CVE-2020-3919", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT211100", "https://support.apple.com/en-us/HT211101", "https://support.apple.com/en-us/HT211102", "https://support.apple.com/en-us/HT211103" ], "module": "IOHIDFamily", "rsr": "", "update": "May 21, 2020" }, { "available": [ "macOS Catalina 10.15.2 and later" ], "credit": "Felix Wilhelm of Google Project Zero", "description": "This issue was addressed by forbidding a newline character in any value passed via the credential protocol.", "id": "CVE-2020-5260", "impact": "A crafted git URL that contains a newline in it may cause credential information to be provided for the wrong host", "links": [ "https://support.apple.com/en-us/HT211141" ], "module": "Git", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Aleksandar Nikolic of Cisco Talos", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2020-6147", "impact": "Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211850" ], "module": "Model I/O", "rsr": "", "update": "November 12, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave and macOS High Sierra, and included in macOS Catalina" ], "credit": "natashenka of Google Project Zero", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2020-6514", "impact": "An attacker in a privileged network position may be able to cause heap corruption via a crafted SCTP stream", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211290", "https://support.apple.com/en-us/HT211291", "https://support.apple.com/en-us/HT211292" ], "module": "WebRTC", "rsr": "", "update": "September 21, 2020" }, { "available": [ "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Catalina 10.15.3" ], "credit": "J\u00f6rn Tillmanns (@matedealer) and Jiska Classen (@naehrdine) of Secure Mobile Networking Lab", "description": "An issue existed with the use of a PRNG with low entropy. This issue was addressed with improved state management.", "id": "CVE-2020-6616", "impact": "An attacker in a privileged network position may be able to intercept Bluetooth traffic", "links": [ "https://support.apple.com/en-us/HT211100", "https://support.apple.com/en-us/HT211168" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation" ], "credit": "Mohamed Ghannam (@_simo36)", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2020-9768", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT211101", "https://support.apple.com/en-us/HT211102", "https://support.apple.com/en-us/HT211103" ], "module": "Image Processing", "rsr": "", "update": "" }, { "available": [ "macOS Catalina 10.15.3" ], "credit": "Steve Hahn of LinkedIn", "description": "Multiple issues were addressed by updating to version 8.1.1850.", "id": "CVE-2020-9769", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT211100" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation" ], "credit": "Jianliang Wu of PurSec Lab of Purdue University, Xinwen Fu and Yue Zhang of the University of Central Florida", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2020-9770", "impact": "An attacker in a privileged network position may be able to intercept Bluetooth traffic", "links": [ "https://support.apple.com/en-us/HT211102" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "macOS Catalina 10.15.3", "macOS Mojave 10.14.6" ], "credit": "Csaba Fitzl (@theevilbit) of Offensive Security", "description": "This issue was addressed with a new entitlement.", "id": "CVE-2020-9771", "impact": "A user may gain access to protected parts of the file system", "links": [ "https://support.apple.com/en-us/HT211100", "https://support.apple.com/en-us/HT211170" ], "module": "Sandbox", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Catalina 10.15.3", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6" ], "credit": "Allison Husain of UC Berkeley", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2020-9772", "impact": "A sandboxed process may be able to circumvent sandbox restrictions", "links": [ "https://support.apple.com/en-us/HT211100", "https://support.apple.com/en-us/HT211101", "https://support.apple.com/en-us/HT211102", "https://support.apple.com/en-us/HT211103", "https://support.apple.com/en-us/HT211170" ], "module": "Accounts", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Chilik Tamir of Zimperium zLabs", "description": "The issue was addressed with improved handling of icon caches.", "id": "CVE-2020-9773", "impact": "A malicious application may be able to identify what other applications a user has installed", "links": [ "https://support.apple.com/en-us/HT211850" ], "module": "Icons", "rsr": "", "update": "" }, { "available": [ "macOS Catalina 10.15.2" ], "credit": "Bob Gendler of the National Institute of Standards and Technology", "description": "An issue existed with Siri Suggestions access to encrypted data. The issue was fixed by limiting access to encrypted data.", "id": "CVE-2020-9774", "impact": "Encrypted data may be inappropriately accessed", "links": [ "https://support.apple.com/en-us/HT210919" ], "module": "Found in Apps", "rsr": "", "update": "July 28, 2020" }, { "available": [ "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Catalina 10.15.3" ], "credit": "Andrian (@retroplasma), Marat Turaev, Marek Wawro (futurefinance.com) and Sambor Wawro of STO64 School Krakow Poland", "description": "An issue existed in the handling of tabs displaying picture in picture video. The issue was corrected with improved state handling.", "id": "CVE-2020-9775", "impact": "A user's private browsing activity may be unexpectedly saved in Screen Time", "links": [ "https://support.apple.com/en-us/HT211100", "https://support.apple.com/en-us/HT211102" ], "module": "Safari", "rsr": "", "update": "May 1, 2020" }, { "available": [ "macOS Catalina 10.15.3" ], "credit": "Benjamin Randazzo (@____benjamin)", "description": "This issue was addressed with a new entitlement.", "id": "CVE-2020-9776", "impact": "A malicious application may be able to access a user's call history", "links": [ "https://support.apple.com/en-us/HT211100" ], "module": "Call History", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation" ], "credit": "", "description": "An issue existed in the selection of video file by Mail. The issue was fixed by selecting the latest version of a video.", "id": "CVE-2020-9777", "impact": "Cropped videos may not be shared properly via Mail", "links": [ "https://support.apple.com/en-us/HT211102" ], "module": "Mail Attachments", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.3" ], "credit": "Yu Wang of Didi Research America", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2020-9779", "impact": "A local user may be able to cause unexpected system termination or read kernel memory", "links": [ "https://support.apple.com/en-us/HT211100", "https://support.apple.com/en-us/HT211170" ], "module": "Bluetooth", "rsr": "", "update": "September 21, 2020" }, { "available": [ "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation" ], "credit": "an anonymous researcher, Dimitris Chaintinis", "description": "The issue was resolved by clearing application previews when content is deleted.", "id": "CVE-2020-9780", "impact": "A local user may be able to view deleted content in the app switcher", "links": [ "https://support.apple.com/en-us/HT211102" ], "module": "Mail", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation" ], "credit": "Nikhil Mittal (@c0d3G33k) of Payatu Labs (payatu.com)", "description": "The issue was addressed by clearing website permission prompts after navigation.", "id": "CVE-2020-9781", "impact": "A user may grant website permissions to a site they didn't intend to", "links": [ "https://support.apple.com/en-us/HT211102" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave and macOS High Sierra, and included in macOS Catalina" ], "credit": "Apple", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2020-9783", "impact": "Processing maliciously crafted web content may lead to code execution", "links": [ "https://support.apple.com/en-us/HT211101", "https://support.apple.com/en-us/HT211102", "https://support.apple.com/en-us/HT211104", "https://support.apple.com/en-us/HT211105", "https://support.apple.com/en-us/HT211106", "https://support.apple.com/en-us/HT211107" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Mojave and macOS High Sierra, and included in macOS Catalina" ], "credit": "Ruilin Yang of Tencent Security Xuanwu Lab, Ryan Pickren (ryanpickren.com)", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2020-9784", "impact": "A malicious iframe may use another website\u2019s download settings", "links": [ "https://support.apple.com/en-us/HT211104" ], "module": "Safari Downloads", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Catalina 10.15.3" ], "credit": "Proteas of Qihoo 360 Nirvan Team", "description": "Multiple memory corruption issues were addressed with improved state management.", "id": "CVE-2020-9785", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT211100", "https://support.apple.com/en-us/HT211101", "https://support.apple.com/en-us/HT211102", "https://support.apple.com/en-us/HT211103" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6" ], "credit": "Dayton Pidhirney (@_watbulb) of Seekintoo (@seekintoo)", "description": "This issue was addressed with improved checks", "id": "CVE-2020-9786", "impact": "An application may be able to trigger a sysdiagnose", "links": [ "https://support.apple.com/en-us/HT211100" ], "module": "sysdiagnose", "rsr": "", "update": "April 4, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Catalina 10.15.3" ], "credit": "Ryan Pickren (ryanpickren.com)", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2020-9787", "impact": "Some websites may not have appeared in Safari Preferences", "links": [ "https://support.apple.com/en-us/HT211100", "https://support.apple.com/en-us/HT211101", "https://support.apple.com/en-us/HT211102", "https://support.apple.com/en-us/HT211103" ], "module": "WebKit", "rsr": "", "update": "May 1, 2020" }, { "available": [ "macOS Catalina 10.15.4" ], "credit": "Wojciech Regu\u0142a of SecuRing (wojciechregula.blog)", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2020-9788", "impact": "A file may be incorrectly rendered to execute JavaScript", "links": [ "https://support.apple.com/en-us/HT211170" ], "module": "Security", "rsr": "", "update": "July 15, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4" ], "credit": "Wenchao Li of VARAS@IIE", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2020-9789", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211168", "https://support.apple.com/en-us/HT211170", "https://support.apple.com/en-us/HT211171", "https://support.apple.com/en-us/HT211175", "https://support.apple.com/en-us/HT211178", "https://support.apple.com/en-us/HT211179", "https://support.apple.com/en-us/HT211181" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4" ], "credit": "Xingwei Lin of Ant-financial Light-Year Security Lab", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2020-9790", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211168", "https://support.apple.com/en-us/HT211170", "https://support.apple.com/en-us/HT211171", "https://support.apple.com/en-us/HT211175", "https://support.apple.com/en-us/HT211178", "https://support.apple.com/en-us/HT211179", "https://support.apple.com/en-us/HT211181" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Catalina 10.15.4" ], "credit": "Yu Zhou (@yuzhou6666) working with Trend Micro Zero Day Initiative", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2020-9791", "impact": "Processing a maliciously crafted audio file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211168", "https://support.apple.com/en-us/HT211170", "https://support.apple.com/en-us/HT211171", "https://support.apple.com/en-us/HT211175" ], "module": "Audio", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Catalina 10.15.4" ], "credit": "Andy Davis of NCC Group", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2020-9792", "impact": "A USB device may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT211168", "https://support.apple.com/en-us/HT211170" ], "module": "USB Audio", "rsr": "", "update": "" }, { "available": [ "macOS Catalina 10.15.4" ], "credit": "", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2020-9793", "impact": "A remote attacker may be able to cause arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211170" ], "module": "Python", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Catalina 10.15.4" ], "credit": "", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2020-9794", "impact": "A malicious application may cause a denial of service or potentially disclose memory contents", "links": [ "https://support.apple.com/en-us/HT211168", "https://support.apple.com/en-us/HT211170", "https://support.apple.com/en-us/HT211171", "https://support.apple.com/en-us/HT211175", "https://support.apple.com/en-us/HT211178", "https://support.apple.com/en-us/HT211179", "https://support.apple.com/en-us/HT211181" ], "module": "SQLite", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4" ], "credit": "Zhuo Liang of Qihoo 360 Vulcan Team", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2020-9795", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT211168", "https://support.apple.com/en-us/HT211170", "https://support.apple.com/en-us/HT211171", "https://support.apple.com/en-us/HT211175" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.6, macOS Catalina 10.15.4" ], "credit": "ABC Research s.r.o.", "description": "A race condition was addressed with improved state handling.", "id": "CVE-2020-9796", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT211170" ], "module": "Intel Graphics Driver", "rsr": "", "update": "July 28, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4" ], "credit": "an anonymous researcher", "description": "An information disclosure issue was addressed by removing the vulnerable code.", "id": "CVE-2020-9797", "impact": "A malicious application may be able to determine another application's memory layout", "links": [ "https://support.apple.com/en-us/HT211168", "https://support.apple.com/en-us/HT211170", "https://support.apple.com/en-us/HT211171", "https://support.apple.com/en-us/HT211175" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Catalina 10.15.5" ], "credit": "ABC Research s.r.o.", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2020-9799", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT211289" ], "module": "Graphics Drivers", "rsr": "", "update": "July 24, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave and macOS High Sierra, and included in macOS Catalina" ], "credit": "Brendan Draper (@6r3nd4n) working with Trend Micro Zero Day Initiative", "description": "A type confusion issue was addressed with improved memory handling.", "id": "CVE-2020-9800", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211168", "https://support.apple.com/en-us/HT211171", "https://support.apple.com/en-us/HT211175", "https://support.apple.com/en-us/HT211177", "https://support.apple.com/en-us/HT211178", "https://support.apple.com/en-us/HT211179", "https://support.apple.com/en-us/HT211181" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Mojave and macOS High Sierra, and included in macOS Catalina" ], "credit": "@jinmo123, @setuid0x0_, and @insu_yun_en of @SSLab_Gatech working with Trend Micro\u2019s Zero Day Initiative", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2020-9801", "impact": "A malicious process may cause Safari to launch an application", "links": [ "https://support.apple.com/en-us/HT211177" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave and macOS High Sierra, and included in macOS Catalina" ], "credit": "Samuel Gro\u00df of Google Project Zero", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2020-9802", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211168", "https://support.apple.com/en-us/HT211171", "https://support.apple.com/en-us/HT211175", "https://support.apple.com/en-us/HT211177", "https://support.apple.com/en-us/HT211178", "https://support.apple.com/en-us/HT211179", "https://support.apple.com/en-us/HT211181" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave and macOS High Sierra, and included in macOS Catalina" ], "credit": "Wen Xu of SSLab at Georgia Tech", "description": "A memory corruption issue was addressed with improved validation.", "id": "CVE-2020-9803", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211168", "https://support.apple.com/en-us/HT211171", "https://support.apple.com/en-us/HT211175", "https://support.apple.com/en-us/HT211177", "https://support.apple.com/en-us/HT211178", "https://support.apple.com/en-us/HT211179", "https://support.apple.com/en-us/HT211181" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Catalina 10.15.4" ], "credit": "Andy Davis of NCC Group", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2020-9804", "impact": "Inserting a USB device that sends invalid messages may cause a kernel panic", "links": [ "https://support.apple.com/en-us/HT211170" ], "module": "AppleUSBNetworking", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave and macOS High Sierra, and included in macOS Catalina" ], "credit": "an anonymous researcher", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2020-9805", "impact": "Processing maliciously crafted web content may lead to universal cross site scripting", "links": [ "https://support.apple.com/en-us/HT211168", "https://support.apple.com/en-us/HT211171", "https://support.apple.com/en-us/HT211175", "https://support.apple.com/en-us/HT211177", "https://support.apple.com/en-us/HT211178", "https://support.apple.com/en-us/HT211179", "https://support.apple.com/en-us/HT211181" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave and macOS High Sierra, and included in macOS Catalina" ], "credit": "Wen Xu of SSLab at Georgia Tech", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2020-9806", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211168", "https://support.apple.com/en-us/HT211171", "https://support.apple.com/en-us/HT211175", "https://support.apple.com/en-us/HT211177", "https://support.apple.com/en-us/HT211178", "https://support.apple.com/en-us/HT211179", "https://support.apple.com/en-us/HT211181" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave and macOS High Sierra, and included in macOS Catalina" ], "credit": "Wen Xu of SSLab at Georgia Tech", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2020-9807", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211168", "https://support.apple.com/en-us/HT211171", "https://support.apple.com/en-us/HT211175", "https://support.apple.com/en-us/HT211177", "https://support.apple.com/en-us/HT211178", "https://support.apple.com/en-us/HT211179", "https://support.apple.com/en-us/HT211181" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4" ], "credit": "Xinru Chi and Tielei Wang of Pangu Lab", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2020-9808", "impact": "An application may be able to cause unexpected system termination or write kernel memory", "links": [ "https://support.apple.com/en-us/HT211168", "https://support.apple.com/en-us/HT211170", "https://support.apple.com/en-us/HT211171", "https://support.apple.com/en-us/HT211175" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4" ], "credit": "Benjamin Randazzo (@____benjamin)", "description": "An information disclosure issue was addressed with improved state management.", "id": "CVE-2020-9809", "impact": "A malicious application may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT211168", "https://support.apple.com/en-us/HT211170", "https://support.apple.com/en-us/HT211171", "https://support.apple.com/en-us/HT211175" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Catalina 10.15.4" ], "credit": "Francis @francisschmaltz", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2020-9810", "impact": "A person with physical access to a Mac may be able to bypass Login Window", "links": [ "https://support.apple.com/en-us/HT211170" ], "module": "Software Update", "rsr": "", "update": "July 15, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.4" ], "credit": "Tielei Wang of Pangu Lab", "description": "An information disclosure issue was addressed with improved state management.", "id": "CVE-2020-9811", "impact": "A local user may be able to read kernel memory", "links": [ "https://support.apple.com/en-us/HT211168", "https://support.apple.com/en-us/HT211170", "https://support.apple.com/en-us/HT211171", "https://support.apple.com/en-us/HT211175" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.4" ], "credit": "derrek (@derrekr6)", "description": "An information disclosure issue was addressed with improved state management.", "id": "CVE-2020-9812", "impact": "A local user may be able to read kernel memory", "links": [ "https://support.apple.com/en-us/HT211168", "https://support.apple.com/en-us/HT211170", "https://support.apple.com/en-us/HT211171", "https://support.apple.com/en-us/HT211175" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4" ], "credit": "Xinru Chi of Pangu Lab", "description": "A logic issue existed resulting in memory corruption. This was addressed with improved state management.", "id": "CVE-2020-9813", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT211168", "https://support.apple.com/en-us/HT211170", "https://support.apple.com/en-us/HT211171", "https://support.apple.com/en-us/HT211175" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4" ], "credit": "Xinru Chi and Tielei Wang of Pangu Lab", "description": "A logic issue existed resulting in memory corruption. This was addressed with improved state management.", "id": "CVE-2020-9814", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT211168", "https://support.apple.com/en-us/HT211170", "https://support.apple.com/en-us/HT211171", "https://support.apple.com/en-us/HT211175" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Catalina 10.15.4" ], "credit": "Yu Zhou (@yuzhou6666) working with Trend Micro Zero Day Initiative", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2020-9815", "impact": "Processing a maliciously crafted audio file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211168", "https://support.apple.com/en-us/HT211170", "https://support.apple.com/en-us/HT211171", "https://support.apple.com/en-us/HT211175" ], "module": "Audio", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4" ], "credit": "Peter Nguyen Vu Hoang of STAR Labs working with Trend Micro Zero Day Initiative", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2020-9816", "impact": "Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211168", "https://support.apple.com/en-us/HT211170", "https://support.apple.com/en-us/HT211171", "https://support.apple.com/en-us/HT211175" ], "module": "FontParser", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4" ], "credit": "Andy Grant of NCC Group", "description": "A permissions issue existed. This issue was addressed with improved permission validation.", "id": "CVE-2020-9817", "impact": "A malicious application may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/HT211170" ], "module": "PackageKit", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 1 and later", "iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch 6th generation", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation" ], "credit": "ZecOps.com", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2020-9818", "impact": "Processing a maliciously crafted mail message may lead to unexpected memory modification or application termination", "links": [ "https://support.apple.com/en-us/HT211168", "https://support.apple.com/en-us/HT211169", "https://support.apple.com/en-us/HT211175" ], "module": "Mail", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 1 and later", "Apple Watch Series 1, Apple Watch Series 2, Apple Watch Series 3, and Apple Watch Series 4 when paired to an iPhone with iOS 12 installed", "iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch 6th generation", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation" ], "credit": "ZecOps.com", "description": "A memory consumption issue was addressed with improved memory handling.", "id": "CVE-2020-9819", "impact": "Processing a maliciously crafted mail message may lead to heap corruption", "links": [ "https://support.apple.com/en-us/HT211168", "https://support.apple.com/en-us/HT211169", "https://support.apple.com/en-us/HT211175", "https://support.apple.com/en-us/HT211176" ], "module": "Mail", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation" ], "credit": "Thijs Alkemade of Computest", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2020-9820", "impact": "A remote attacker may be able to modify the file system", "links": [ "https://support.apple.com/en-us/HT211168" ], "module": "File System", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4" ], "credit": "Xinru Chi and Tielei Wang of Pangu Lab", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2020-9821", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT211168", "https://support.apple.com/en-us/HT211170", "https://support.apple.com/en-us/HT211171", "https://support.apple.com/en-us/HT211175" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4" ], "credit": "ABC Research s.r.o", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2020-9822", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT211170" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation" ], "credit": "Suryansh Mansharamani, student of Community Middle School, Plainsboro, New Jersey", "description": "This issue was addressed with improved checks.", "id": "CVE-2020-9823", "impact": "Users removed from an iMessage conversation may still be able to alter state", "links": [ "https://support.apple.com/en-us/HT211168" ], "module": "Messages", "rsr": "", "update": "" }, { "available": [ "macOS Catalina 10.15.4" ], "credit": "@jamestraynor, Csaba Fitzl (@theevilbit) of Offensive Security", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2020-9824", "impact": "A non-privileged user may be able to modify restricted network settings", "links": [ "https://support.apple.com/en-us/HT211170" ], "module": "SIP", "rsr": "", "update": "June 10, 2020" }, { "available": [ "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Catalina 10.15.4" ], "credit": "Sreejith Krishnan R (@skr0x1C0)", "description": "An access issue was addressed with additional sandbox restrictions.", "id": "CVE-2020-9825", "impact": "A malicious application may be able to bypass Privacy preferences", "links": [ "https://support.apple.com/en-us/HT211168", "https://support.apple.com/en-us/HT211170" ], "module": "Sandbox", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4" ], "credit": "Dor Hadad of Palo Alto Networks", "description": "A denial of service issue was addressed with improved input validation.", "id": "CVE-2020-9826", "impact": "A remote attacker may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT211168", "https://support.apple.com/en-us/HT211170" ], "module": "AirDrop", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Catalina 10.15.4" ], "credit": "Jannik Lorenz of SEEMOO @ TU Darmstadt", "description": "A denial of service issue was addressed with improved input validation.", "id": "CVE-2020-9827", "impact": "A remote attacker may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT211168", "https://support.apple.com/en-us/HT211170", "https://support.apple.com/en-us/HT211171", "https://support.apple.com/en-us/HT211175" ], "module": "Accounts", "rsr": "", "update": "" }, { "available": [ "macOS Catalina 10.15.3", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6" ], "credit": "Jianjun Dai of Qihoo 360 Alpha Lab", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2020-9828", "impact": "A remote attacker may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT211100", "https://support.apple.com/en-us/HT211170" ], "module": "CoreBluetooth", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Catalina 10.15.3" ], "credit": "Aaron Perris (@aaronp613), an anonymous researcher, an anonymous researcher, Carlos S Tech, Sam Menzies of Sam\u2019s Lounge, Sufiyan Gouri of Lovely Professional University, India, Suleman Hasan Rathor of Arabic-Classroom.com", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2020-9829", "impact": "Processing a maliciously crafted text message may lead to application denial of service", "links": [ "https://support.apple.com/en-us/HT211100", "https://support.apple.com/en-us/HT211168", "https://support.apple.com/en-us/HT211171", "https://support.apple.com/en-us/HT211175" ], "module": "CoreText", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4" ], "credit": "Tielei Wang of Pangu Lab", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2020-9830", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT211168", "https://support.apple.com/en-us/HT211170" ], "module": "Wi-Fi", "rsr": "", "update": "" }, { "available": [ "macOS Catalina 10.15.4" ], "credit": "Yu Wang of Didi Research America", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2020-9831", "impact": "A malicious application may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT211170" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4" ], "credit": "Yu Wang of Didi Research America", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2020-9832", "impact": "A malicious application may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT211170" ], "module": "Wi-Fi", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4" ], "credit": "Yu Wang of Didi Research America", "description": "A memory initialization issue was addressed with improved memory handling.", "id": "CVE-2020-9833", "impact": "A local user may be able to read kernel memory", "links": [ "https://support.apple.com/en-us/HT211170" ], "module": "Wi-Fi", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4" ], "credit": "Yu Wang of Didi Research America", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2020-9834", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT211170" ], "module": "Wi-Fi", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation" ], "credit": "Olivier Levesque (@olilevesque)", "description": "An issue existed in the pausing of FaceTime video. The issue was resolved with improved logic.", "id": "CVE-2020-9835", "impact": "A user\u2019s video may not be paused in a FaceTime call if they exit the FaceTime app while the call is ringing", "links": [ "https://support.apple.com/en-us/HT211168" ], "module": "FaceTime", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS High Sierra 10.13.6, macOS Catalina 10.15.4" ], "credit": "Thijs Alkemade of Computest", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2020-9837", "impact": "A remote attacker may be able to leak memory", "links": [ "https://support.apple.com/en-us/HT211168", "https://support.apple.com/en-us/HT211170", "https://support.apple.com/en-us/HT211171" ], "module": "IPSec", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation" ], "credit": "Dennis Heinze (@ttdennis) of TU Darmstadt, Secure Mobile Networking Lab", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2020-9838", "impact": "A remote attacker may be able to cause arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211168" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4" ], "credit": "@jinmo123, @setuid0x0_, and @insu_yun_en of @SSLab_Gatech working with Trend Micro\u2019s Zero Day Initiative", "description": "A race condition was addressed with improved state handling.", "id": "CVE-2020-9839", "impact": "An application may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT211168", "https://support.apple.com/en-us/HT211170", "https://support.apple.com/en-us/HT211171", "https://support.apple.com/en-us/HT211175" ], "module": "System Preferences", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.4" ], "credit": "ABC Research s.r.o. working with Trend Micro Zero Day Initiative", "description": "An integer overflow was addressed with improved input validation.", "id": "CVE-2020-9841", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT211170" ], "module": "WindowServer", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS High Sierra 10.13.6, macOS Catalina 10.15.4" ], "credit": "Linus Henze (pinauten.de)", "description": "An entitlement parsing issue was addressed with improved parsing.", "id": "CVE-2020-9842", "impact": "A malicious application could interact with system processes to access private information and perform privileged actions", "links": [ "https://support.apple.com/en-us/HT211168", "https://support.apple.com/en-us/HT211170", "https://support.apple.com/en-us/HT211171", "https://support.apple.com/en-us/HT211175" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave and macOS High Sierra, and included in macOS Catalina" ], "credit": "Ryan Pickren (ryanpickren.com)", "description": "An input validation issue was addressed with improved input validation.", "id": "CVE-2020-9843", "impact": "Processing maliciously crafted web content may lead to a cross site scripting attack", "links": [ "https://support.apple.com/en-us/HT211168", "https://support.apple.com/en-us/HT211171", "https://support.apple.com/en-us/HT211175", "https://support.apple.com/en-us/HT211177", "https://support.apple.com/en-us/HT211178", "https://support.apple.com/en-us/HT211179", "https://support.apple.com/en-us/HT211181" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Catalina 10.15.4" ], "credit": "Ian Beer of Google Project Zero", "description": "A double free issue was addressed with improved memory management.", "id": "CVE-2020-9844", "impact": "A remote attacker may be able to cause unexpected system termination or corrupt kernel memory", "links": [ "https://support.apple.com/en-us/HT211168", "https://support.apple.com/en-us/HT211170" ], "module": "Wi-Fi", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.4" ], "credit": "Zhuo Liang of Qihoo 360 Vulcan Team working with 360 BugCloud (bugcloud.360.cn)", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2020-9847", "impact": "A malicious application may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/HT211170" ], "module": "DiskArbitration", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation" ], "credit": "Nima", "description": "An authorization issue was addressed with improved state management.", "id": "CVE-2020-9848", "impact": "A person with physical access to an iOS device may be able to view notification contents from the lockscreen", "links": [ "https://support.apple.com/en-us/HT211168" ], "module": "Notifications", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "", "description": "An information disclosure issue was addressed with improved state management.", "id": "CVE-2020-9849", "impact": "A remote attacker may be able to leak memory", "links": [ "https://support.apple.com/en-us/HT211843", "https://support.apple.com/en-us/HT211844", "https://support.apple.com/en-us/HT211850", "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT211935", "https://support.apple.com/en-us/HT211952" ], "module": "SQLite", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Mojave and macOS High Sierra, and included in macOS Catalina" ], "credit": "@jinmo123, @setuid0x0_, and @insu_yun_en of @SSLab_Gatech working with Trend Micro\u2019s Zero Day Initiative", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2020-9850", "impact": "A remote attacker may be able to cause arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211168", "https://support.apple.com/en-us/HT211171", "https://support.apple.com/en-us/HT211175", "https://support.apple.com/en-us/HT211177", "https://support.apple.com/en-us/HT211178", "https://support.apple.com/en-us/HT211179", "https://support.apple.com/en-us/HT211181" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Catalina 10.15.4" ], "credit": "an anonymous researcher, Linus Henze (pinauten.de)", "description": "An access issue was addressed with improved access restrictions.", "id": "CVE-2020-9851", "impact": "A malicious application may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/HT211170" ], "module": "PackageKit", "rsr": "", "update": "July 15, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Catalina 10.15.4" ], "credit": "Tao Huang and Tielei Wang of Pangu Lab", "description": "An integer overflow was addressed with improved input validation.", "id": "CVE-2020-9852", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT211168", "https://support.apple.com/en-us/HT211170", "https://support.apple.com/en-us/HT211171", "https://support.apple.com/en-us/HT211175" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.3" ], "credit": "Yu Wang of Didi Research America", "description": "A memory corruption issue was addressed with improved validation.", "id": "CVE-2020-9853", "impact": "A malicious application may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT211100" ], "module": "Bluetooth", "rsr": "", "update": "May 21, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Catalina 10.15.4", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6" ], "credit": "Ilias Morad (A2nkF)", "description": "A logic issue was addressed with improved validation.", "id": "CVE-2020-9854", "impact": "An application may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT211168", "https://support.apple.com/en-us/HT211170", "https://support.apple.com/en-us/HT211171", "https://support.apple.com/en-us/HT211289" ], "module": "Security", "rsr": "", "update": "July 24, 2020" }, { "available": [ "macOS Catalina 10.15.4" ], "credit": "Zhongcheng Li(CK01) of Topsec Alpha Team", "description": "A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks.", "id": "CVE-2020-9855", "impact": "A local attacker may be able to elevate their privileges", "links": [ "https://support.apple.com/en-us/HT211170" ], "module": "Find My", "rsr": "", "update": "" }, { "available": [ "macOS Catalina 10.15.4" ], "credit": "@jinmo123, @setuid0x0_, and @insu_yun_en of @SSLab_Gatech working with Trend Micro\u2019s Zero Day Initiative", "description": "This issue was addressed with improved checks.", "id": "CVE-2020-9856", "impact": "An application may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT211170" ], "module": "CVMS", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.6" ], "credit": "Dlive of Tencent Security Xuanwu Lab", "description": "An issue existed in the parsing of URLs. This issue was addressed with improved input validation.", "id": "CVE-2020-9857", "impact": "A malicious website may be able to exfiltrate autofilled data in Safari", "links": [ "https://support.apple.com/en-us/HT211170" ], "module": "NSURL", "rsr": "", "update": "" }, { "available": [ "macOS Catalina" ], "credit": "Csaba Fitzl (@theevilbit) of Offensive Security", "description": "A dynamic library loading issue was addressed with improved path searching.", "id": "CVE-2020-9858", "impact": "Running the installer in an untrusted directory may result in arbitrary code execution", "links": [ "https://support.apple.com/103794" ], "module": "Windows Installer", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS High Sierra 10.13.6, macOS Catalina 10.15.5" ], "credit": "unc0ver", "description": "A memory consumption issue was addressed with improved memory handling.", "id": "CVE-2020-9859", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT211214", "https://support.apple.com/en-us/HT211215", "https://support.apple.com/en-us/HT211216", "https://support.apple.com/en-us/HT211217" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Mojave and macOS High Sierra, and included in macOS Catalina" ], "credit": "CodeColorist of Ant-Financial LightYear Labs", "description": "A custom URL scheme handling issue was addressed with improved input validation.", "id": "CVE-2020-9860", "impact": "Processing a maliciously crafted URL may lead to arbitrary javascript code execution", "links": [ "https://support.apple.com/en-us/HT210922" ], "module": "Safari", "rsr": "", "update": "June 25, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave and macOS High Sierra, and included in macOS Catalina" ], "credit": "Ophir Lojkine (@lovasoa)", "description": "A command injection issue existed in Web Inspector. This issue was addressed with improved escaping.", "id": "CVE-2020-9862", "impact": "Copying a URL from Web Inspector may lead to command injection", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211290", "https://support.apple.com/en-us/HT211291", "https://support.apple.com/en-us/HT211292", "https://support.apple.com/en-us/HT211293", "https://support.apple.com/en-us/HT211294", "https://support.apple.com/en-us/HT211295" ], "module": "WebKit Web Inspector", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.5" ], "credit": "Xinru Chi of Pangu Lab", "description": "A memory initialization issue was addressed with improved memory handling.", "id": "CVE-2020-9863", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211289", "https://support.apple.com/en-us/HT211290", "https://support.apple.com/en-us/HT211291" ], "module": "Kernel", "rsr": "", "update": "August 5, 2020" }, { "available": [ "macOS Catalina 10.15.5" ], "credit": "Alexander Holodny", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2020-9864", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT211289" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Catalina 10.15.5" ], "credit": "Zhuo Liang of Qihoo 360 Vulcan Team working with 360 BugCloud", "description": "A memory corruption issue was addressed by removing the vulnerable code.", "id": "CVE-2020-9865", "impact": "A malicious application may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211289", "https://support.apple.com/en-us/HT211290", "https://support.apple.com/en-us/HT211291" ], "module": "Crash Reporter", "rsr": "", "update": "" }, { "available": [ "macOS High Sierra 10.13.6" ], "credit": "Yu Zhou of \u5c0f\u9e21\u5e2e and Jundong Xie of Ant-Financial Light-Year Security Lab", "description": "A buffer overflow was addressed with improved bounds checking.", "id": "CVE-2020-9866", "impact": "A buffer overflow may result in arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211289" ], "module": "CoreAudio", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.5" ], "credit": "Brian Wolff of Asana", "description": "A certificate validation issue existed when processing administrator added certificates. This issue was addressed with improved certificate validation.", "id": "CVE-2020-9868", "impact": "An attacker may have been able to impersonate a trusted website using shared key material for an administrator added certificate", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211289", "https://support.apple.com/en-us/HT211290", "https://support.apple.com/en-us/HT211291" ], "module": "Security", "rsr": "", "update": "July 24, 2020" }, { "available": [ "macOS Catalina 10.15.5" ], "credit": "Patrick Wardle of Jamf", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2020-9869", "impact": "A remote attacker may cause an unexpected application termination", "links": [ "https://support.apple.com/en-us/HT211289" ], "module": "Core Bluetooth", "rsr": "", "update": "August 5, 2020" }, { "available": [ "macOS Catalina 10.15.5" ], "credit": "Samuel Gro\u00df of Google Project Zero", "description": "A logic issue was addressed with improved validation.", "id": "CVE-2020-9870", "impact": "Clang may generate machine code that does not correctly enforce pointer authentication codes", "links": [ "https://support.apple.com/en-us/HT211289" ], "module": "Clang", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Catalina 10.15.5" ], "credit": "Xingwei Lin of Ant-Financial Light-Year Security Lab", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2020-9871", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211289", "https://support.apple.com/en-us/HT211290", "https://support.apple.com/en-us/HT211291", "https://support.apple.com/en-us/HT211293", "https://support.apple.com/en-us/HT211294", "https://support.apple.com/en-us/HT211295" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Catalina 10.15.5" ], "credit": "Xingwei Lin of Ant-Financial Light-Year Security Lab", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2020-9872", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211289", "https://support.apple.com/en-us/HT211290", "https://support.apple.com/en-us/HT211291", "https://support.apple.com/en-us/HT211293", "https://support.apple.com/en-us/HT211294", "https://support.apple.com/en-us/HT211295" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Catalina 10.15.5", "macOS Mojave 10.14.6, macOS Catalina 10.15.5" ], "credit": "Xingwei Lin of Ant-Financial Light-Year Security Lab", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2020-9873", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211289", "https://support.apple.com/en-us/HT211290", "https://support.apple.com/en-us/HT211291", "https://support.apple.com/en-us/HT211293", "https://support.apple.com/en-us/HT211294", "https://support.apple.com/en-us/HT211295" ], "module": "ImageIO", "rsr": "", "update": "September 21, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Catalina 10.15.5" ], "credit": "Xingwei Lin of Ant-Financial Light-Year Security Lab", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2020-9874", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211289", "https://support.apple.com/en-us/HT211290", "https://support.apple.com/en-us/HT211291", "https://support.apple.com/en-us/HT211293", "https://support.apple.com/en-us/HT211294", "https://support.apple.com/en-us/HT211295" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.5" ], "credit": "Mickey Jin of Trend Micro", "description": "An integer overflow was addressed through improved input validation.", "id": "CVE-2020-9875", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211289", "https://support.apple.com/en-us/HT211290", "https://support.apple.com/en-us/HT211291", "https://support.apple.com/en-us/HT211293", "https://support.apple.com/en-us/HT211294", "https://support.apple.com/en-us/HT211295" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.5" ], "credit": "Mickey Jin of Trend Micro", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2020-9876", "impact": "Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211289", "https://support.apple.com/en-us/HT211290", "https://support.apple.com/en-us/HT211291", "https://support.apple.com/en-us/HT211293", "https://support.apple.com/en-us/HT211294", "https://support.apple.com/en-us/HT211295", "https://support.apple.com/en-us/HT211843", "https://support.apple.com/en-us/HT211844", "https://support.apple.com/en-us/HT211850", "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT211935", "https://support.apple.com/en-us/HT211952" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.5" ], "credit": "Xingwei Lin of Ant-Financial Light-Year Security Lab", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2020-9877", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211289", "https://support.apple.com/en-us/HT211290", "https://support.apple.com/en-us/HT211291", "https://support.apple.com/en-us/HT211293", "https://support.apple.com/en-us/HT211294", "https://support.apple.com/en-us/HT211295" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Catalina 10.15.5", "macOS Mojave 10.14.6, macOS Catalina 10.15.5" ], "credit": "Aleksandar Nikolic of Cisco Talos, Holger Fuhrmannek of Deutsche Telekom Security", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2020-9878", "impact": "Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211289", "https://support.apple.com/en-us/HT211290", "https://support.apple.com/en-us/HT211291" ], "module": "Model I/O", "rsr": "", "update": "September 21, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Catalina 10.15.5" ], "credit": "Xingwei Lin of Ant-Financial Light-Year Security Lab", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2020-9879", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211289", "https://support.apple.com/en-us/HT211290", "https://support.apple.com/en-us/HT211291", "https://support.apple.com/en-us/HT211293", "https://support.apple.com/en-us/HT211294", "https://support.apple.com/en-us/HT211295" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave 10.14.6, macOS Catalina 10.15.5" ], "credit": "Holger Fuhrmannek of Deutsche Telekom Security", "description": "A buffer overflow was addressed with improved bounds checking.", "id": "CVE-2020-9880", "impact": "Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211289", "https://support.apple.com/en-us/HT211290", "https://support.apple.com/en-us/HT211291" ], "module": "Model I/O", "rsr": "", "update": "September 21, 2020" }, { "available": [ "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave 10.14.6, macOS Catalina 10.15.5" ], "credit": "Holger Fuhrmannek of Deutsche Telekom Security", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2020-9881", "impact": "Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211289", "https://support.apple.com/en-us/HT211291" ], "module": "Model I/O", "rsr": "", "update": "September 21, 2020" }, { "available": [ "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave 10.14.6, macOS Catalina 10.15.5" ], "credit": "Holger Fuhrmannek of Deutsche Telekom Security", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2020-9882", "impact": "Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211289", "https://support.apple.com/en-us/HT211291" ], "module": "Model I/O", "rsr": "", "update": "September 21, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Catalina 10.15.5" ], "credit": "an anonymous researcher, Mickey Jin of Trend Micro", "description": "An out-of-bounds write was addressed with improved input validation.", "id": "CVE-2020-9883", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211289", "https://support.apple.com/en-us/HT211290", "https://support.apple.com/en-us/HT211291", "https://support.apple.com/en-us/HT211293", "https://support.apple.com/en-us/HT211294", "https://support.apple.com/en-us/HT211295", "https://support.apple.com/en-us/HT211931" ], "module": "CoreGraphics", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Catalina 10.15.5" ], "credit": "Yu Zhou(@yuzhou6666) of \u5c0f\u9e21\u5e2e working with Trend Micro Zero Day Initiative", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2020-9884", "impact": "Processing a maliciously crafted audio file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211289", "https://support.apple.com/en-us/HT211290", "https://support.apple.com/en-us/HT211291" ], "module": "Audio", "rsr": "", "update": "August 5, 2020" }, { "available": [ "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Catalina 10.15.5" ], "credit": "an anonymous researcher, Suryansh Mansharamani of WWP High School North (medium.com/@suryanshmansha)", "description": "An issue existed in the handling of iMessage tapbacks. The issue was resolved with additional verification.", "id": "CVE-2020-9885", "impact": "A user that is removed from an iMessage group could rejoin the group", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211289", "https://support.apple.com/en-us/HT211291" ], "module": "Messages", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.5" ], "credit": "Mickey Jin of Trend Micro", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2020-9887", "impact": "Viewing a maliciously crafted JPEG file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211289" ], "module": "Image Processing", "rsr": "", "update": "September 8, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Catalina 10.15.5" ], "credit": "JunDong Xie and Xingwei Lin of Ant-Financial Light-Year Security Lab", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2020-9888", "impact": "Processing a maliciously crafted audio file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211289", "https://support.apple.com/en-us/HT211290", "https://support.apple.com/en-us/HT211291" ], "module": "Audio", "rsr": "", "update": "August 5, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Catalina 10.15.5" ], "credit": "Anonymous working with Trend Micro\u2019s Zero Day Initiative, JunDong Xie and Xingwei Lin of Ant-Financial Light-Year Security Lab", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2020-9889", "impact": "Processing a maliciously crafted audio file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211289", "https://support.apple.com/en-us/HT211290", "https://support.apple.com/en-us/HT211291" ], "module": "Audio", "rsr": "", "update": "August 5, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Catalina 10.15.5" ], "credit": "JunDong Xie and Xingwei Lin of Ant-Financial Light-Year Security Lab", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2020-9890", "impact": "Processing a maliciously crafted audio file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211289", "https://support.apple.com/en-us/HT211290", "https://support.apple.com/en-us/HT211291" ], "module": "Audio", "rsr": "", "update": "August 5, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Catalina 10.15.5" ], "credit": "JunDong Xie and Xingwei Lin of Ant-Financial Light-Year Security Lab", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2020-9891", "impact": "Processing a maliciously crafted audio file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211289", "https://support.apple.com/en-us/HT211290", "https://support.apple.com/en-us/HT211291" ], "module": "Audio", "rsr": "", "update": "August 5, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.5" ], "credit": "Andy Nguyen of Google", "description": "Multiple memory corruption issues were addressed with improved state management.", "id": "CVE-2020-9892", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211289", "https://support.apple.com/en-us/HT211290", "https://support.apple.com/en-us/HT211291" ], "module": "Kernel", "rsr": "", "update": "July 24, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave and macOS High Sierra, and included in macOS Catalina" ], "credit": "0011 working with Trend Micro Zero Day Initiative", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2020-9893", "impact": "A remote attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211290", "https://support.apple.com/en-us/HT211291", "https://support.apple.com/en-us/HT211292", "https://support.apple.com/en-us/HT211293", "https://support.apple.com/en-us/HT211294", "https://support.apple.com/en-us/HT211295" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave and macOS High Sierra, and included in macOS Catalina" ], "credit": "0011 working with Trend Micro Zero Day Initiative", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2020-9894", "impact": "A remote attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211290", "https://support.apple.com/en-us/HT211291", "https://support.apple.com/en-us/HT211292", "https://support.apple.com/en-us/HT211293", "https://support.apple.com/en-us/HT211294", "https://support.apple.com/en-us/HT211295" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave and macOS High Sierra, and included in macOS Catalina" ], "credit": "Wen Xu of SSLab, Georgia Tech", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2020-9895", "impact": "A remote attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211290", "https://support.apple.com/en-us/HT211291", "https://support.apple.com/en-us/HT211292", "https://support.apple.com/en-us/HT211293", "https://support.apple.com/en-us/HT211294", "https://support.apple.com/en-us/HT211295" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "iPhone 6s and later, iPod touch (7th generation), iPad Air 2 and later, and iPad mini 4 and later" ], "credit": "S.Y. of ZecOps Mobile XDR, an anonymous researcher", "description": "An out-of-bounds write was addressed with improved input validation.", "id": "CVE-2020-9897", "impact": "Processing a maliciously crafted PDF may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211929", "https://support.apple.com/en-us/HT211931" ], "module": "CoreGraphics", "rsr": "", "update": "October 25, 2021" }, { "available": [ "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.5" ], "credit": "Sreejith Krishnan R (@skr0x1C0)", "description": "This issue was addressed with improved entitlements.", "id": "CVE-2020-9898", "impact": "A sandboxed process may be able to circumvent sandbox restrictions", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211289" ], "module": "WebDAV", "rsr": "", "update": "September 8, 2020" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.5" ], "credit": "Yu Wang of Didi Research America", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2020-9899", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT211289" ], "module": "Wi-Fi", "rsr": "", "update": "July 24, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Catalina 10.15.5" ], "credit": "Cees Elzinga, Zhongcheng Li (CK01) from Zero-dayits Team of Legendsec at Qi'anxin Group", "description": "An issue existed within the path validation logic for symlinks. This issue was addressed with improved path sanitization.", "id": "CVE-2020-9900", "impact": "A local attacker may be able to elevate their privileges", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211289", "https://support.apple.com/en-us/HT211290", "https://support.apple.com/en-us/HT211291" ], "module": "Crash Reporter", "rsr": "", "update": "August 5, 2020, updated December 17, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Catalina 10.15.5" ], "credit": "Tim Michaud (@TimGMichaud) of Leviathan, Zhongcheng Li (CK01) from Zero-dayits Team of Legendsec at Qi'anxin Group", "description": "An issue existed within the path validation logic for symlinks. This issue was addressed with improved path sanitization.", "id": "CVE-2020-9901", "impact": "A local attacker may be able to elevate their privileges", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211289", "https://support.apple.com/en-us/HT211290" ], "module": "sysdiagnose", "rsr": "", "update": "August 5, 2020, updated August 31, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.5" ], "credit": "Xinru Chi and Tielei Wang of Pangu Lab", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2020-9902", "impact": "A malicious application may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211289", "https://support.apple.com/en-us/HT211290", "https://support.apple.com/en-us/HT211291" ], "module": "Kernel", "rsr": "", "update": "August 5, 2020" }, { "available": [ "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave and macOS High Sierra, and included in macOS Catalina" ], "credit": "Nikhil Mittal (@c0d3G33k) of Payatu Labs (payatu.com)", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2020-9903", "impact": "A malicious attacker may cause Safari to suggest a password for the wrong domain", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211292" ], "module": "Safari Login AutoFill", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.5" ], "credit": "Tielei Wang of Pangu Lab", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2020-9904", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211289", "https://support.apple.com/en-us/HT211290", "https://support.apple.com/en-us/HT211291" ], "module": "Kernel", "rsr": "", "update": "July 24, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Catalina 10.15.5" ], "credit": "Raz Mashat (@RazMashat) of ZecOps", "description": "A buffer overflow was addressed with improved bounds checking.", "id": "CVE-2020-9905", "impact": "A remote attacker may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211289", "https://support.apple.com/en-us/HT211290" ], "module": "Kernel", "rsr": "", "update": "August 5, 2020" }, { "available": [ "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Catalina 10.15.5" ], "credit": "Ian Beer of Google Project Zero", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2020-9906", "impact": "A remote attacker may be able to cause unexpected system termination or corrupt kernel memory", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211289", "https://support.apple.com/en-us/HT211291" ], "module": "Wi-Fi", "rsr": "", "update": "July 24, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "08Tc3wBB working with ZecOps", "description": "A memory corruption issue was addressed by removing the vulnerable code.", "id": "CVE-2020-9907", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211290" ], "module": "AVEVideoEncoder", "rsr": "", "update": "July 24, 2020, updated August 31, 2020" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.5" ], "credit": "Junzhi Lu(@pwn0rz) working with Trend Micro\u2019s Zero Day Initiative", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2020-9908", "impact": "A local user may be able to cause unexpected system termination or read kernel memory", "links": [ "https://support.apple.com/en-us/HT211289" ], "module": "Intel Graphics Driver", "rsr": "", "update": "July 24, 2020, updated August 31, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Brandon Azad of Google Project Zero", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2020-9909", "impact": "An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211290", "https://support.apple.com/en-us/HT211291" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave and macOS High Sierra, and included in macOS Catalina" ], "credit": "Samuel Gro\u00df of Google Project Zero", "description": "Multiple issues were addressed with improved logic.", "id": "CVE-2020-9910", "impact": "A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211290", "https://support.apple.com/en-us/HT211291", "https://support.apple.com/en-us/HT211292", "https://support.apple.com/en-us/HT211293", "https://support.apple.com/en-us/HT211294", "https://support.apple.com/en-us/HT211295" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave and macOS High Sierra, and included in macOS Catalina" ], "credit": "Nikhil Mittal (@c0d3G33k) of Payatu Labs (payatu.com)", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2020-9911", "impact": "An issue in Safari Reader mode may allow a remote attacker to bypass the Same Origin Policy", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211292" ], "module": "Safari Reader", "rsr": "", "update": "" }, { "available": [ "macOS Mojave and macOS High Sierra, and included in macOS Catalina" ], "credit": "Nikhil Mittal (@c0d3G33k) of Payatu Labs (payatu.com)", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2020-9912", "impact": "A malicious attacker may be able to change the origin of a frame for a download in Safari Reader mode", "links": [ "https://support.apple.com/en-us/HT211292" ], "module": "Safari Downloads", "rsr": "", "update": "" }, { "available": [ "macOS Catalina 10.15.5" ], "credit": "Cody Thomas of SpecterOps", "description": "This issue was addressed with improved data protection.", "id": "CVE-2020-9913", "impact": "A local user may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT211289" ], "module": "Heimdal", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Andy Davis of NCC Group", "description": "An input validation issue existed in Bluetooth. This issue was addressed with improved input validation.", "id": "CVE-2020-9914", "impact": "An attacker in a privileged network position may be able to perform denial of service attack using malformed Bluetooth packets", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211290" ], "module": "iAP", "rsr": "", "update": "July 24, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave and macOS High Sierra, and included in macOS Catalina" ], "credit": "Ayoub AIT ELMOKHTAR of Noon", "description": "An access issue existed in Content Security Policy. This issue was addressed with improved access restrictions.", "id": "CVE-2020-9915", "impact": "Processing maliciously crafted web content may prevent Content Security Policy from being enforced", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211290", "https://support.apple.com/en-us/HT211291", "https://support.apple.com/en-us/HT211292", "https://support.apple.com/en-us/HT211293", "https://support.apple.com/en-us/HT211294", "https://support.apple.com/en-us/HT211295" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave and macOS High Sierra, and included in macOS Catalina" ], "credit": "Rakesh Mane (@RakeshMane10)", "description": "A URL Unicode encoding issue was addressed with improved state management.", "id": "CVE-2020-9916", "impact": "A malicious attacker may be able to conceal the destination of a URL", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211290", "https://support.apple.com/en-us/HT211291", "https://support.apple.com/en-us/HT211292", "https://support.apple.com/en-us/HT211293", "https://support.apple.com/en-us/HT211294", "https://support.apple.com/en-us/HT211295" ], "module": "WebKit Page Loading", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Pradeep Deokate of Harman, Stefan B\u00f6hrer at Daimler AG, proofnet.de", "description": "This issue was addressed with improved checks.", "id": "CVE-2020-9917", "impact": "A remote attacker may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT211288" ], "module": "Wi-Fi", "rsr": "", "update": "July 24, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Catalina 10.15.5" ], "credit": "Jianjun Dai of 360 Alpha Lab working with 360 BugCloud (bugcloud.360.cn)", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2020-9918", "impact": "A remote attacker may be able to cause unexpected system termination or corrupt kernel memory", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211289", "https://support.apple.com/en-us/HT211290", "https://support.apple.com/en-us/HT211291" ], "module": "Wi-Fi", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Catalina 10.15.5" ], "credit": "Mickey Jin of Trend Micro", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2020-9919", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211289", "https://support.apple.com/en-us/HT211290", "https://support.apple.com/en-us/HT211291", "https://support.apple.com/en-us/HT211293", "https://support.apple.com/en-us/HT211294", "https://support.apple.com/en-us/HT211295" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Catalina 10.15.5" ], "credit": "YongYue Wang AKA BigChan of Hillstone Networks AF Team", "description": "A path handling issue was addressed with improved validation.", "id": "CVE-2020-9920", "impact": "A malicious mail server may overwrite arbitrary mail files", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211289", "https://support.apple.com/en-us/HT211291" ], "module": "Mail", "rsr": "", "update": "July 24, 2020" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.5" ], "credit": "ABC Research s.r.o. working with Trend Micro Zero Day Initiative", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2020-9921", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT211289" ], "module": "Intel Graphics Driver", "rsr": "", "update": "August 5, 2020" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.5" ], "credit": "Mikko Kentt\u00e4l\u00e4 (@Turmio_) of SensorFu", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2020-9922", "impact": "Processing a maliciously crafted email may lead to writing arbitrary files", "links": [ "https://support.apple.com/en-us/HT211289" ], "module": "Mail", "rsr": "", "update": "November 12, 2020" }, { "available": [ "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Proteas", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2020-9923", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211291" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.5" ], "credit": "Matt DeVore of Google", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2020-9924", "impact": "A remote attacker may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT211289" ], "module": "Kernel", "rsr": "", "update": "July 24, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave and macOS High Sierra, and included in macOS Catalina" ], "credit": "an anonymous researcher", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2020-9925", "impact": "Processing maliciously crafted web content may lead to universal cross site scripting", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211290", "https://support.apple.com/en-us/HT211291", "https://support.apple.com/en-us/HT211292", "https://support.apple.com/en-us/HT211293", "https://support.apple.com/en-us/HT211294", "https://support.apple.com/en-us/HT211295" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Catalina 10.15.5" ], "credit": "Found by OSS-Fuzz", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2020-9926", "impact": "Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211289", "https://support.apple.com/en-us/HT211290", "https://support.apple.com/en-us/HT211291", "https://support.apple.com/en-us/HT211293", "https://support.apple.com/en-us/HT211294", "https://support.apple.com/en-us/HT211295" ], "module": "libxml2", "rsr": "", "update": "March 16, 2021" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.5" ], "credit": "Lilang Wu working with TrendMicro\u2019s Zero Day Initiative", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2020-9927", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT211289" ], "module": "AMD", "rsr": "", "update": "August 5, 2020" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.5" ], "credit": "Yu Wang of Didi Research America", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2020-9928", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT211289" ], "module": "Bluetooth", "rsr": "", "update": "August 5, 2020" }, { "available": [ "macOS Mojave 10.14.6, macOS Catalina 10.15.5" ], "credit": "Yu Wang of Didi Research America", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2020-9929", "impact": "A local user may be able to cause unexpected system termination or read kernel memory", "links": [ "https://support.apple.com/en-us/HT211289" ], "module": "Bluetooth", "rsr": "", "update": "August 5, 2020" }, { "available": [ "macOS Mojave 10.14.6, macOS Catalina 10.15.5" ], "credit": "Zhiyi Zhang from Codesafe Team of Legendsec at Qi'anxin Group", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2020-9930", "impact": "A local user may be able to cause unexpected system termination or read kernel memory", "links": [ "https://support.apple.com/en-us/HT211289" ], "module": "Sandbox", "rsr": "", "update": "December 15, 2020" }, { "available": [ "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Dennis Heinze (@ttdennis) of TU Darmstadt, Secure Mobile Networking Lab", "description": "A denial of service issue was addressed with improved input validation.", "id": "CVE-2020-9931", "impact": "A remote attacker may cause an unexpected application termination", "links": [ "https://support.apple.com/en-us/HT211288" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Min (Spark) Zheng and Xiaolong Bai of Alibaba Inc.", "description": "An authorization issue was addressed with improved state management.", "id": "CVE-2020-9933", "impact": "A malicious application may be able to read sensitive location information", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211290", "https://support.apple.com/en-us/HT211291" ], "module": "GeoServices", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Catalina 10.15.5" ], "credit": "Matt Shockley (linkedin.com/in/shocktop)", "description": "An issue existed in the handling of environment variables. This issue was addressed with improved validation.", "id": "CVE-2020-9934", "impact": "A local user may be able to view sensitive user information", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211289" ], "module": "CoreFoundation", "rsr": "", "update": "August 5, 2020" }, { "available": [ "macOS Catalina 10.15.5" ], "credit": "an anonymous researcher", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2020-9935", "impact": "A user may be unexpectedly logged in to another user\u2019s account", "links": [ "https://support.apple.com/en-us/HT211289" ], "module": "Login Window", "rsr": "", "update": "September 21, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Catalina 10.15.5" ], "credit": "Mickey Jin of Trend Micro", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2020-9936", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211289", "https://support.apple.com/en-us/HT211290", "https://support.apple.com/en-us/HT211291", "https://support.apple.com/en-us/HT211293", "https://support.apple.com/en-us/HT211294", "https://support.apple.com/en-us/HT211295" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Catalina 10.15.5" ], "credit": "Xingwei Lin of Ant-Financial Light-Year Security Lab", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2020-9937", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211289", "https://support.apple.com/en-us/HT211290", "https://support.apple.com/en-us/HT211291", "https://support.apple.com/en-us/HT211293", "https://support.apple.com/en-us/HT211294", "https://support.apple.com/en-us/HT211295" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Catalina 10.15.5", "macOS Mojave 10.14.6, macOS Catalina 10.15.5" ], "credit": "Xingwei Lin of Ant-Financial Light-Year Security Lab", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2020-9938", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211289", "https://support.apple.com/en-us/HT211290", "https://support.apple.com/en-us/HT211291", "https://support.apple.com/en-us/HT211293", "https://support.apple.com/en-us/HT211294", "https://support.apple.com/en-us/HT211295" ], "module": "ImageIO", "rsr": "", "update": "September 21, 2020" }, { "available": [ "macOS Catalina 10.15.5" ], "credit": "@jinmo123, @setuid0x0_, and @insu_yun_en of @SSLab_Gatech working with Trend Micro\u2019s Zero Day Initiative", "description": "This issue was addressed with improved checks.", "id": "CVE-2020-9939", "impact": "A local user may be able to load unsigned kernel extensions", "links": [ "https://support.apple.com/en-us/HT211289" ], "module": "Sandbox", "rsr": "", "update": "August 5, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave 10.14.6, macOS Catalina 10.15.5" ], "credit": "Holger Fuhrmannek of Deutsche Telekom Security", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2020-9940", "impact": "Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211289", "https://support.apple.com/en-us/HT211290" ], "module": "Model I/O", "rsr": "", "update": "September 21, 2020" }, { "available": [ "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS High Sierra 10.13.6" ], "credit": "Fabian Ising of FH M\u00fcnster University of Applied Sciences and Damian Poddebniak of FH M\u00fcnster University of Applied Sciences", "description": "This issue was addressed with improved checks.", "id": "CVE-2020-9941", "impact": "A remote attacker may be able to unexpectedly alter application state", "links": [ "https://support.apple.com/en-us/HT211844", "https://support.apple.com/en-us/HT211849", "https://support.apple.com/en-us/HT211850", "https://support.apple.com/en-us/HT211931" ], "module": "Mail", "rsr": "", "update": "" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "macOS Mojave and macOS High Sierra, and included in macOS Catalina" ], "credit": "an anonymous researcher, Rahul d Kankrale (servicenger.com), Rayyan Bijoora (@Bijoora) of The City School, PAF Chapter, Ruilin Yang of Tencent Security Xuanwu Lab, YoKo Kho (@YoKoAcc) of PT Telekomunikasi Indonesia (Persero) Tbk, Zhiyang Zeng(@Wester) of OPPO ZIWU Security Lab", "description": "An inconsistent user interface issue was addressed with improved state management.", "id": "CVE-2020-9942", "impact": "Visiting a malicious website may lead to address bar spoofing", "links": [ "https://support.apple.com/en-us/HT211292", "https://support.apple.com/en-us/HT211931" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave 10.14.6, macOS Catalina 10.15.7" ], "credit": "JunDong Xie of Ant Security Light-Year Lab", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2020-9943", "impact": "A malicious application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT211843", "https://support.apple.com/en-us/HT211844", "https://support.apple.com/en-us/HT211850", "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT212011" ], "module": "Audio", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave 10.14.6, macOS Catalina 10.15.7" ], "credit": "JunDong Xie of Ant Security Light-Year Lab", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2020-9944", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT211843", "https://support.apple.com/en-us/HT211844", "https://support.apple.com/en-us/HT211850", "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT212011" ], "module": "Audio", "rsr": "", "update": "" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "macOS Catalina and macOS Mojave" ], "credit": "Narendra Bhati of Suma Soft Pvt. Ltd. Pune (India) @imnarendrabhati", "description": "A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation.", "id": "CVE-2020-9945", "impact": "Visiting a malicious website may lead to address bar spoofing", "links": [ "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT211934" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Daniel Larsson of iolight AB", "description": "This issue was addressed with improved checks.", "id": "CVE-2020-9946", "impact": "The screen lock may not engage after the specified time period", "links": [ "https://support.apple.com/en-us/HT211844", "https://support.apple.com/en-us/HT211850" ], "module": "Phone", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Catalina and macOS Mojave, and included in macOS Big Sur" ], "credit": "cc working with Trend Micro Zero Day Initiative", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2020-9947", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211843", "https://support.apple.com/en-us/HT211844", "https://support.apple.com/en-us/HT211845", "https://support.apple.com/en-us/HT211850", "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT211935", "https://support.apple.com/en-us/HT211952" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Catalina and macOS Mojave" ], "credit": "Brendan Draper (@6r3nd4n) working with Trend Micro Zero Day Initiative", "description": "A type confusion issue was addressed with improved memory handling.", "id": "CVE-2020-9948", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211845" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6" ], "credit": "Proteas", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2020-9949", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT211289", "https://support.apple.com/en-us/HT211843", "https://support.apple.com/en-us/HT211844", "https://support.apple.com/en-us/HT211850", "https://support.apple.com/en-us/HT211931" ], "module": "CoreCapture", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Catalina and macOS Mojave, and included in macOS Big Sur" ], "credit": "cc working with Trend Micro Zero Day Initiative", "description": "Processing maliciously crafted web content may lead to arbitrary code execution.", "id": "CVE-2020-9950", "impact": "A use after free issue was addressed with improved memory management", "links": [ "https://support.apple.com/en-us/HT211843", "https://support.apple.com/en-us/HT211844", "https://support.apple.com/en-us/HT211845", "https://support.apple.com/en-us/HT211850", "https://support.apple.com/en-us/HT211931" ], "module": "WebKit", "rsr": "", "update": "July 21, 2021" }, { "available": [ "", "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Catalina and macOS Mojave, and included in macOS Big Sur" ], "credit": "Marcin 'Icewall' Noga of Cisco Talos", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2020-9951", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211843", "https://support.apple.com/en-us/HT211844", "https://support.apple.com/en-us/HT211845", "https://support.apple.com/en-us/HT211850", "https://support.apple.com/en-us/HT211935", "https://support.apple.com/en-us/HT211952" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Catalina and macOS Mojave" ], "credit": "Ryan Pickren (ryanpickren.com)", "description": "An input validation issue was addressed with improved input validation.", "id": "CVE-2020-9952", "impact": "Processing maliciously crafted web content may lead to a cross site scripting attack", "links": [ "https://support.apple.com/en-us/HT211843", "https://support.apple.com/en-us/HT211844", "https://support.apple.com/en-us/HT211845", "https://support.apple.com/en-us/HT211846", "https://support.apple.com/en-us/HT211847", "https://support.apple.com/en-us/HT211850" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Catalina 10.15" ], "credit": "Francis working with Trend Micro Zero Day Initiative, JunDong Xie of Ant Group Light-Year Security Lab", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2020-9954", "impact": "Playing a malicious audio file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211843", "https://support.apple.com/en-us/HT211844", "https://support.apple.com/en-us/HT211849", "https://support.apple.com/en-us/HT211850" ], "module": "CoreAudio", "rsr": "", "update": "November 12, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Mickey Jin of Trend Micro, Xingwei Lin of Ant Security Light-Year Lab", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2020-9955", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211843", "https://support.apple.com/en-us/HT211844", "https://support.apple.com/en-us/HT211850", "https://support.apple.com/en-us/HT211931" ], "module": "ImageIO", "rsr": "", "update": "December 14, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave 10.14.6, macOS Catalina 10.15.7" ], "credit": "Mickey Jin and Junzhi Lu of Trend Micro Mobile Security Research Team working with Trend Micro\u2019s Zero Day Initiative", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2020-9956", "impact": "Processing a maliciously crafted font file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211843", "https://support.apple.com/en-us/HT211844", "https://support.apple.com/en-us/HT211850", "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT212011" ], "module": "FontParser", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Mohamed Ghannam (@_simo36)", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2020-9958", "impact": "An application may be able to cause unexpected system termination or write kernel memory", "links": [ "https://support.apple.com/en-us/HT211850" ], "module": "AppleAVD", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "an anonymous researcher, an anonymous researcher, an anonymous researcher, an anonymous researcher, an anonymous researcher, an anonymous researcher, Andrew Goldberg The University of Texas at Austin, McCombs School of Business, Meli\u0307h Kerem G\u00fcne\u015f of Li\u0307v College, Sinan Gulguler", "description": "A lock screen issue allowed access to messages on a locked device. This issue was addressed with improved state management.", "id": "CVE-2020-9959", "impact": "A person with physical access to an iOS device may be able to view notification contents from the lockscreen", "links": [ "https://support.apple.com/en-us/HT211850" ], "module": "Siri", "rsr": "", "update": "December 15, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave 10.14.6, macOS Catalina 10.15.7" ], "credit": "JunDong Xie and Xingwei Lin of Ant Security Light-Year Lab", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2020-9960", "impact": "Processing a maliciously crafted audio file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211843", "https://support.apple.com/en-us/HT211844", "https://support.apple.com/en-us/HT211850", "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT212011" ], "module": "CoreAudio", "rsr": "", "update": "March 16, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15" ], "credit": "Xingwei Lin of Ant Security Light-Year Lab", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2020-9961", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211843", "https://support.apple.com/en-us/HT211844", "https://support.apple.com/en-us/HT211849", "https://support.apple.com/en-us/HT211850", "https://support.apple.com/en-us/HT211935", "https://support.apple.com/en-us/HT211952" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave 10.14.6, macOS Catalina 10.15.7" ], "credit": "Yi\u011fit Can YILMAZ (@yilmazcanyigit)", "description": "A buffer overflow was addressed with improved size validation.", "id": "CVE-2020-9962", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211843", "https://support.apple.com/en-us/HT211844", "https://support.apple.com/en-us/HT211850", "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT212011" ], "module": "FontParser", "rsr": "", "update": "" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Csaba Fitzl (@theevilbit) of Offensive Security", "description": "The issue was addressed with improved handling of icon caches.", "id": "CVE-2020-9963", "impact": "A malicious app may be able to determine the existence of files on the computer", "links": [ "https://support.apple.com/en-us/HT211850", "https://support.apple.com/en-us/HT211931" ], "module": "Quick Look", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Mohamed Ghannam (@_simo36), Tommy Muir (@Muirey03)", "description": "A memory initialization issue was addressed with improved memory handling.", "id": "CVE-2020-9964", "impact": "A local user may be able to read kernel memory", "links": [ "https://support.apple.com/en-us/HT211850" ], "module": "IOSurfaceAccelerator", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Proteas", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2020-9965", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT211843", "https://support.apple.com/en-us/HT211844", "https://support.apple.com/en-us/HT211850", "https://support.apple.com/en-us/HT211931" ], "module": "Disk Images", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Proteas", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2020-9966", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT211843", "https://support.apple.com/en-us/HT211844", "https://support.apple.com/en-us/HT211850", "https://support.apple.com/en-us/HT211931" ], "module": "Disk Images", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave 10.14.6, macOS Catalina 10.15.7" ], "credit": "Alex Plaskett (@alexjplaskett)", "description": "Multiple memory corruption issues were addressed with improved input validation.", "id": "CVE-2020-9967", "impact": "A remote attacker may be able to cause unexpected system termination or corrupt kernel memory", "links": [ "https://support.apple.com/en-us/HT211843", "https://support.apple.com/en-us/HT211844", "https://support.apple.com/en-us/HT211850", "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT212011" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15" ], "credit": "Adam Chester(@_xpn_) of TrustedSec", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2020-9968", "impact": "A malicious application may be able to access restricted files", "links": [ "https://support.apple.com/en-us/HT211843", "https://support.apple.com/en-us/HT211844", "https://support.apple.com/en-us/HT211849", "https://support.apple.com/en-us/HT211850" ], "module": "Sandbox", "rsr": "", "update": "November 12, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Wojciech Regu\u0142a of SecuRing (wojciechregula.blog)", "description": "An access issue was addressed with additional sandbox restrictions.", "id": "CVE-2020-9969", "impact": "A local user may be able to view senstive user information", "links": [ "https://support.apple.com/en-us/HT211843", "https://support.apple.com/en-us/HT211844", "https://support.apple.com/en-us/HT211850", "https://support.apple.com/en-us/HT211931" ], "module": "Sandbox", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab", "description": "A logic issue was addressed with improved validation.", "id": "CVE-2020-9971", "impact": "A malicious application may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/HT211843", "https://support.apple.com/en-us/HT211844", "https://support.apple.com/en-us/HT211850", "https://support.apple.com/en-us/HT211931" ], "module": "libxpc", "rsr": "", "update": "December 14, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Catalina 10.15.7, macOS Big Sur 11.0.1" ], "credit": "Aleksandar Nikolic of Cisco Talos", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2020-9972", "impact": "Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211850", "https://support.apple.com/en-us/HT212003", "https://support.apple.com/en-us/HT212005", "https://support.apple.com/en-us/HT212011" ], "module": "Model I/O", "rsr": "", "update": "March 16, 2021" }, { "available": [ "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15" ], "credit": "Aleksandar Nikolic of Cisco Talos", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2020-9973", "impact": "Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211849", "https://support.apple.com/en-us/HT211850" ], "module": "Model I/O", "rsr": "", "update": "November 12, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "iPhone 6s and later, iPod touch (7th generation), iPad Air 2 and later, and iPad mini 4 and later", "macOS Mojave 10.14.6, macOS Catalina 10.15.7" ], "credit": "Tommy Muir (@Muirey03)", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2020-9974", "impact": "A malicious application may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT211928", "https://support.apple.com/en-us/HT211929", "https://support.apple.com/en-us/HT211930", "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT212011" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave 10.14.6, macOS Catalina 10.15.7" ], "credit": "Tielei Wang of Pangu Lab", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2020-9975", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT211843", "https://support.apple.com/en-us/HT211844", "https://support.apple.com/en-us/HT211850", "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT212011" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Rias A. Sherzad of JAIDE GmbH in Hamburg, Germany", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2020-9976", "impact": "A malicious application may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT211843", "https://support.apple.com/en-us/HT211844", "https://support.apple.com/en-us/HT211850" ], "module": "Keyboard", "rsr": "", "update": "" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Josh Parnham (@joshparnham)", "description": "A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement.", "id": "CVE-2020-9977", "impact": "A malicious application may be able to determine a user's open tabs in Safari", "links": [ "https://support.apple.com/en-us/HT211850", "https://support.apple.com/en-us/HT211931" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave 10.14.6, macOS Catalina 10.15.7" ], "credit": "Luyi Xing, Dongfang Zhao, and Xiaofeng Wang of Indiana University Bloomington, Yan Jia of Xidian University and University of Chinese Academy of Sciences, and Bin Yuan of HuaZhong University of Science and Technology", "description": "This issue was addressed with improved setting propagation.", "id": "CVE-2020-9978", "impact": "An attacker in a privileged network position may be able to unexpectedly alter application state", "links": [ "https://support.apple.com/en-us/HT211843", "https://support.apple.com/en-us/HT211844", "https://support.apple.com/en-us/HT211850", "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT212011" ], "module": "HomeKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "CodeColorist of LightYear Security Lab of AntGroup", "description": "A trust issue was addressed by removing a legacy API.", "id": "CVE-2020-9979", "impact": "An attacker may be able to misuse a trust relationship to download malicious content", "links": [ "https://support.apple.com/en-us/HT211843", "https://support.apple.com/en-us/HT211850" ], "module": "Assets", "rsr": "", "update": "November 12, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Catalina 10.15.5" ], "credit": "Xingwei Lin of Ant Security Light-Year Lab", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2020-9980", "impact": "Processing a maliciously crafted font file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211289", "https://support.apple.com/en-us/HT211290", "https://support.apple.com/en-us/HT211291" ], "module": "FontParser", "rsr": "", "update": "September 21, 2020, updated October 19, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15" ], "credit": "found by OSS-Fuzz", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2020-9981", "impact": "Processing a maliciously crafted file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211843", "https://support.apple.com/en-us/HT211844", "https://support.apple.com/en-us/HT211849", "https://support.apple.com/en-us/HT211850", "https://support.apple.com/en-us/HT211935", "https://support.apple.com/en-us/HT211952" ], "module": "libxml2", "rsr": "", "update": "" }, { "available": [ "Android version 5.0 and later" ], "credit": "Pratik B. R", "description": "This issue was addressed with improved checks to prevent unauthorized actions.", "id": "CVE-2020-9982", "impact": "A malicious application may be able to leak a user's credentials", "links": [ "https://support.apple.com/en-us/HT211898" ], "module": "Apple Music", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Catalina and macOS Mojave" ], "credit": "zhunki", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2020-9983", "impact": "Processing maliciously crafted web content may lead to code execution", "links": [ "https://support.apple.com/en-us/HT211843", "https://support.apple.com/en-us/HT211844", "https://support.apple.com/en-us/HT211845", "https://support.apple.com/en-us/HT211850", "https://support.apple.com/en-us/HT211935", "https://support.apple.com/en-us/HT211952" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave 10.14.6, macOS Catalina 10.15.5" ], "credit": "an anonymous researcher", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2020-9984", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211289", "https://support.apple.com/en-us/HT211290", "https://support.apple.com/en-us/HT211291", "https://support.apple.com/en-us/HT211293", "https://support.apple.com/en-us/HT211294", "https://support.apple.com/en-us/HT211295" ], "module": "ImageIO", "rsr": "", "update": "September 21, 2020" }, { "available": [ "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave 10.14.6, macOS Catalina 10.15.5" ], "credit": "Holger Fuhrmannek of Deutsche Telekom Security", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2020-9985", "impact": "Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211288", "https://support.apple.com/en-us/HT211289", "https://support.apple.com/en-us/HT211291" ], "module": "Model I/O", "rsr": "", "update": "September 21, 2020" }, { "available": [ "macOS Catalina 10.15" ], "credit": "Tim Kornhuber, Milan Stute and Alexander Heinrich of TU Darmstadt, Secure Mobile Networking Lab", "description": "A file access issue existed with certain home folder files. This was addressed with improved access restrictions.", "id": "CVE-2020-9986", "impact": "A malicious application may be able to read sensitive location information", "links": [ "https://support.apple.com/en-us/HT211849" ], "module": "Find My", "rsr": "", "update": "November 12, 2020" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "macOS Catalina and macOS Mojave, and included in macOS Big Sur" ], "credit": "Rafay Baloch (cybercitadel.com) of Cyber Citadel", "description": "Visiting a malicious website may lead to address bar spoofing.", "id": "CVE-2020-9987", "impact": "An inconsistent user interface issue was addressed with improved state management", "links": [ "https://support.apple.com/en-us/HT211845", "https://support.apple.com/en-us/HT211931" ], "module": "Safari", "rsr": "", "update": "July 21, 2021" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "William Breuer of the Netherlands", "description": "The issue was addressed with improved deletion.", "id": "CVE-2020-9988", "impact": "A local user may be able to discover a user\u2019s deleted messages", "links": [ "https://support.apple.com/en-us/HT211850", "https://support.apple.com/en-us/HT211931" ], "module": "Messages", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "von Brunn Media", "description": "The issue was addressed with improved deletion.", "id": "CVE-2020-9989", "impact": "A local user may be able to discover a user\u2019s deleted messages", "links": [ "https://support.apple.com/en-us/HT211844", "https://support.apple.com/en-us/HT211850", "https://support.apple.com/en-us/HT211931" ], "module": "Messages", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.5" ], "credit": "ABC Research s.r.l. working with Trend Micro Zero Day Initiative, ABC Research s.r.o. working with Trend Micro Zero Day Initiative", "description": "A race condition was addressed with additional validation.", "id": "CVE-2020-9990", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT211289" ], "module": "Intel Graphics Driver", "rsr": "", "update": "September 21, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "", "description": "This issue was addressed with improved checks.", "id": "CVE-2020-9991", "impact": "A remote attacker may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT211843", "https://support.apple.com/en-us/HT211844", "https://support.apple.com/en-us/HT211846", "https://support.apple.com/en-us/HT211847", "https://support.apple.com/en-us/HT211850", "https://support.apple.com/en-us/HT211931" ], "module": "SQLite", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Catalina 10.15.4 and later" ], "credit": "Dany Lisiansky (@DanyL931), Nikias Bassen of Zimperium zLabs", "description": "This issue was addressed by encrypting communications over the network to devices running iOS 14, iPadOS 14, tvOS 14, and watchOS 7.", "id": "CVE-2020-9992", "impact": "An attacker in a privileged network position may be able to execute arbitrary code on a paired device during a debug session over the network", "links": [ "https://support.apple.com/en-us/HT211848", "https://support.apple.com/en-us/HT211850" ], "module": "IDE Device Support", "rsr": "", "update": "September 17, 2020" }, { "available": [ "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Catalina and macOS Mojave, and included in macOS Big Sur" ], "credit": "Masato Sugiyama (@smasato) of University of Tsukuba, Piotr Duszynski", "description": "The issue was addressed with improved UI handling.", "id": "CVE-2020-9993", "impact": "Visiting a malicious website may lead to address bar spoofing", "links": [ "https://support.apple.com/en-us/HT211844", "https://support.apple.com/en-us/HT211845", "https://support.apple.com/en-us/HT211850" ], "module": "Safari", "rsr": "", "update": "November 12, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 1 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation", "macOS Catalina 10.15.4", "macOS Mojave 10.14.6, macOS High Sierra 10.13.6" ], "credit": "Apple", "description": "A path handling issue was addressed with improved validation.", "id": "CVE-2020-9994", "impact": "A malicious application may be able to overwrite arbitrary files", "links": [ "https://support.apple.com/en-us/HT211168", "https://support.apple.com/en-us/HT211170", "https://support.apple.com/en-us/HT211171", "https://support.apple.com/en-us/HT211175", "https://support.apple.com/en-us/HT211289" ], "module": "libxpc", "rsr": "", "update": "September 21, 2020" }, { "available": [ "macOS Big Sur" ], "credit": "Rajpal Arora (@whacktohack), Rohan Sharma (r0hanSH)", "description": "An issue existed in the parsing of URLs. This issue was addressed with improved input validation.", "id": "CVE-2020-9995", "impact": "Processing a maliciously crafted URL may lead to an open redirect or cross site scripting", "links": [ "https://support.apple.com/en-us/HT211932" ], "module": "Profile Manager", "rsr": "", "update": "" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Zhiwei Yuan of Trend Micro iCore Team, Junzhi Lu and Mickey Jin of Trend Micro", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2020-9996", "impact": "A malicious application may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/HT211850", "https://support.apple.com/en-us/HT211931" ], "module": "NetworkExtension", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 1 and later", "macOS Catalina 10.15.5" ], "credit": "Catalin Valeriu Lita of SecurityScorecard", "description": "An information disclosure issue was addressed with improved state management.", "id": "CVE-2020-9997", "impact": "A malicious application may disclose restricted memory", "links": [ "https://support.apple.com/en-us/HT211289", "https://support.apple.com/en-us/HT211291" ], "module": "Kernel", "rsr": "", "update": "September 21, 2020" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)", "Windows 10 and later via the Microsoft Store", "Windows 7 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Apple", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2020-9999", "impact": "Processing a maliciously crafted text file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211843", "https://support.apple.com/en-us/HT211844", "https://support.apple.com/en-us/HT211850", "https://support.apple.com/en-us/HT211931", "https://support.apple.com/en-us/HT211935", "https://support.apple.com/en-us/HT211952" ], "module": "CoreText", "rsr": "", "update": "December 15, 2020" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)" ], "credit": "Yuval Ron, Amichai Shulman, and Eli Biham of Technion - Israel Institute of Technology", "description": "A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management.", "id": "CVE-2021-1755", "impact": "A person with physical access to an iOS device may be able to access contacts from the lock screen", "links": [ "https://support.apple.com/en-us/HT211931" ], "module": "Siri", "rsr": "", "update": "March 16, 2021" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)" ], "credit": "Mickey Jin and Qi Sun of Trend Micro working with Trend Micro\u2019s Zero Day Initiative", "description": "This issue was addressed by removing the vulnerable code.", "id": "CVE-2021-1775", "impact": "Processing a maliciously crafted font may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211931" ], "module": "FontParser", "rsr": "", "update": "October 25, 2021" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)" ], "credit": "Peter Nguyen Vu Hoang of STAR Labs", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2021-1790", "impact": "Processing a maliciously crafted text file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT211931" ], "module": "FontParser", "rsr": "", "update": "May 25, 2022" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)" ], "credit": "Csaba Fitzl (@theevilbit) of Offensive Security", "description": "The issue was addressed with improved permissions logic.", "id": "CVE-2021-1803", "impact": "A local application may be able to enumerate the user's iCloud documents", "links": [ "https://support.apple.com/en-us/HT211931" ], "module": "Sandbox", "rsr": "", "update": "March 16, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Lee of CompSec@SNU", "description": "A buffer overflow was addressed with improved size validation.", "id": "CVE-2021-31077", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT212003", "https://support.apple.com/en-us/HT212005", "https://support.apple.com/en-us/HT212009" ], "module": "Wi-Fi", "rsr": "", "update": "March 16, 2023" } ] ================================================ FILE: 2020/README.md ================================================ # Apple CVE 2020 * data source: https://support.apple.com/en-us/HT201222 * [2020.json](2020.json) ## ITW | Index | CVE ID | Module | |:-----:|:------:|:------------------ | | 1 | CVE-2020-27930 | FontParser | | 2 | CVE-2020-27932 | Kernel | | 3 | CVE-2020-27950 | Kernel | ## Modules | Index | Module Name | CVE Count | |:-----:|:------------------ |:---------:| | 1 | Kernel | 43 | | 2 | ImageIO | 42 | | 3 | WebKit | 36 | | 4 | FontParser | 19 | | 5 | Bluetooth | 17 | | 6 | Model I/O | 14 | | 7 | Wi-Fi | 14 | | 8 | Audio | 13 | | 9 | Intel Graphics Driver | 11 | | 10 | Safari | 11 | | 11 | libxml2 | 10 | | 12 | Mail | 9 | | 13 | SQLite | 8 | | 14 | Sandbox | 8 | | 15 | CoreAudio | 7 | | 16 | Messages | 7 | | 17 | Security | 6 | | 18 | libxpc | 5 | | 19 | CoreBluetooth | 5 | | 20 | Crash Reporter | 4 | | 21 | AMD | 4 | | 22 | Image Processing | 4 | | 23 | FaceTime | 4 | | 24 | WebKit Page Loading | 4 | | 25 | WebRTC | 3 | | 26 | CoreText | 3 | | 27 | Graphics Drivers | 3 | | 28 | AppleMobileFileIntegrity | 3 | | 29 | PackageKit | 3 | | 30 | sudo | 2 | | 31 | Vim | 2 | | 32 | PCRE | 2 | | 33 | CUPS | 2 | | 34 | Power Management | 2 | | 35 | TCC | 2 | | 36 | System Preferences | 2 | | 37 | Quick Look | 2 | | 38 | Ruby | 2 | | 39 | Perl | 2 | | 40 | Git | 2 | | 41 | NSRemoteView | 2 | | 42 | Keyboard | 2 | | 43 | App Store | 2 | | 44 | IOAcceleratorFamily | 2 | | 45 | AppleGraphicsControl | 2 | | 46 | Login Window | 2 | | 47 | Phone | 2 | | 48 | IPSec | 2 | | 49 | Safari Login AutoFill | 2 | | 50 | CoreFoundation | 2 | | 51 | Icons | 2 | | 52 | Accounts | 2 | | 53 | Safari Downloads | 2 | | 54 | sysdiagnose | 2 | | 55 | Find My | 2 | | 56 | CoreGraphics | 2 | | 57 | Siri | 2 | | 58 | Disk Images | 2 | | 59 | rsync | 1 | | 60 | apache_mod_php | 1 | | 61 | ksh | 1 | | 62 | zsh | 1 | | 63 | IOUSBDeviceFamily | 1 | | 64 | Foundation | 1 | | 65 | smbx | 1 | | 66 | Xsan | 1 | | 67 | Logging | 1 | | 68 | OpenLDAP | 1 | | 69 | Screen Sharing | 1 | | 70 | Finder | 1 | | 71 | Windows Security | 1 | | 72 | Symptom Framework | 1 | | 73 | CallKit | 1 | | 74 | XNU | 1 | | 75 | Directory Utility | 1 | | 76 | Apple TV app | 1 | | 77 | CFNetwork Cache | 1 | | 78 | WebKit Storage | 1 | | 79 | wifivelocityd | 1 | | 80 | IOThunderboltFamily | 1 | | 81 | files | 1 | | 82 | Mobile Device Service | 1 | | 83 | crontab | 1 | | 84 | autofs | 1 | | 85 | Screenshots | 1 | | 86 | AnnotationKit | 1 | | 87 | Calendar | 1 | | 88 | Web App | 1 | | 89 | Time Machine | 1 | | 90 | Messages Composition | 1 | | 91 | iTunes | 1 | | 92 | Apple HSSPI Support | 1 | | 93 | Printing | 1 | | 94 | ActionKit | 1 | | 95 | IOHIDFamily | 1 | | 96 | Found in Apps | 1 | | 97 | Call History | 1 | | 98 | Mail Attachments | 1 | | 99 | USB Audio | 1 | | 100 | Python | 1 | | 101 | AppleUSBNetworking | 1 | | 102 | Software Update | 1 | | 103 | File System | 1 | | 104 | SIP | 1 | | 105 | AirDrop | 1 | | 106 | WindowServer | 1 | | 107 | DiskArbitration | 1 | | 108 | Notifications | 1 | | 109 | CVMS | 1 | | 110 | NSURL | 1 | | 111 | Windows Installer | 1 | | 112 | WebKit Web Inspector | 1 | | 113 | Core Bluetooth | 1 | | 114 | Clang | 1 | | 115 | WebDAV | 1 | | 116 | AVEVideoEncoder | 1 | | 117 | Safari Reader | 1 | | 118 | Heimdal | 1 | | 119 | iAP | 1 | | 120 | GeoServices | 1 | | 121 | CoreCapture | 1 | | 122 | AppleAVD | 1 | | 123 | IOSurfaceAccelerator | 1 | | 124 | HomeKit | 1 | | 125 | Assets | 1 | | 126 | Apple Music | 1 | | 127 | IDE Device Support | 1 | | 128 | Profile Manager | 1 | | 129 | NetworkExtension | 1 | ================================================ FILE: 2021/2021.json ================================================ [ { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina" ], "credit": "an anonymous researcher", "description": "This issue was addressed by updating expat to version 2.4.1.", "id": "CVE-2013-0340", "impact": "A remote attacker may be able to cause a denial of service", "links": [ "https://support.apple.com//en-us/103147", "https://support.apple.com//en-us/103148", "https://support.apple.com//en-us/103153", "https://support.apple.com//en-us/103156", "https://support.apple.com//en-us/103235", "https://support.apple.com/en-us/HT212807" ], "module": "libexpat", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur 11.3 and later" ], "credit": "", "description": "Multiple issues were addressed by updating nginx to version 1.21.0.", "id": "CVE-2016-0742", "impact": "Multiple issues in nginx", "links": [ "https://support.apple.com//en-us/103155" ], "module": "IDE Xcode Server", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur 11.3 and later" ], "credit": "", "description": "Multiple issues were addressed by updating nginx to version 1.21.0.", "id": "CVE-2016-0746", "impact": "Multiple issues in nginx", "links": [ "https://support.apple.com//en-us/103155" ], "module": "IDE Xcode Server", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur 11.3 and later" ], "credit": "", "description": "Multiple issues were addressed by updating nginx to version 1.21.0.", "id": "CVE-2016-0747", "impact": "Multiple issues in nginx", "links": [ "https://support.apple.com//en-us/103155" ], "module": "IDE Xcode Server", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur 11.3 and later" ], "credit": "", "description": "Multiple issues were addressed by updating nginx to version 1.21.0.", "id": "CVE-2017-7529", "impact": "Multiple issues in nginx", "links": [ "https://support.apple.com//en-us/103155" ], "module": "IDE Xcode Server", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur 11.3 and later" ], "credit": "", "description": "Multiple issues were addressed by updating nginx to version 1.21.0.", "id": "CVE-2018-16843", "impact": "Multiple issues in nginx", "links": [ "https://support.apple.com//en-us/103155" ], "module": "IDE Xcode Server", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur 11.3 and later" ], "credit": "", "description": "Multiple issues were addressed by updating nginx to version 1.21.0.", "id": "CVE-2018-16844", "impact": "Multiple issues in nginx", "links": [ "https://support.apple.com//en-us/103155" ], "module": "IDE Xcode Server", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur 11.3 and later" ], "credit": "", "description": "Multiple issues were addressed by updating nginx to version 1.21.0.", "id": "CVE-2018-16845", "impact": "Multiple issues in nginx", "links": [ "https://support.apple.com//en-us/103155" ], "module": "IDE Xcode Server", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "", "description": "Multiple issues were addressed by updating to version 1.2.0.", "id": "CVE-2018-25010", "impact": "Multiple issues in libwebp", "links": [ "https://support.apple.com/en-us/HT212601" ], "module": "Measure", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "", "description": "Multiple issues were addressed by updating to version 1.2.0.", "id": "CVE-2018-25011", "impact": "Multiple issues in libwebp", "links": [ "https://support.apple.com/en-us/HT212601" ], "module": "Measure", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "", "description": "Multiple issues were addressed by updating to version 1.2.0.", "id": "CVE-2018-25014", "impact": "Multiple issues in libwebp", "links": [ "https://support.apple.com/en-us/HT212601" ], "module": "Measure", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur 11.3 and later" ], "credit": "", "description": "Multiple issues were addressed by updating nginx to version 1.21.0.", "id": "CVE-2019-20372", "impact": "Multiple issues in nginx", "links": [ "https://support.apple.com//en-us/103155" ], "module": "IDE Xcode Server", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur 11.0.1" ], "credit": "", "description": "Multiple issues were addressed by updating to version 8.44.", "id": "CVE-2019-20838", "impact": "Multiple issues in pcre", "links": [ "https://support.apple.com/en-us/HT212147" ], "module": "Screen Sharing", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur 11.0.1" ], "credit": "", "description": "Multiple issues were addressed by updating to version 8.44.", "id": "CVE-2020-14155", "impact": "Multiple issues in pcre", "links": [ "https://support.apple.com/en-us/HT212147" ], "module": "Screen Sharing", "rsr": "", "update": "" }, { "available": [ "macOS Catalina 10.15.7" ], "credit": "", "description": "Multiple issues were addressed with improved checks.", "id": "CVE-2020-15358", "impact": "Multiple issues in SQLite", "links": [ "https://support.apple.com/en-us/HT212147" ], "module": "SQLite", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and macOS Mojave 10.14.6" ], "credit": "", "description": "This issue was addressed with improved checks.", "id": "CVE-2020-25709", "impact": "A remote attacker may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT212147" ], "module": "OpenLDAP", "rsr": "", "update": "" }, { "available": [ "macOS Catalina 10.15.7 and macOS Mojave 10.14.6" ], "credit": "Zuozhi Fan (@pattern_F_) of Ant Group Tianqiong Security Lab", "description": "A logic issue existed resulting in memory corruption. This was addressed with improved state management.", "id": "CVE-2020-27904", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT212147" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Catalina 10.15.7" ], "credit": "Wojciech Regu\u0142a (@_r3ggi) of SecuRing", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2020-27937", "impact": "A malicious application may be able to access private information", "links": [ "https://support.apple.com/en-us/HT212147" ], "module": "Directory Utility", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.6, macOS Catalina 10.15.7" ], "credit": "Tim Michaud (@TimGMichaud) of Leviathan", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2020-27938", "impact": "A malicious application may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/HT212147" ], "module": "Power Management", "rsr": "", "update": "" }, { "available": [ "macOS Catalina", "macOS Mojave" ], "credit": "an anonymous researcher", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2020-27942", "impact": "Processing a maliciously crafted font file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212326", "https://support.apple.com/en-us/HT212327" ], "module": "FontParser", "rsr": "", "update": "" }, { "available": [ "macOS Catalina 10.15.7 and macOS Mojave 10.14.6" ], "credit": "Zhuo Liang of Qihoo 360 Vulcan Team", "description": "An integer overflow was addressed with improved input validation.", "id": "CVE-2020-27945", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212147" ], "module": "CFNetwork Cache", "rsr": "", "update": "" }, { "available": [ "macOS Mojave 10.14.6" ], "credit": "Xingwei Lin of Ant Security Light-Year Lab", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2020-29608", "impact": "A remote attacker may be able to leak memory", "links": [ "https://support.apple.com/en-us/HT212147" ], "module": "FontParser", "rsr": "", "update": "" }, { "available": [ "Windows 10 and later via the Microsoft Store" ], "credit": "Ivan Fratric of Google Project Zero", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2020-29611", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212145" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "macOS Catalina 10.15.7" ], "credit": "ZhiWei Sun (@5n1p3r0010) of Topsec Alpha Lab", "description": "This issue was addressed with improved checks.", "id": "CVE-2020-29614", "impact": "Processing a maliciously crafted file may lead to heap corruption", "links": [ "https://support.apple.com/en-us/HT212147" ], "module": "Model I/O", "rsr": "", "update": "" }, { "available": [ "Windows 10 and later via the Microsoft Store" ], "credit": "Xingwei Lin of Ant Security Light-Year Lab", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2020-29617", "impact": "Processing a maliciously crafted image may lead to heap corruption", "links": [ "https://support.apple.com/en-us/HT212145" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Windows 10 and later via the Microsoft Store" ], "credit": "Xingwei Lin of Ant Security Light-Year Lab", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2020-29618", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212145" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Windows 10 and later via the Microsoft Store" ], "credit": "Xingwei Lin of Ant Security Light-Year Lab", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2020-29619", "impact": "Processing a maliciously crafted image may lead to heap corruption", "links": [ "https://support.apple.com/en-us/HT212145" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "macOS Catalina" ], "credit": "Jordy Zomer of Certified Secure", "description": "A race condition was addressed with additional validation.", "id": "CVE-2020-29622", "impact": "Mounting a maliciously crafted NFS network share may lead to arbitrary code execution with system privileges", "links": [ "https://support.apple.com//en-us/103148" ], "module": "Kernel", "rsr": "", "update": "September 20, 2021" }, { "available": [ "macOS Catalina" ], "credit": "an anonymous researcher", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2020-29629", "impact": "Processing a maliciously crafted font file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212530" ], "module": "FontParser", "rsr": "", "update": "May 25, 2022" }, { "available": [ "macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and macOS Mojave 10.14.6" ], "credit": "Jewel Lambert of Original Spin, LLC.", "description": "An authentication issue was addressed with improved state management.", "id": "CVE-2020-29633", "impact": "An attacker in a privileged network position may be able to bypass authentication policy", "links": [ "https://support.apple.com/en-us/HT212147" ], "module": "Login Window", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "", "description": "This issue was addressed with improved checks.", "id": "CVE-2020-36221", "impact": "A remote attacker may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212530", "https://support.apple.com/en-us/HT212531" ], "module": "OpenLDAP", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "", "description": "This issue was addressed with improved checks.", "id": "CVE-2020-36222", "impact": "A remote attacker may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212530", "https://support.apple.com/en-us/HT212531" ], "module": "OpenLDAP", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "", "description": "This issue was addressed with improved checks.", "id": "CVE-2020-36223", "impact": "A remote attacker may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212530", "https://support.apple.com/en-us/HT212531" ], "module": "OpenLDAP", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "", "description": "This issue was addressed with improved checks.", "id": "CVE-2020-36224", "impact": "A remote attacker may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212530", "https://support.apple.com/en-us/HT212531" ], "module": "OpenLDAP", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "", "description": "This issue was addressed with improved checks.", "id": "CVE-2020-36225", "impact": "A remote attacker may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212530", "https://support.apple.com/en-us/HT212531" ], "module": "OpenLDAP", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "", "description": "This issue was addressed with improved checks.", "id": "CVE-2020-36226", "impact": "A remote attacker may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212530", "https://support.apple.com/en-us/HT212531" ], "module": "OpenLDAP", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "", "description": "This issue was addressed with improved checks.", "id": "CVE-2020-36227", "impact": "A remote attacker may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212530", "https://support.apple.com/en-us/HT212531" ], "module": "OpenLDAP", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "", "description": "This issue was addressed with improved checks.", "id": "CVE-2020-36228", "impact": "A remote attacker may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212530", "https://support.apple.com/en-us/HT212531" ], "module": "OpenLDAP", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "", "description": "This issue was addressed with improved checks.", "id": "CVE-2020-36229", "impact": "A remote attacker may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212530", "https://support.apple.com/en-us/HT212531" ], "module": "OpenLDAP", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "", "description": "This issue was addressed with improved checks.", "id": "CVE-2020-36230", "impact": "A remote attacker may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212530", "https://support.apple.com/en-us/HT212531" ], "module": "OpenLDAP", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "", "description": "Multiple issues were addressed by updating to version 1.2.0.", "id": "CVE-2020-36328", "impact": "Multiple issues in libwebp", "links": [ "https://support.apple.com/en-us/HT212601" ], "module": "Measure", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "", "description": "Multiple issues were addressed by updating to version 1.2.0.", "id": "CVE-2020-36329", "impact": "Multiple issues in libwebp", "links": [ "https://support.apple.com/en-us/HT212601" ], "module": "Measure", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "", "description": "Multiple issues were addressed by updating to version 1.2.0.", "id": "CVE-2020-36330", "impact": "Multiple issues in libwebp", "links": [ "https://support.apple.com/en-us/HT212601" ], "module": "Measure", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "", "description": "Multiple issues were addressed by updating to version 1.2.0.", "id": "CVE-2020-36331", "impact": "Multiple issues in libwebp", "links": [ "https://support.apple.com/en-us/HT212601" ], "module": "Measure", "rsr": "", "update": "" }, { "available": [ "macOS Catalina", "macOS Mojave" ], "credit": "Dayton Pidhirney (@_watbulb)", "description": "The issue was addressed with improved permissions logic.", "id": "CVE-2020-3838", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT212326", "https://support.apple.com/en-us/HT212327" ], "module": "wifivelocityd", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Windows 10 and later", "Windows 10 and later via the Microsoft Store", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina and macOS Mojave" ], "credit": "Megan2013678", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2020-7463", "impact": "A remote attacker may be able to cause unexpected system termination or corrupt kernel memory", "links": [ "https://support.apple.com/en-us/HT212317", "https://support.apple.com/en-us/HT212318", "https://support.apple.com/en-us/HT212319", "https://support.apple.com/en-us/HT212321", "https://support.apple.com/en-us/HT212323", "https://support.apple.com/en-us/HT212324", "https://support.apple.com/en-us/HT212325" ], "module": "WebRTC", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "an anonymous researcher", "description": "This issue was addressed with improved checks.", "id": "CVE-2020-8037", "impact": "A remote attacker may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT212325", "https://support.apple.com/en-us/HT212326", "https://support.apple.com/en-us/HT212327" ], "module": "tcpdump", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina" ], "credit": "Marian Rehak", "description": "This issue was addressed with improved checks.", "id": "CVE-2020-8284", "impact": "A malicious server may be able to disclose active services", "links": [ "https://support.apple.com/en-us/HT212325", "https://support.apple.com/en-us/HT212326", "https://support.apple.com/en-us/HT212327" ], "module": "curl", "rsr": "", "update": "May 6, 2021" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "xnynx", "description": "A buffer overflow was addressed with improved input validation.", "id": "CVE-2020-8285", "impact": "A remote attacker may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT212325", "https://support.apple.com/en-us/HT212326", "https://support.apple.com/en-us/HT212327" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "an anonymous researcher", "description": "This issue was addressed with improved checks.", "id": "CVE-2020-8286", "impact": "An attacker may provide a fraudulent OCSP response that would appear valid", "links": [ "https://support.apple.com/en-us/HT212325", "https://support.apple.com/en-us/HT212326", "https://support.apple.com/en-us/HT212327" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)" ], "credit": "Wojciech Regu\u0142a (@_r3ggi)", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2020-9846", "impact": "A malicious application may be able to access local users' Apple IDs", "links": [ "https://support.apple.com//en-us/103236" ], "module": "Directory Utility", "rsr": "", "update": "March 31, 2022" }, { "available": [ "macOS Catalina 10.15.7, macOS Big Sur 11.0.1" ], "credit": "Xingwei Lin of Ant Security Light-Year Lab", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2021-1736", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212147" ], "module": "ImageIO", "rsr": "", "update": "March 16, 2021" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur 11.0.1 and macOS Catalina 10.15.7" ], "credit": "Xingwei Lin of Ant Security Light-Year Lab", "description": "An out-of-bounds write was addressed with improved input validation.", "id": "CVE-2021-1737", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212146", "https://support.apple.com/en-us/HT212147" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur 11.0.1 and macOS Catalina 10.15.7" ], "credit": "Lei Sun", "description": "An out-of-bounds write was addressed with improved input validation.", "id": "CVE-2021-1738", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212146", "https://support.apple.com/en-us/HT212147" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com)", "description": "A parsing issue in the handling of directory paths was addressed with improved path validation.", "id": "CVE-2021-1739", "impact": "A local user may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/HT212317", "https://support.apple.com/en-us/HT212323", "https://support.apple.com/en-us/HT212324", "https://support.apple.com/en-us/HT212325", "https://support.apple.com/en-us/HT212326", "https://support.apple.com/en-us/HT212327" ], "module": "Preferences", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina" ], "credit": "Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com)", "description": "A parsing issue in the handling of directory paths was addressed with improved path validation.", "id": "CVE-2021-1740", "impact": "A local user may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/HT212317", "https://support.apple.com/en-us/HT212323", "https://support.apple.com/en-us/HT212324", "https://support.apple.com/en-us/HT212325", "https://support.apple.com/en-us/HT212326" ], "module": "Preferences", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur 11.0.1" ], "credit": "Xingwei Lin of Ant Security Light-Year Lab", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2021-1741", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212146", "https://support.apple.com/en-us/HT212147", "https://support.apple.com/en-us/HT212148", "https://support.apple.com/en-us/HT212149" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Catalina 10.15.7, macOS Big Sur 11.0.1" ], "credit": "Xingwei Lin of Ant Security Light-Year Lab", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-1742", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212146", "https://support.apple.com/en-us/HT212147", "https://support.apple.com/en-us/HT212148", "https://support.apple.com/en-us/HT212149" ], "module": "ImageIO", "rsr": "", "update": "March 16, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur 11.0.1" ], "credit": "Mickey Jin & Junzhi Lu of Trend Micro working with Trend Micro\u2019s Zero Day Initiative, Xingwei Lin of Ant Security Light-Year Lab", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2021-1743", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212146", "https://support.apple.com/en-us/HT212147", "https://support.apple.com/en-us/HT212148", "https://support.apple.com/en-us/HT212149" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur 11.0.1 and macOS Catalina 10.15.7" ], "credit": "Xingwei Lin of Ant Security Light-Year Lab", "description": "An out-of-bounds write was addressed with improved input validation.", "id": "CVE-2021-1744", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212146", "https://support.apple.com/en-us/HT212147", "https://support.apple.com/en-us/HT212148", "https://support.apple.com/en-us/HT212149" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and macOS Mojave 10.14.6" ], "credit": "Mickey Jin & Junzhi Lu of Trend Micro working with Trend Micro\u2019s Zero Day Initiative", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2021-1745", "impact": "Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212146", "https://support.apple.com/en-us/HT212147" ], "module": "Model I/O", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Catalina 10.15.7, macOS Big Sur 11.0.1" ], "credit": "Jeonghoon Shin(@singi21a) of THEORI, Mickey Jin & Qi Sun of Trend Micro working with Trend Micro\u2019s Zero Day Initiative, Xingwei Lin of Ant Security Light-Year Lab", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-1746", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212146", "https://support.apple.com/en-us/HT212147", "https://support.apple.com/en-us/HT212148", "https://support.apple.com/en-us/HT212149" ], "module": "ImageIO", "rsr": "", "update": "March 16, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur 11.0.1" ], "credit": "JunDong Xie of Ant Security Light-Year Lab", "description": "An out-of-bounds write was addressed with improved input validation.", "id": "CVE-2021-1747", "impact": "Processing maliciously crafted web content may lead to code execution", "links": [ "https://support.apple.com/en-us/HT212146", "https://support.apple.com/en-us/HT212147", "https://support.apple.com/en-us/HT212148", "https://support.apple.com/en-us/HT212149" ], "module": "CoreAudio", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "CodeColorist working with Ant Security Light-Year Labs", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2021-1748", "impact": "Processing a maliciously crafted URL may lead to arbitrary javascript code execution", "links": [ "https://support.apple.com/en-us/HT212146", "https://support.apple.com/en-us/HT212148", "https://support.apple.com/en-us/HT212149" ], "module": "iTunes Store", "rsr": "", "update": "February 1, 2021, updated May 28, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and macOS Mojave 10.14.6" ], "credit": "@0xalsr", "description": "Multiple issues were addressed with improved logic.", "id": "CVE-2021-1750", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT212146", "https://support.apple.com/en-us/HT212147", "https://support.apple.com/en-us/HT212148", "https://support.apple.com/en-us/HT212149" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and macOS Mojave 10.14.6" ], "credit": "Mikko Kentt\u00e4l\u00e4 (@Turmio_) of SensorFu", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2021-1751", "impact": "Mounting a maliciously crafted Samba network share may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212147" ], "module": "NetFSFramework", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and macOS Mojave 10.14.6" ], "credit": "Mickey Jin of Trend Micro working with Trend Micro\u2019s Zero Day Initiative", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2021-1753", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212146", "https://support.apple.com/en-us/HT212147" ], "module": "Model I/O", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Catalina 10.15.7, macOS Big Sur 11.0.1" ], "credit": "Xingwei Lin of Ant Security Light-Year Lab", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-1754", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212146", "https://support.apple.com/en-us/HT212147", "https://support.apple.com/en-us/HT212148", "https://support.apple.com/en-us/HT212149" ], "module": "ImageIO", "rsr": "", "update": "March 16, 2021" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Ryan Pickren (ryanpickren.com)", "description": "A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management.", "id": "CVE-2021-1756", "impact": "An attacker with physical access to a device may be able to see private contact information", "links": [ "https://support.apple.com/en-us/HT212146" ], "module": "Phone Keypad", "rsr": "", "update": "February 1, 2021, updated May 28, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur 11.0.1" ], "credit": "Pan ZhenPeng (@Peterpan0927) of Alibaba Security, Proteas", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2021-1757", "impact": "A local attacker may be able to elevate their privileges", "links": [ "https://support.apple.com/en-us/HT212146", "https://support.apple.com/en-us/HT212147", "https://support.apple.com/en-us/HT212148", "https://support.apple.com/en-us/HT212149" ], "module": "IOSkywalkFamily", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur 11.0.1 and macOS Catalina 10.15.7" ], "credit": "Peter Nguyen of STAR Labs", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2021-1758", "impact": "A remote attacker may be able to cause arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212146", "https://support.apple.com/en-us/HT212147", "https://support.apple.com/en-us/HT212148", "https://support.apple.com/en-us/HT212149" ], "module": "FontParser", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur 11.0.1" ], "credit": "Hou JingYi (@hjy79425575) of Qihoo 360 CERT", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2021-1759", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212146", "https://support.apple.com/en-us/HT212147", "https://support.apple.com/en-us/HT212149" ], "module": "CoreMedia", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur 11.0.1" ], "credit": "@S0rryMybad of 360 Vulcan Team", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2021-1760", "impact": "A malicious application could execute arbitrary code leading to compromise of user information", "links": [ "https://support.apple.com/en-us/HT212146", "https://support.apple.com/en-us/HT212147", "https://support.apple.com/en-us/HT212148", "https://support.apple.com/en-us/HT212149" ], "module": "CoreAnimation", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and macOS Mojave 10.14.6", "macOS Catalina 10.15.7" ], "credit": "Cees Elzinga", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-1761", "impact": "A remote attacker may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT212146", "https://support.apple.com/en-us/HT212147", "https://support.apple.com/en-us/HT212148", "https://support.apple.com/en-us/HT212149" ], "module": "Analytics", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur 11.0.1" ], "credit": "Mickey Jin of Trend Micro working with Trend Micro\u2019s Zero Day Initiative", "description": "An out-of-bounds write was addressed with improved input validation.", "id": "CVE-2021-1762", "impact": "Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212146", "https://support.apple.com/en-us/HT212147" ], "module": "Model I/O", "rsr": "", "update": "March 16, 2021" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and macOS Mojave 10.14.6" ], "credit": "Mickey Jin of Trend Micro working with Trend Micro\u2019s Zero Day Initiative", "description": "A buffer overflow was addressed with improved bounds checking.", "id": "CVE-2021-1763", "impact": "Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212146", "https://support.apple.com/en-us/HT212147" ], "module": "Model I/O", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur 11.0.1" ], "credit": "@m00nbsd", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2021-1764", "impact": "A remote attacker may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT212146", "https://support.apple.com/en-us/HT212147", "https://support.apple.com/en-us/HT212148", "https://support.apple.com/en-us/HT212149" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur 11.0.1" ], "credit": "Eliya Stein of Confiant", "description": "This issue was addressed with improved iframe sandbox enforcement.", "id": "CVE-2021-1765", "impact": "Maliciously crafted web content may violate iframe sandboxing policy", "links": [ "https://support.apple.com/en-us/HT212147" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave 10.14.6, macOS Catalina 10.15.7, macOS Big Sur 11.0.1" ], "credit": "Danny Rosseau of Carve Systems", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-1766", "impact": "Processing a maliciously crafted image may lead to a denial of service", "links": [ "https://support.apple.com/en-us/HT212146", "https://support.apple.com/en-us/HT212147", "https://support.apple.com/en-us/HT212148", "https://support.apple.com/en-us/HT212149" ], "module": "ImageIO", "rsr": "", "update": "March 16, 2021" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and macOS Mojave 10.14.6" ], "credit": "Mickey Jin & Junzhi Lu of Trend Micro working with Trend Micro\u2019s Zero Day Initiative", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-1767", "impact": "Processing a maliciously crafted image may lead to heap corruption", "links": [ "https://support.apple.com/en-us/HT212146", "https://support.apple.com/en-us/HT212147" ], "module": "Model I/O", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and macOS Mojave 10.14.6" ], "credit": "Mickey Jin & Junzhi Lu of Trend Micro working with Trend Micro\u2019s Zero Day Initiative", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2021-1768", "impact": "Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212146", "https://support.apple.com/en-us/HT212147" ], "module": "Model I/O", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur 11.0.1" ], "credit": "CodeColorist of Ant-Financial Light-Year Labs", "description": "A logic issue was addressed with improved validation.", "id": "CVE-2021-1769", "impact": "A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication", "links": [ "https://support.apple.com/en-us/HT212146", "https://support.apple.com/en-us/HT212147", "https://support.apple.com/en-us/HT212148", "https://support.apple.com/en-us/HT212149" ], "module": "Swift", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur" ], "credit": "Jiska Classen (@naehrdine) of Secure Mobile Networking Lab, TU Darmstadt", "description": "A buffer overflow may result in arbitrary code execution.", "id": "CVE-2021-1770", "impact": "A logic issue was addressed with improved state management", "links": [ "https://support.apple.com/en-us/HT212317", "https://support.apple.com/en-us/HT212323", "https://support.apple.com/en-us/HT212324", "https://support.apple.com/en-us/HT212325" ], "module": "Wi-Fi", "rsr": "", "update": "July 21, 2021" }, { "available": [ "macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and macOS Mojave 10.14.6" ], "credit": "Shreyas Ranganatha (@strawsnoceans)", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-1771", "impact": "A user that is removed from an iMessage group could rejoin the group", "links": [ "https://support.apple.com/en-us/HT212147" ], "module": "Messages", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave 10.14.6, macOS Catalina 10.15.7, macOS Big Sur 11.0.1" ], "credit": "Mickey Jin (@patch1t) of Trend Micro working with Trend Micro\u2019s Zero Day Initiative", "description": "A stack overflow was addressed with improved input validation.", "id": "CVE-2021-1772", "impact": "Processing a maliciously crafted text file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212146", "https://support.apple.com/en-us/HT212147", "https://support.apple.com/en-us/HT212148", "https://support.apple.com/en-us/HT212149" ], "module": "CoreText", "rsr": "", "update": "March 16, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur 11.0.1" ], "credit": "Xingwei Lin of Ant Security Light-Year Lab", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2021-1773", "impact": "Processing a maliciously crafted image may lead to a denial of service", "links": [ "https://support.apple.com/en-us/HT212146", "https://support.apple.com/en-us/HT212147", "https://support.apple.com/en-us/HT212148", "https://support.apple.com/en-us/HT212149" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Catalina 10.15.7, macOS Big Sur 11.0.1" ], "credit": "Xingwei Lin of Ant Security Light-Year Lab", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-1774", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212146", "https://support.apple.com/en-us/HT212147", "https://support.apple.com/en-us/HT212148", "https://support.apple.com/en-us/HT212149" ], "module": "ImageIO", "rsr": "", "update": "March 16, 2021" }, { "available": [ "macOS Mojave 10.14.6" ], "credit": "Mickey Jin and Qi Sun of Trend Micro working with Trend Micro\u2019s Zero Day Initiative", "description": "This issue was addressed by removing the vulnerable code.", "id": "CVE-2021-1775", "impact": "Processing a maliciously crafted font may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212147" ], "module": "FontParser", "rsr": "", "update": "March 16, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave 10.14.6, macOS Catalina 10.15.7, macOS Big Sur 11.0.1" ], "credit": "Ivan Fratric of Google Project Zero", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2021-1776", "impact": "Processing a maliciously crafted font file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212146", "https://support.apple.com/en-us/HT212147", "https://support.apple.com/en-us/HT212148", "https://support.apple.com/en-us/HT212149" ], "module": "CoreGraphics", "rsr": "", "update": "March 16, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "macOS Catalina 10.15.7, macOS Big Sur 11.0.1" ], "credit": "Xingwei Lin of Ant Security Light-Year Lab", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-1777", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212147", "https://support.apple.com/en-us/HT212148", "https://support.apple.com/en-us/HT212149" ], "module": "ImageIO", "rsr": "", "update": "March 16, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur 11.0.1" ], "credit": "Xingwei Lin of Ant Security Light-Year Lab", "description": "An out-of-bounds read issue existed in the curl. This issue was addressed with improved bounds checking.", "id": "CVE-2021-1778", "impact": "Processing a maliciously crafted image may lead to a denial of service", "links": [ "https://support.apple.com/en-us/HT212146", "https://support.apple.com/en-us/HT212147", "https://support.apple.com/en-us/HT212148", "https://support.apple.com/en-us/HT212149" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur 11.0.1" ], "credit": "Csaba Fitzl (@theevilbit) of Offensive Security", "description": "A logic error in kext loading was addressed with improved state handling.", "id": "CVE-2021-1779", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT212147" ], "module": "IOKit", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Jianjun Dai of 360 Alpha Lab", "description": "A memory initialization issue was addressed with improved memory handling.", "id": "CVE-2021-1780", "impact": "An attacker in a privileged position may be able to perform a denial of service attack", "links": [ "https://support.apple.com/en-us/HT212146" ], "module": "Bluetooth", "rsr": "", "update": "February 1, 2021, updated May 28, 2021" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur 11.0.1" ], "credit": "Csaba Fitzl (@theevilbit) of Offensive Security", "description": "A privacy issue existed in the handling of Contact cards. This was addressed with improved state management.", "id": "CVE-2021-1781", "impact": "A malicious application may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT212146", "https://support.apple.com/en-us/HT212147" ], "module": "Messages", "rsr": "", "update": "March 16, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and macOS Mojave 10.14.6" ], "credit": "an anonymous researcher", "description": "A race condition was addressed with improved locking.", "id": "CVE-2021-1782", "impact": "A malicious application may be able to elevate privileges. Apple is aware of a report that this issue may have been actively exploited.", "links": [ "https://support.apple.com/en-us/HT212146", "https://support.apple.com/en-us/HT212147", "https://support.apple.com/en-us/HT212148", "https://support.apple.com/en-us/HT212149" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur 11.0.1" ], "credit": "Xingwei Lin of Ant Security Light-Year Lab", "description": "An access issue was addressed with improved memory management.", "id": "CVE-2021-1783", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212146", "https://support.apple.com/en-us/HT212147", "https://support.apple.com/en-us/HT212148", "https://support.apple.com/en-us/HT212149" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Mikko Kentt\u00e4l\u00e4 (@Turmio_) of SensorFu, Csaba Fitzl (@theevilbit) of Offensive Security, and an anonymous researcher", "description": "A permissions issue existed in DiskArbitration. This was addressed with additional ownership checks.", "id": "CVE-2021-1784", "impact": "A malicious application may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/HT212325", "https://support.apple.com/en-us/HT212326", "https://support.apple.com/en-us/HT212327" ], "module": "DiskArbitration", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Catalina 10.15.7, macOS Big Sur 11.0.1" ], "credit": "Xingwei Lin of Ant Security Light-Year Lab", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2021-1785", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212146", "https://support.apple.com/en-us/HT212147", "https://support.apple.com/en-us/HT212148", "https://support.apple.com/en-us/HT212149" ], "module": "ImageIO", "rsr": "", "update": "March 16, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and macOS Mojave 10.14.6" ], "credit": "Csaba Fitzl (@theevilbit) of Offensive Security", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2021-1786", "impact": "A local user may be able to create or modify system files", "links": [ "https://support.apple.com/en-us/HT212146", "https://support.apple.com/en-us/HT212147", "https://support.apple.com/en-us/HT212148", "https://support.apple.com/en-us/HT212149" ], "module": "Crash Reporter", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and macOS Mojave 10.14.6" ], "credit": "James Hutchins", "description": "Multiple issues were addressed with improved logic.", "id": "CVE-2021-1787", "impact": "A local attacker may be able to elevate their privileges", "links": [ "https://support.apple.com/en-us/HT212146", "https://support.apple.com/en-us/HT212147", "https://support.apple.com/en-us/HT212148", "https://support.apple.com/en-us/HT212149" ], "module": "Crash Reporter", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur 11.0.1", "macOS Catalina and macOS Mojave" ], "credit": "Francisco Alonso (@revskills)", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2021-1788", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212146", "https://support.apple.com/en-us/HT212147", "https://support.apple.com/en-us/HT212148", "https://support.apple.com/en-us/HT212149", "https://support.apple.com/en-us/HT212152" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur 11.0.1", "macOS Catalina and macOS Mojave" ], "credit": "@S0rryMybad of 360 Vulcan Team", "description": "A type confusion issue was addressed with improved state handling.", "id": "CVE-2021-1789", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212146", "https://support.apple.com/en-us/HT212147", "https://support.apple.com/en-us/HT212148", "https://support.apple.com/en-us/HT212149", "https://support.apple.com/en-us/HT212152" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Catalina 10.15.7" ], "credit": "Peter Nguyen Vu Hoang of STAR Labs", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2021-1790", "impact": "Processing a maliciously crafted font may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212147" ], "module": "FontParser", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur 11.0.1" ], "credit": "Junzhi Lu (@pwn0rz), Qi Sun & Mickey Jin of Trend Micro working with Trend Micro\u2019s Zero Day Initiative", "description": "An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation.", "id": "CVE-2021-1791", "impact": "A malicious application may be able to disclose kernel memory", "links": [ "https://support.apple.com/en-us/HT212146", "https://support.apple.com/en-us/HT212147", "https://support.apple.com/en-us/HT212148", "https://support.apple.com/en-us/HT212149" ], "module": "FairPlay", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Mojave 10.14.6, macOS Catalina 10.15.7, macOS Big Sur 11.0.1" ], "credit": "Mickey Jin & Junzhi Lu of Trend Micro working with Trend Micro\u2019s Zero Day Initiative", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2021-1792", "impact": "A remote attacker may be able to cause arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212146", "https://support.apple.com/en-us/HT212147", "https://support.apple.com/en-us/HT212148", "https://support.apple.com/en-us/HT212149" ], "module": "CoreText", "rsr": "", "update": "March 16, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Catalina 10.15.7, macOS Big Sur 11.0.1" ], "credit": "Xingwei Lin of Ant Security Light-Year Lab", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-1793", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212146", "https://support.apple.com/en-us/HT212147", "https://support.apple.com/en-us/HT212148", "https://support.apple.com/en-us/HT212149" ], "module": "ImageIO", "rsr": "", "update": "March 16, 2021" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Jianjun Dai of 360 Alpha Lab", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2021-1794", "impact": "A remote attacker may be able to cause arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212146" ], "module": "Bluetooth", "rsr": "", "update": "February 1, 2021, updated May 28, 2021" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Jianjun Dai of 360 Alpha Lab", "description": "An out-of-bounds write was addressed with improved input validation.", "id": "CVE-2021-1795", "impact": "A remote attacker may be able to cause arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212146" ], "module": "Bluetooth", "rsr": "", "update": "February 1, 2021, updated May 28, 2021" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Jianjun Dai of 360 Alpha Lab", "description": "An out-of-bounds write was addressed with improved input validation.", "id": "CVE-2021-1796", "impact": "A remote attacker may be able to cause arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212146" ], "module": "Bluetooth", "rsr": "", "update": "February 1, 2021, updated May 28, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur 11.0.1", "macOS Catalina", "macOS Mojave" ], "credit": "Thomas Tempelmann", "description": "The issue was addressed with improved permissions logic.", "id": "CVE-2021-1797", "impact": "A local user may be able to read arbitrary files", "links": [ "https://support.apple.com/en-us/HT212146", "https://support.apple.com/en-us/HT212147", "https://support.apple.com/en-us/HT212148", "https://support.apple.com/en-us/HT212149", "https://support.apple.com/en-us/HT212326", "https://support.apple.com/en-us/HT212327" ], "module": "APFS", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models) iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur 11.0.1", "macOS Catalina and macOS Mojave" ], "credit": "Gregory Vishnepolsky & Ben Seri of Armis Security, and Samy Kamkar", "description": "A port redirection issue was addressed with additional port validation.", "id": "CVE-2021-1799", "impact": "A malicious website may be able to access restricted ports on arbitrary servers", "links": [ "https://support.apple.com/en-us/HT212146", "https://support.apple.com/en-us/HT212147", "https://support.apple.com/en-us/HT212148", "https://support.apple.com/en-us/HT212149", "https://support.apple.com/en-us/HT212152" ], "module": "WebRTC", "rsr": "", "update": "" }, { "available": [ "macOS Catalina 10.15.4 and later" ], "credit": "Theodore Dubois (@tblodt)", "description": "A path handling issue was addressed with improved validation.", "id": "CVE-2021-1800", "impact": "A malicious application may be able to access arbitrary files on the host device while running an app that uses on-demand resources with Xcode", "links": [ "https://support.apple.com/en-us/HT212153" ], "module": "Xcode IDE", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur 11.0.1" ], "credit": "Eliya Stein of Confiant", "description": "This issue was addressed with improved iframe sandbox enforcement.", "id": "CVE-2021-1801", "impact": "Maliciously crafted web content may violate iframe sandboxing policy", "links": [ "https://support.apple.com/en-us/HT212146", "https://support.apple.com/en-us/HT212147", "https://support.apple.com/en-us/HT212148", "https://support.apple.com/en-us/HT212149" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Catalina 10.15.7" ], "credit": "Zhongcheng Li (@CK01) of WPS Security Response Center", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2021-1802", "impact": "A local attacker may be able to elevate their privileges", "links": [ "https://support.apple.com/en-us/HT212147" ], "module": "Endpoint Security", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur 11.2, macOS Catalina 10.15.7", "macOS Mojave" ], "credit": "ABC Research s.r.o. working with Trend Micro Zero Day Initiative", "description": "An out-of-bounds write was addressed with improved input validation.", "id": "CVE-2021-1805", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT212177", "https://support.apple.com/en-us/HT212327" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur 11.2, macOS Catalina 10.15.7", "macOS Mojave" ], "credit": "ABC Research s.r.o. working with Trend Micro Zero Day Initiative", "description": "A race condition was addressed with additional validation.", "id": "CVE-2021-1806", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT212177", "https://support.apple.com/en-us/HT212327" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "David Sch\u00fctz (@xdavidhu)", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2021-1807", "impact": "A local user may be able to write arbitrary files", "links": [ "https://support.apple.com/en-us/HT212317", "https://support.apple.com/en-us/HT212324" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "JunDong Xie of Ant Security Light-Year Lab", "description": "A memory corruption issue was addressed with improved validation.", "id": "CVE-2021-1808", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT212317", "https://support.apple.com/en-us/HT212323", "https://support.apple.com/en-us/HT212324", "https://support.apple.com/en-us/HT212325", "https://support.apple.com/en-us/HT212326", "https://support.apple.com/en-us/HT212327" ], "module": "Audio", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "JunDong Xie of Ant Security Light-Year Lab", "description": "A memory corruption issue was addressed with improved validation.", "id": "CVE-2021-1809", "impact": "A malicious application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT212317", "https://support.apple.com/en-us/HT212323", "https://support.apple.com/en-us/HT212324", "https://support.apple.com/en-us/HT212325", "https://support.apple.com/en-us/HT212326", "https://support.apple.com/en-us/HT212327" ], "module": "CoreAudio", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina" ], "credit": "Rasmus Sten (@pajp) of F-Secure", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2021-1810", "impact": "A malicious application may bypass Gatekeeper checks", "links": [ "https://support.apple.com/en-us/HT212325", "https://support.apple.com/en-us/HT212326" ], "module": "Archive Utility", "rsr": "", "update": "April 27, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Windows 10 and later", "Windows 10 and later via the Microsoft Store", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Xingwei Lin of Ant Security Light-Year Lab", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2021-1811", "impact": "Processing a maliciously crafted font may result in the disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT212317", "https://support.apple.com/en-us/HT212319", "https://support.apple.com/en-us/HT212321", "https://support.apple.com/en-us/HT212323", "https://support.apple.com/en-us/HT212324", "https://support.apple.com/en-us/HT212325", "https://support.apple.com/en-us/HT212326", "https://support.apple.com/en-us/HT212327" ], "module": "CoreText", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Siddharth Aeri (@b1n4r1b01)", "description": "A logic issue was addressed with improved validation.", "id": "CVE-2021-1812", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT212317" ], "module": "Core Motion", "rsr": "", "update": "May 28, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Cees Elzinga", "description": "A validation issue was addressed with improved logic.", "id": "CVE-2021-1813", "impact": "A malicious application may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/HT212317", "https://support.apple.com/en-us/HT212323", "https://support.apple.com/en-us/HT212324", "https://support.apple.com/en-us/HT212325", "https://support.apple.com/en-us/HT212326", "https://support.apple.com/en-us/HT212327" ], "module": "Foundation", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 3 and later", "macOS Big Sur" ], "credit": "Ye Zhang of Baidu Security, Mickey Jin & Qi Sun of Trend Micro, and Xingwei Lin of Ant Security Light-Year Lab", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-1814", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212324", "https://support.apple.com/en-us/HT212325" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur" ], "credit": "Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com)", "description": "A parsing issue in the handling of directory paths was addressed with improved path validation.", "id": "CVE-2021-1815", "impact": "A local user may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/HT212317", "https://support.apple.com/en-us/HT212323", "https://support.apple.com/en-us/HT212324", "https://support.apple.com/en-us/HT212325" ], "module": "Preferences", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Tielei Wang of Pangu Lab", "description": "A buffer overflow was addressed with improved bounds checking.", "id": "CVE-2021-1816", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT212317", "https://support.apple.com/en-us/HT212323", "https://support.apple.com/en-us/HT212324" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur" ], "credit": "zhunki", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2021-1817", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212317", "https://support.apple.com/en-us/HT212323", "https://support.apple.com/en-us/HT212324", "https://support.apple.com/en-us/HT212325" ], "module": "WebKit", "rsr": "", "update": "May 6, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Catalina 10.15.7, macOS Big Sur 11.0.1" ], "credit": "Xingwei Lin of Ant-Financial Light-Year Security Lab", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2021-1818", "impact": "A remote attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212146", "https://support.apple.com/en-us/HT212147", "https://support.apple.com/en-us/HT212148", "https://support.apple.com/en-us/HT212149" ], "module": "ImageIO", "rsr": "", "update": "March 16, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur" ], "credit": "Andr\u00e9 Bargull", "description": "A memory initialization issue was addressed with improved memory handling.", "id": "CVE-2021-1820", "impact": "Processing maliciously crafted web content may result in the disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT212317", "https://support.apple.com/en-us/HT212323", "https://support.apple.com/en-us/HT212324", "https://support.apple.com/en-us/HT212325" ], "module": "WebKit", "rsr": "", "update": "May 6, 2021" }, { "available": [ "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur" ], "credit": "Georgi Valkov (httpstorm.com)", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2021-1821", "impact": "Visiting a maliciously crafted webpage may lead to a system denial of service", "links": [ "https://support.apple.com/en-us/HT212528", "https://support.apple.com/en-us/HT212602", "https://support.apple.com/en-us/HT212605" ], "module": "Networking", "rsr": "", "update": "October 25, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Bruno Virlet of The Grizzly Labs", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2021-1822", "impact": "A local user may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/HT212317", "https://support.apple.com/en-us/HT212323", "https://support.apple.com/en-us/HT212324" ], "module": "MobileInstallation", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina" ], "credit": "Wojciech Regu\u0142a (@_r3ggi) of SecuRing", "description": "This issue was addressed with improved entitlements.", "id": "CVE-2021-1824", "impact": "A malicious application with root privileges may be able to access private information", "links": [ "https://support.apple.com/en-us/HT212325", "https://support.apple.com/en-us/HT212326" ], "module": "Login Window", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Windows 10 and later", "Windows 10 and later via the Microsoft Store", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina and macOS Mojave" ], "credit": "Alex Camboe of Aon\u2019s Cyber Solutions", "description": "An input validation issue was addressed with improved input validation.", "id": "CVE-2021-1825", "impact": "Processing maliciously crafted web content may lead to a cross site scripting attack", "links": [ "https://support.apple.com/en-us/HT212317", "https://support.apple.com/en-us/HT212318", "https://support.apple.com/en-us/HT212319", "https://support.apple.com/en-us/HT212321", "https://support.apple.com/en-us/HT212323", "https://support.apple.com/en-us/HT212324", "https://support.apple.com/en-us/HT212325" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur" ], "credit": "an anonymous researcher", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2021-1826", "impact": "Processing maliciously crafted web content may lead to universal cross site scripting", "links": [ "https://support.apple.com/en-us/HT212317", "https://support.apple.com/en-us/HT212323", "https://support.apple.com/en-us/HT212324", "https://support.apple.com/en-us/HT212325" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Zuozhi Fan (@pattern_F_) of Ant Group Tianqiong Security Lab", "description": "A memory corruption issue was addressed with improved validation.", "id": "CVE-2021-1828", "impact": "An application may be able to cause unexpected system termination or write kernel memory", "links": [ "https://support.apple.com/en-us/HT212325", "https://support.apple.com/en-us/HT212326", "https://support.apple.com/en-us/HT212327" ], "module": "Wi-Fi", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur" ], "credit": "Tielei Wang of Pangu Lab", "description": "A type confusion issue was addressed with improved state handling.", "id": "CVE-2021-1829", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT212325" ], "module": "Wi-Fi", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Tielei Wang of Pangu Lab", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2021-1830", "impact": "A local user may be able to read kernel memory", "links": [ "https://support.apple.com/en-us/HT212317" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Bouke van der Bijl", "description": "The issue was addressed with improved permissions logic.", "id": "CVE-2021-1831", "impact": "An application may allow shortcuts to access restricted files", "links": [ "https://support.apple.com/en-us/HT212317" ], "module": "Shortcuts", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina" ], "credit": "an anonymous researcher", "description": "The issue was addressed with improved permissions logic.", "id": "CVE-2021-1832", "impact": "Copied files may not have the expected file permissions", "links": [ "https://support.apple.com/en-us/HT212317", "https://support.apple.com/en-us/HT212323", "https://support.apple.com/en-us/HT212324", "https://support.apple.com/en-us/HT212325", "https://support.apple.com/en-us/HT212326" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Cees Elzinga", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-1833", "impact": "An application may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT212317" ], "module": "MobileAccessoryUpdater", "rsr": "", "update": "May 28, 2021" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "ABC Research s.r.o. working with Trend Micro Zero Day Initiative", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2021-1834", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT212325", "https://support.apple.com/en-us/HT212326", "https://support.apple.com/en-us/HT212327" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "videosdebarraquito", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-1835", "impact": "A person with physical access to an iOS device may be able to access notes from the lock screen", "links": [ "https://support.apple.com/en-us/HT212317" ], "module": "Accessibility", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "an anonymous researcher", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2021-1836", "impact": "A local user may be able to create or modify privileged files", "links": [ "https://support.apple.com/en-us/HT212317", "https://support.apple.com/en-us/HT212323" ], "module": "Assets", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Aapo Oksman of Nixu Cybersecurity", "description": "A certificate validation issue was addressed.", "id": "CVE-2021-1837", "impact": "An attacker in a privileged network position may be able to alter network traffic", "links": [ "https://support.apple.com/en-us/HT212317" ], "module": "App Store", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Mickey Jin & Qi Sun of Trend Micro working with Trend Micro's Zero Day Initiative", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-1838", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212146" ], "module": "ImageIO", "rsr": "", "update": "February 1, 2021, updated May 28, 2021" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Tim Michaud(@TimGMichaud) of Zoom Video Communications and Gary Nield of ECSC Group plc", "description": "The issue was addressed with improved permissions logic.", "id": "CVE-2021-1839", "impact": "A local attacker may be able to elevate their privileges", "links": [ "https://support.apple.com/en-us/HT212325", "https://support.apple.com/en-us/HT212326", "https://support.apple.com/en-us/HT212327" ], "module": "Time Machine", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Zuozhi Fan (@pattern_F_) of Ant Group Tianqiong Security Lab", "description": "A memory corruption issue was addressed with improved validation.", "id": "CVE-2021-1840", "impact": "A local attacker may be able to elevate their privileges", "links": [ "https://support.apple.com/en-us/HT212325", "https://support.apple.com/en-us/HT212326", "https://support.apple.com/en-us/HT212327" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina" ], "credit": "Jack Dates of RET2 Systems, Inc.", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2021-1841", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT212325", "https://support.apple.com/en-us/HT212326" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Ye Zhang of Baidu Security", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-1843", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212317", "https://support.apple.com/en-us/HT212323", "https://support.apple.com/en-us/HT212324", "https://support.apple.com/en-us/HT212325", "https://support.apple.com/en-us/HT212326", "https://support.apple.com/en-us/HT212327" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina and macOS Mojave" ], "credit": "Cl\u00e9ment Lecigne of Google\u2019s Threat Analysis Group, Alison Huffman of Microsoft Browser Vulnerability Research", "description": "A memory corruption issue was addressed with improved validation.", "id": "CVE-2021-1844", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212220", "https://support.apple.com/en-us/HT212221", "https://support.apple.com/en-us/HT212222", "https://support.apple.com/en-us/HT212223", "https://support.apple.com/en-us/HT212323" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina" ], "credit": "JunDong Xie of Ant Security Light-Year Lab", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2021-1846", "impact": "Processing a maliciously crafted audio file may disclose restricted memory", "links": [ "https://support.apple.com/en-us/HT212317", "https://support.apple.com/en-us/HT212323", "https://support.apple.com/en-us/HT212324", "https://support.apple.com/en-us/HT212325", "https://support.apple.com/en-us/HT212326" ], "module": "CoreAudio", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Xuwei Liu of Purdue University", "description": "A memory corruption issue was addressed with improved validation.", "id": "CVE-2021-1847", "impact": "Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212325", "https://support.apple.com/en-us/HT212326", "https://support.apple.com/en-us/HT212327" ], "module": "CoreGraphics", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Bradley D\u2019Amato of ActionIQ", "description": "The issue was addressed with improved UI handling.", "id": "CVE-2021-1848", "impact": "A local user may be able to view sensitive information in the app switcher", "links": [ "https://support.apple.com/en-us/HT212317" ], "module": "Wallet", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur" ], "credit": "Siguza", "description": "An issue in code signature validation was addressed with improved checks.", "id": "CVE-2021-1849", "impact": "A malicious application may be able to bypass Privacy preferences", "links": [ "https://support.apple.com/en-us/HT212317", "https://support.apple.com/en-us/HT212323", "https://support.apple.com/en-us/HT212324", "https://support.apple.com/en-us/HT212325" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "@0xalsr", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2021-1851", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT212317", "https://support.apple.com/en-us/HT212323", "https://support.apple.com/en-us/HT212324", "https://support.apple.com/en-us/HT212325", "https://support.apple.com/en-us/HT212326", "https://support.apple.com/en-us/HT212327" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Zuozhi Fan (@pattern_F_) of Ant Group Tianqiong Security Lab", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2021-1852", "impact": "A local user may be able to read kernel memory", "links": [ "https://support.apple.com/en-us/HT212317" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur" ], "credit": "Gary Nield of ECSC Group plc and Tim Michaud(@TimGMichaud) of Zoom Video Communications", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2021-1853", "impact": "A local attacker may be able to elevate their privileges", "links": [ "https://support.apple.com/en-us/HT212325" ], "module": "APFS", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Steven Thorne of Cspire", "description": "A call termination issue with was addressed with improved logic.", "id": "CVE-2021-1854", "impact": "A legacy cellular network can automatically answer an incoming call when an ongoing call ends or drops.", "links": [ "https://support.apple.com/en-us/HT212317" ], "module": "Telephony", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur" ], "credit": "H\u00e5vard Mikkelsen Ottestad of HASMAC AS", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2021-1855", "impact": "A malicious website may be able to force unnecessary network connections to fetch its favicon", "links": [ "https://support.apple.com/en-us/HT212325" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Windows 10 and later", "Windows 10 and later via the Microsoft Store", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "an anonymous researcher", "description": "A memory initialization issue was addressed with improved memory handling.", "id": "CVE-2021-1857", "impact": "Processing maliciously crafted web content may disclose sensitive user information", "links": [ "https://support.apple.com/en-us/HT212317", "https://support.apple.com/en-us/HT212319", "https://support.apple.com/en-us/HT212321", "https://support.apple.com/en-us/HT212323", "https://support.apple.com/en-us/HT212324", "https://support.apple.com/en-us/HT212325", "https://support.apple.com/en-us/HT212326", "https://support.apple.com/en-us/HT212327" ], "module": "CFNetwork", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina" ], "credit": "Mickey Jin of Trend Micro", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2021-1858", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212317", "https://support.apple.com/en-us/HT212323", "https://support.apple.com/en-us/HT212324", "https://support.apple.com/en-us/HT212325", "https://support.apple.com/en-us/HT212326" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur" ], "credit": "Syed Ali Shuja (@SyedAliShuja) of Colour King Pvt. Ltd", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2021-1859", "impact": "Locked Notes content may have been unexpectedly unlocked", "links": [ "https://support.apple.com/en-us/HT212325" ], "module": "Notes", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "@0xalsr", "description": "A memory initialization issue was addressed with improved memory handling.", "id": "CVE-2021-1860", "impact": "A malicious application may be able to disclose kernel memory", "links": [ "https://support.apple.com/en-us/HT212317", "https://support.apple.com/en-us/HT212323", "https://support.apple.com/en-us/HT212324", "https://support.apple.com/en-us/HT212325", "https://support.apple.com/en-us/HT212326", "https://support.apple.com/en-us/HT212327" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur" ], "credit": "Konstantinos Solomos of University of Illinois at Chicago", "description": "An issue existed in determining cache occupancy. The issue was addressed through improved logic.", "id": "CVE-2021-1861", "impact": "A malicious website may be able to track users by setting state in a cache", "links": [ "https://support.apple.com/en-us/HT212325" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Anshraj Srivastava (@AnshrajSrivas14) of UKEF", "description": "A person with physical access may be able to access contacts.", "id": "CVE-2021-1862", "impact": "An issue with Siri search access to information was addressed with improved logic", "links": [ "https://support.apple.com/en-us/HT212317" ], "module": "Siri", "rsr": "", "update": "May 6, 2021, updated July 21, 2021" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "REFHAN OZGORUR", "description": "An issue existed with authenticating the action triggered by an NFC tag. The issue was addressed with improved action authentication.", "id": "CVE-2021-1863", "impact": "A person with physical access to an iOS device may be able to place phone calls to any phone number", "links": [ "https://support.apple.com/en-us/HT212317" ], "module": "Quick Response", "rsr": "", "update": "May 28, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "CodeColorist of Ant-Financial LightYear Labs", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2021-1864", "impact": "An attacker with JavaScript execution may be able to execute arbitrary code", "links": [ "https://support.apple.com/en-us/HT212317", "https://support.apple.com/en-us/HT212323", "https://support.apple.com/en-us/HT212324" ], "module": "iTunes Store", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Shibin B Shaji of UST", "description": "An issue obscuring passwords in screenshots was addressed with improved logic.", "id": "CVE-2021-1865", "impact": "A user's password may be visible onscreen", "links": [ "https://support.apple.com/en-us/HT212317" ], "module": "Password Manager", "rsr": "", "update": "" }, { "available": [ "iPhone 8 and later, iPad Pro (3rd generation) and later, and iPad Air (3rd generation) and later", "macOS Big Sur" ], "credit": "Zuozhi Fan (@pattern_F_) and Wish Wu(\u5434\u6f4d\u6d60) of Ant Group Tianqiong Security Lab", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2021-1867", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT212317", "https://support.apple.com/en-us/HT212325" ], "module": "Apple Neural Engine", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Tim Michaud of Zoom Communications", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2021-1868", "impact": "A local attacker may be able to elevate their privileges", "links": [ "https://support.apple.com/en-us/HT212317", "https://support.apple.com/en-us/HT212323", "https://support.apple.com/en-us/HT212324", "https://support.apple.com/en-us/HT212325", "https://support.apple.com/en-us/HT212326", "https://support.apple.com/en-us/HT212327" ], "module": "SampleAnalysis", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur 11.0.1" ], "credit": "an anonymous researcher", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2021-1870", "impact": "A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.", "links": [ "https://support.apple.com/en-us/HT212146", "https://support.apple.com/en-us/HT212147" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur 11.0.1" ], "credit": "an anonymous researcher", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2021-1871", "impact": "A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.", "links": [ "https://support.apple.com/en-us/HT212146", "https://support.apple.com/en-us/HT212147" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur" ], "credit": "Siraj Zaneer of Facebook", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2021-1872", "impact": "Muting a CallKit call while ringing may not result in mute being enabled", "links": [ "https://support.apple.com/en-us/HT212317", "https://support.apple.com/en-us/HT212324", "https://support.apple.com/en-us/HT212325" ], "module": "FaceTime", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "an anonymous researcher", "description": "An API issue in Accessibility TCC permissions was addressed with improved state management.", "id": "CVE-2021-1873", "impact": "A malicious application may be able to unexpectedly leak a user's credentials from secure text fields", "links": [ "https://support.apple.com/en-us/HT212325", "https://support.apple.com/en-us/HT212326", "https://support.apple.com/en-us/HT212327" ], "module": "WindowServer", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Zuozhi Fan (@pattern_F_) of Ant Group Tianqiong Security Lab", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2021-1874", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT212317" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Found by OSS-Fuzz", "description": "A double free issue was addressed with improved memory management.", "id": "CVE-2021-1875", "impact": "Processing a maliciously crafted file may lead to heap corruption", "links": [ "https://support.apple.com/en-us/HT212317", "https://support.apple.com/en-us/HT212323", "https://support.apple.com/en-us/HT212324", "https://support.apple.com/en-us/HT212325", "https://support.apple.com/en-us/HT212326", "https://support.apple.com/en-us/HT212327" ], "module": "libxslt", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Matthew Denton of Google Chrome", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2021-1876", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212325", "https://support.apple.com/en-us/HT212326", "https://support.apple.com/en-us/HT212327" ], "module": "NSRemoteView", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Zuozhi Fan (@pattern_F_) of Ant Group Tianqiong Security Lab", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2021-1877", "impact": "A local user may be able to read kernel memory", "links": [ "https://support.apple.com/en-us/HT212317" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Aleksandar Nikolic of Cisco Talos (talosintelligence.com)", "description": "An integer overflow was addressed with improved input validation.", "id": "CVE-2021-1878", "impact": "An attacker in a privileged network position may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT212325", "https://support.apple.com/en-us/HT212326", "https://support.apple.com/en-us/HT212327" ], "module": "smbx", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 3 and later", "iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Clement Lecigne of Google Threat Analysis Group and Billy Leonard of Google Threat Analysis Group", "description": "This issue was addressed by improved management of object lifetimes.", "id": "CVE-2021-1879", "impact": "Processing maliciously crafted web content may lead to universal cross site scripting. Apple is aware of a report that this issue may have been actively exploited.", "links": [ "https://support.apple.com/en-us/HT212256", "https://support.apple.com/en-us/HT212257", "https://support.apple.com/en-us/HT212258" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 3 and later", "macOS Big Sur" ], "credit": "Xingwei Lin of Ant Security Light-Year Lab", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-1880", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212324", "https://support.apple.com/en-us/HT212325" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "an anonymous researcher, Xingwei Lin of Ant Security Light-Year Lab, Mickey Jin of Trend Micro, and Hou JingYi (@hjy79425575) of Qihoo 360", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2021-1881", "impact": "Processing a maliciously crafted font file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212317", "https://support.apple.com/en-us/HT212323", "https://support.apple.com/en-us/HT212324", "https://support.apple.com/en-us/HT212325", "https://support.apple.com/en-us/HT212326", "https://support.apple.com/en-us/HT212327" ], "module": "FontParser", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina" ], "credit": "Gabe Kirkpatrick (@gabe_k)", "description": "A memory corruption issue was addressed with improved validation.", "id": "CVE-2021-1882", "impact": "An application may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT212317", "https://support.apple.com/en-us/HT212323", "https://support.apple.com/en-us/HT212324", "https://support.apple.com/en-us/HT212325", "https://support.apple.com/en-us/HT212326" ], "module": "Foundation", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Gabe Kirkpatrick (@gabe_k)", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-1883", "impact": "Processing maliciously crafted server messages may lead to heap corruption", "links": [ "https://support.apple.com/en-us/HT212317", "https://support.apple.com/en-us/HT212323", "https://support.apple.com/en-us/HT212324", "https://support.apple.com/en-us/HT212325", "https://support.apple.com/en-us/HT212530", "https://support.apple.com/en-us/HT212531" ], "module": "Heimdal", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Gabe Kirkpatrick (@gabe_k)", "description": "A race condition was addressed with improved locking.", "id": "CVE-2021-1884", "impact": "A remote attacker may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT212317", "https://support.apple.com/en-us/HT212323", "https://support.apple.com/en-us/HT212324", "https://support.apple.com/en-us/HT212325", "https://support.apple.com/en-us/HT212530", "https://support.apple.com/en-us/HT212531" ], "module": "Heimdal", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur" ], "credit": "CFF of Topsec Alpha Team", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2021-1885", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212317", "https://support.apple.com/en-us/HT212323", "https://support.apple.com/en-us/HT212324", "https://support.apple.com/en-us/HT212325" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur 11 and later" ], "credit": "an anonymous researcher", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-21300", "impact": "A remote attacker may be able to cause arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212320" ], "module": "Git", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina and macOS Mojave" ], "credit": "Marcin Towalski of Cisco Talos", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2021-21779", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212528", "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212532", "https://support.apple.com/en-us/HT212533", "https://support.apple.com/en-us/HT212534" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina" ], "credit": "Red Hat Product Security", "description": "A buffer overflow was addressed with improved input validation.", "id": "CVE-2021-22925", "impact": "curl could potentially reveal sensitive internal information to the server using a clear-text network protocol", "links": [ "https://support.apple.com//en-us/103147", "https://support.apple.com//en-us/103148" ], "module": "curl", "rsr": "", "update": "September 20, 2021, updated May 25, 2022" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina and macOS Mojave" ], "credit": "Tavis Ormandy of Google", "description": "A null pointer dereference was addressed with improved input validation.", "id": "CVE-2021-23841", "impact": "A remote attacker may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT212528", "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212534" ], "module": "WebRTC", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "James Hutchins", "description": "A race condition was addressed with additional validation.", "id": "CVE-2021-30652", "impact": "A malicious application may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/HT212317", "https://support.apple.com/en-us/HT212323", "https://support.apple.com/en-us/HT212324", "https://support.apple.com/en-us/HT212325", "https://support.apple.com/en-us/HT212326", "https://support.apple.com/en-us/HT212327" ], "module": "libxpc", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur" ], "credit": "Ye Zhang of Baidu Security", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-30653", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212317", "https://support.apple.com/en-us/HT212323", "https://support.apple.com/en-us/HT212324", "https://support.apple.com/en-us/HT212325" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur" ], "credit": "Wojciech Regu\u0142a (@_r3ggi) of SecuRing", "description": "This issue was addressed by removing additional entitlements.", "id": "CVE-2021-30654", "impact": "A local attacker may be able to read sensitive information", "links": [ "https://support.apple.com/en-us/HT212299" ], "module": "GarageBand", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina" ], "credit": "Gary Nield of ECSC Group plc and Tim Michaud(@TimGMichaud) of Zoom Video Communications and Wojciech Regu\u0142a (@_r3ggi) of SecuRing", "description": "The issue was addressed with improved permissions logic.", "id": "CVE-2021-30655", "impact": "An application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT212325", "https://support.apple.com/en-us/HT212326" ], "module": "Wi-Fi", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Justin Sherman of University of Maryland, Baltimore County", "description": "An access issue was addressed with improved memory management.", "id": "CVE-2021-30656", "impact": "A malicious application may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT212317" ], "module": "GPU Drivers", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina" ], "credit": "Cedric Owens (@cedowens)", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2021-30657", "impact": "A malicious application may bypass Gatekeeper checks. Apple is aware of a report that this issue may have been actively exploited.", "links": [ "https://support.apple.com/en-us/HT212325", "https://support.apple.com/en-us/HT212326" ], "module": "System Preferences", "rsr": "", "update": "April 27, 2021, updated April 30, 2021" }, { "available": [ "macOS Big Sur" ], "credit": "Wojciech Regu\u0142a (@_r3ggi) of SecuRing", "description": "This issue was addressed with improved handling of file metadata.", "id": "CVE-2021-30658", "impact": "A malicious application may bypass Gatekeeper checks", "links": [ "https://support.apple.com/en-us/HT212325" ], "module": "Installer", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur" ], "credit": "Thijs Alkemade of Computest", "description": "A validation issue was addressed with improved logic.", "id": "CVE-2021-30659", "impact": "A malicious application may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT212317", "https://support.apple.com/en-us/HT212324", "https://support.apple.com/en-us/HT212325" ], "module": "CoreFoundation", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur" ], "credit": "Alex Plaskett", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2021-30660", "impact": "A malicious application may be able to disclose kernel memory", "links": [ "https://support.apple.com/en-us/HT212317", "https://support.apple.com/en-us/HT212323", "https://support.apple.com/en-us/HT212324", "https://support.apple.com/en-us/HT212325" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina and macOS Mojave" ], "credit": "yangkang (@dnpushme)&zerokeeper&bianliang of 360 ATA", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2021-30661", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.", "links": [ "https://support.apple.com/en-us/HT212317", "https://support.apple.com/en-us/HT212318", "https://support.apple.com/en-us/HT212323", "https://support.apple.com/en-us/HT212324", "https://support.apple.com/en-us/HT212325", "https://support.apple.com/en-us/HT212341" ], "module": "WebKit Storage", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Anonymous working with Trend Micro Zero Day Initiative, Jzhu working with Trend Micro Zero Day Initiative", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-30662", "impact": "Processing a maliciously crafted file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212317" ], "module": "ImageIO", "rsr": "", "update": "July 21, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina and macOS Mojave" ], "credit": "an anonymous researcher", "description": "An integer overflow was addressed with improved input validation.", "id": "CVE-2021-30663", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212335", "https://support.apple.com/en-us/HT212336", "https://support.apple.com/en-us/HT212340", "https://support.apple.com/en-us/HT212341", "https://support.apple.com/en-us/HT212532", "https://support.apple.com/en-us/HT212534" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur" ], "credit": "JunDong Xie of Ant Security Light-Year Lab", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2021-30664", "impact": "Processing a maliciously crafted file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212317", "https://support.apple.com/en-us/HT212323", "https://support.apple.com/en-us/HT212324", "https://support.apple.com/en-us/HT212325" ], "module": "CoreAudio", "rsr": "", "update": "May 6, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina and macOS Mojave" ], "credit": "yangkang (@dnpushme)&zerokeeper&bianliang of 360 ATA", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2021-30665", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.", "links": [ "https://support.apple.com/en-us/HT212335", "https://support.apple.com/en-us/HT212336", "https://support.apple.com/en-us/HT212339", "https://support.apple.com/en-us/HT212340", "https://support.apple.com/en-us/HT212341", "https://support.apple.com/en-us/HT212532" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation)" ], "credit": "yangkang (@dnpushme)&zerokeeper&bianliang of 360 ATA", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2021-30666", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.", "links": [ "https://support.apple.com/en-us/HT212341" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Raul Siles of DinoSec (@dinosec)", "description": "A logic issue was addressed with improved validation.", "id": "CVE-2021-30667", "impact": "An attacker in WiFi range may be able to force a client to use a less secure authentication mechanism", "links": [ "https://support.apple.com/en-us/HT212528" ], "module": "Wi-Fi", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur" ], "credit": "Syrus Kimiagar and Danilo Paffi Monteiro", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-30668", "impact": "A person with physical access to a Mac may be able to bypass Login Window during a software update", "links": [ "https://support.apple.com/en-us/HT212529" ], "module": "Software Update", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Yair Hoffman", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2021-30669", "impact": "A malicious application may bypass Gatekeeper checks", "links": [ "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212530", "https://support.apple.com/en-us/HT212531" ], "module": "AppleScript", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina" ], "credit": "Ryan Bell (@iRyanBell)", "description": "A validation issue was addressed with improved logic.", "id": "CVE-2021-30671", "impact": "A malicious application may be able to send unauthorized Apple events to Finder", "links": [ "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212530" ], "module": "TCC", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "say2 of ENKI", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2021-30672", "impact": "A malicious application may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212600", "https://support.apple.com/en-us/HT212603" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina" ], "credit": "Josh Parnham (@joshparnham)", "description": "An access issue was addressed with improved access restrictions.", "id": "CVE-2021-30673", "impact": "A malicious application may be able to access a user's call history", "links": [ "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212530" ], "module": "Dock", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Siddharth Aeri (@b1n4r1b01)", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-30674", "impact": "A malicious application may disclose restricted memory", "links": [ "https://support.apple.com/en-us/HT212528" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Mac Pro (Late 2013 and later), MacBook Pro (Late 2013 and later), MacBook Air (Mid 2013 and later), Mac mini (Mid 2014 and later), iMac (Mid 2014 and later), MacBook (Early 2015 and later), iMac Pro (Late 2017)" ], "credit": "MJ0011 of Kunlun Lab", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2021-30675", "impact": "A malicious application may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/HT212517" ], "module": "Boot Camp", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "shrek_wzw", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2021-30676", "impact": "A local user may be able to cause unexpected system termination or read kernel memory", "links": [ "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212530", "https://support.apple.com/en-us/HT212531" ], "module": "AMD", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Ron Waisberg (@epsilan)", "description": "This issue was addressed with improved environment sanitization.", "id": "CVE-2021-30677", "impact": "A malicious application may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/HT212528", "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212532", "https://support.apple.com/en-us/HT212533", "https://support.apple.com/en-us/HT212600", "https://support.apple.com/en-us/HT212602", "https://support.apple.com/en-us/HT212603" ], "module": "LaunchServices", "rsr": "", "update": "October 25, 2021" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Yu Wang of Didi Research America", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2021-30678", "impact": "A remote attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212530", "https://support.apple.com/en-us/HT212531" ], "module": "AMD", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Gabe Kirkpatrick (@gabe_k)", "description": "This issue was addressed by removing the vulnerable code.", "id": "CVE-2021-30679", "impact": "An application may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212530", "https://support.apple.com/en-us/HT212531" ], "module": "NSOpenPanel", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur" ], "credit": "Csaba Fitzl (@theevilbit) of Offensive Security", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2021-30680", "impact": "A local user may be able to load unsigned kernel extensions", "links": [ "https://support.apple.com/en-us/HT212529" ], "module": "Kext Management", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Zhongcheng Li (CK01)", "description": "A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks.", "id": "CVE-2021-30681", "impact": "A malicious application may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/HT212528", "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212530", "https://support.apple.com/en-us/HT212531", "https://support.apple.com/en-us/HT212533" ], "module": "Core Services", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina and macOS Mojave" ], "credit": "Prakash (@1lastBr3ath)", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2021-30682", "impact": "A malicious application may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT212528", "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212532", "https://support.apple.com/en-us/HT212533", "https://support.apple.com/en-us/HT212534" ], "module": "WebKit", "rsr": "", "update": "July 21, 2021" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Gabe Kirkpatrick (@gabe_k)", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2021-30683", "impact": "A malicious application could execute arbitrary code leading to compromise of user information", "links": [ "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212530", "https://support.apple.com/en-us/HT212531" ], "module": "Heimdal", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina" ], "credit": "Liu Long of Ant Security Light-Year Lab", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2021-30684", "impact": "A remote attacker may cause an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212530" ], "module": "Graphics Drivers", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina" ], "credit": "Mickey Jin (@patch1t) of Trend Micro", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-30685", "impact": "Parsing a maliciously crafted audio file may lead to disclosure of user information", "links": [ "https://support.apple.com/en-us/HT212528", "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212530", "https://support.apple.com/en-us/HT212532", "https://support.apple.com/en-us/HT212533" ], "module": "Audio", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina" ], "credit": "Mickey Jin of Trend Micro working with Trend Micro Zero Day Initiative", "description": "Processing a maliciously crafted audio file may disclose restricted memory.", "id": "CVE-2021-30686", "impact": "An out-of-bounds read was addressed with improved bounds checking", "links": [ "https://support.apple.com/en-us/HT212528", "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212530", "https://support.apple.com/en-us/HT212532", "https://support.apple.com/en-us/HT212533" ], "module": "CoreAudio", "rsr": "", "update": "July 21, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Hou JingYi (@hjy79425575) of Qihoo 360", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2021-30687", "impact": "Processing a maliciously crafted image may lead to disclosure of user information", "links": [ "https://support.apple.com/en-us/HT212528", "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212530", "https://support.apple.com/en-us/HT212531", "https://support.apple.com/en-us/HT212532", "https://support.apple.com/en-us/HT212533" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina" ], "credit": "Thijs Alkemade of Computest Research Division", "description": "A malicious application may be able to break out of its sandbox.", "id": "CVE-2021-30688", "impact": "A path handling issue was addressed with improved validation", "links": [ "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212530" ], "module": "App Store", "rsr": "", "update": "July 21, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina and macOS Mojave" ], "credit": "an anonymous researcher", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2021-30689", "impact": "Processing maliciously crafted web content may lead to universal cross site scripting", "links": [ "https://support.apple.com/en-us/HT212528", "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212532", "https://support.apple.com/en-us/HT212533", "https://support.apple.com/en-us/HT212534" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Mojave" ], "credit": "an anonymous researcher", "description": "Multiple issues in apache were addressed by updating apache to version 2.4.46.", "id": "CVE-2021-30690", "impact": "Multiple issues in apache", "links": [ "https://support.apple.com/en-us/HT212531" ], "module": "apache", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Mickey Jin (@patch1t) of Trend Micro", "description": "An information disclosure issue was addressed with improved state management.", "id": "CVE-2021-30691", "impact": "Processing a maliciously crafted USD file may disclose memory contents", "links": [ "https://support.apple.com/en-us/HT212528", "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212530", "https://support.apple.com/en-us/HT212531" ], "module": "Model I/O", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Mickey Jin (@patch1t) of Trend Micro", "description": "An information disclosure issue was addressed with improved state management.", "id": "CVE-2021-30692", "impact": "Processing a maliciously crafted USD file may disclose memory contents", "links": [ "https://support.apple.com/en-us/HT212528", "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212530", "https://support.apple.com/en-us/HT212531" ], "module": "Model I/O", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Mickey Jin (@patch1t) & Junzhi Lu (@pwn0rz) of Trend Micro", "description": "A validation issue was addressed with improved logic.", "id": "CVE-2021-30693", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212528", "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212530", "https://support.apple.com/en-us/HT212531" ], "module": "Model I/O", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Mickey Jin (@patch1t) of Trend Micro", "description": "An information disclosure issue was addressed with improved state management.", "id": "CVE-2021-30694", "impact": "Processing a maliciously crafted USD file may disclose memory contents", "links": [ "https://support.apple.com/en-us/HT212528", "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212530", "https://support.apple.com/en-us/HT212531" ], "module": "Model I/O", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Mickey Jin (@patch1t) & Junzhi Lu (@pwn0rz) of Trend Micro", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2021-30695", "impact": "Processing a maliciously crafted USD file may disclose memory contents", "links": [ "https://support.apple.com/en-us/HT212528", "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212530", "https://support.apple.com/en-us/HT212531" ], "module": "Model I/O", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Fabian Ising and Damian Poddebniak of M\u00fcnster University of Applied Sciences", "description": "An attacker in a privileged network position may be able to misrepresent application state.", "id": "CVE-2021-30696", "impact": "A logic issue was addressed with improved state management", "links": [ "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212530", "https://support.apple.com/en-us/HT212531" ], "module": "Mail", "rsr": "", "update": "July 21, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Gabe Kirkpatrick (@gabe_k)", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2021-30697", "impact": "A local user may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT212528", "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212530", "https://support.apple.com/en-us/HT212531", "https://support.apple.com/en-us/HT212532", "https://support.apple.com/en-us/HT212533" ], "module": "Heimdal", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina and macOS Mojave" ], "credit": "Tavis Ormandy of Google", "description": "A null pointer dereference was addressed with improved input validation.", "id": "CVE-2021-30698", "impact": "A remote attacker may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT212528", "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212534" ], "module": "WebRTC", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "videosdebarraquito", "description": "A window management issue was addressed with improved state management.", "id": "CVE-2021-30699", "impact": "A user may be able to view restricted content from the lockscreen", "links": [ "https://support.apple.com/en-us/HT212528" ], "module": "Notes", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur" ], "credit": "Ye Zhang(@co0py_Cat) of Baidu Security", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-30700", "impact": "Processing a maliciously crafted image may lead to disclosure of user information", "links": [ "https://support.apple.com/en-us/HT212528", "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212532", "https://support.apple.com/en-us/HT212533" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina" ], "credit": "Mickey Jin (@patch1t) of Trend Micro and Ye Zhang of Baidu Security", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-30701", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212528", "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212530", "https://support.apple.com/en-us/HT212532", "https://support.apple.com/en-us/HT212533" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Jewel Lambert of Original Spin, LLC.", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2021-30702", "impact": "A person with physical access to a Mac may be able to bypass Login Window", "links": [ "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212530", "https://support.apple.com/en-us/HT212531" ], "module": "Login Window", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "an anonymous researcher", "description": "A double free issue was addressed with improved memory management.", "id": "CVE-2021-30703", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT212528", "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212532", "https://support.apple.com/en-us/HT212533", "https://support.apple.com/en-us/HT212600", "https://support.apple.com/en-us/HT212603" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "an anonymous researcher", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2021-30704", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT212528", "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212530", "https://support.apple.com/en-us/HT212531", "https://support.apple.com/en-us/HT212532", "https://support.apple.com/en-us/HT212533" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Ye Zhang of Baidu Security", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-30705", "impact": "Processing a maliciously crafted ASTC file may disclose memory contents", "links": [ "https://support.apple.com/en-us/HT212528", "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212530", "https://support.apple.com/en-us/HT212531", "https://support.apple.com/en-us/HT212532", "https://support.apple.com/en-us/HT212533" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur" ], "credit": "Anonymous working with Trend Micro Zero Day Initiative, Jzhu working with Trend Micro Zero Day Initiative", "description": "Processing a maliciously crafted image may lead to disclosure of user information.", "id": "CVE-2021-30706", "impact": "This issue was addressed with improved checks", "links": [ "https://support.apple.com/en-us/HT212528", "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212532", "https://support.apple.com/en-us/HT212533" ], "module": "ImageIO", "rsr": "", "update": "July 21, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur" ], "credit": "hjy79425575 working with Trend Micro Zero Day Initiative", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-30707", "impact": "Processing a maliciously crafted audio file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212528", "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212532", "https://support.apple.com/en-us/HT212533" ], "module": "Audio", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Mickey Jin (@patch1t) & Junzhi Lu (@pwn0rz) of Trend Micro", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2021-30708", "impact": "Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212528", "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212530", "https://support.apple.com/en-us/HT212531" ], "module": "Model I/O", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Mickey Jin (@patch1t) of Trend Micro", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-30709", "impact": "Processing a maliciously crafted USD file may disclose memory contents", "links": [ "https://support.apple.com/en-us/HT212528", "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212530", "https://support.apple.com/en-us/HT212531" ], "module": "Model I/O", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Gabe Kirkpatrick (@gabe_k)", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2021-30710", "impact": "A malicious application may cause a denial of service or potentially disclose memory contents", "links": [ "https://support.apple.com/en-us/HT212528", "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212530", "https://support.apple.com/en-us/HT212531", "https://support.apple.com/en-us/HT212532", "https://support.apple.com/en-us/HT212533" ], "module": "Heimdal", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Aleksandar Nikolic of Cisco Talos", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2021-30712", "impact": "A remote attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212530", "https://support.apple.com/en-us/HT212531" ], "module": "smbx", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina" ], "credit": "an anonymous researcher", "description": "A permissions issue was addressed with improved validation.", "id": "CVE-2021-30713", "impact": "A malicious application may be able to bypass Privacy preferences", "links": [ "https://support.apple.com//en-us/103148", "https://support.apple.com/en-us/HT212529" ], "module": "TCC", "rsr": "", "update": "September 20, 2021" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "@08Tc3wBB of ZecOps, and George Nosenko", "description": "A race condition was addressed with improved state handling.", "id": "CVE-2021-30714", "impact": "An application may be able to cause unexpected system termination or write kernel memory", "links": [ "https://support.apple.com/en-us/HT212528" ], "module": "AVEVideoEncoder", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina" ], "credit": "The UK's National Cyber Security Centre (NCSC)", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2021-30715", "impact": "Processing a maliciously crafted message may lead to a denial of service", "links": [ "https://support.apple.com/en-us/HT212528", "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212530", "https://support.apple.com/en-us/HT212532", "https://support.apple.com/en-us/HT212533" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Aleksandar Nikolic of Cisco Talos", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2021-30716", "impact": "An attacker in a privileged network position may be able to perform denial of service", "links": [ "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212530", "https://support.apple.com/en-us/HT212531" ], "module": "smbx", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Aleksandar Nikolic of Cisco Talos", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2021-30717", "impact": "An attacker in a privileged network position may be able to execute arbitrary code", "links": [ "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212530", "https://support.apple.com/en-us/HT212531" ], "module": "smbx", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur" ], "credit": "SiQian Wei of ByteDance Security", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-30718", "impact": "A non-privileged user may be able to modify restricted settings", "links": [ "https://support.apple.com/en-us/HT212529" ], "module": "SoftwareUpdate", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina" ], "credit": "an anonymous researcher working with Trend Micro Zero Day Initiative", "description": "A local user may be able to cause unexpected system termination or read kernel memory.", "id": "CVE-2021-30719", "impact": "An out-of-bounds read issue was addressed by removing the vulnerable code", "links": [ "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212530" ], "module": "Intel Graphics Driver", "rsr": "", "update": "July 21, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina and macOS Mojave" ], "credit": "David Sch\u00fctz (@xdavidhu)", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2021-30720", "impact": "A malicious website may be able to access restricted ports on arbitrary servers", "links": [ "https://support.apple.com/en-us/HT212528", "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212532", "https://support.apple.com/en-us/HT212533", "https://support.apple.com/en-us/HT212534" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Aleksandar Nikolic of Cisco Talos", "description": "A path handling issue was addressed with improved validation.", "id": "CVE-2021-30721", "impact": "An attacker in a privileged network position may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212530", "https://support.apple.com/en-us/HT212531" ], "module": "smbx", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Aleksandar Nikolic of Cisco Talos", "description": "An information disclosure issue was addressed with improved state management.", "id": "CVE-2021-30722", "impact": "An attacker in a privileged network position may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212530", "https://support.apple.com/en-us/HT212531" ], "module": "smbx", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Mickey Jin (@patch1t) of Trend Micro", "description": "An information disclosure issue was addressed with improved state management.", "id": "CVE-2021-30723", "impact": "Processing a maliciously crafted USD file may disclose memory contents", "links": [ "https://support.apple.com/en-us/HT212528", "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212530", "https://support.apple.com/en-us/HT212531" ], "module": "Model I/O", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Mickey Jin (@patch1t) of Trend Micro", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-30724", "impact": "A local attacker may be able to elevate their privileges", "links": [ "https://support.apple.com/en-us/HT212528", "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212530", "https://support.apple.com/en-us/HT212531", "https://support.apple.com/en-us/HT212532", "https://support.apple.com/en-us/HT212533" ], "module": "CVMS", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Mickey Jin (@patch1t) of Trend Micro", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2021-30725", "impact": "Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212528", "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212530", "https://support.apple.com/en-us/HT212531" ], "module": "Model I/O", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Yinyi Wu(@3ndy1) of Qihoo 360 Vulcan Team", "description": "A malicious application may be able to execute arbitrary code with kernel privileges.", "id": "CVE-2021-30726", "impact": "An out-of-bounds write issue was addressed with improved bounds checking", "links": [ "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212530", "https://support.apple.com/en-us/HT212531" ], "module": "Intel Graphics Driver", "rsr": "", "update": "July 21, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur" ], "credit": "Cees Elzinga", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2021-30727", "impact": "A malicious application may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/HT212528", "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212532", "https://support.apple.com/en-us/HT212533" ], "module": "Crash Reporter", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Liu Long of Ant Security Light-Year Lab", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2021-30728", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212530", "https://support.apple.com/en-us/HT212531" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "CHRISTIAN MINA", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2021-30729", "impact": "A device may accept invalid activation results", "links": [ "https://support.apple.com/en-us/HT212528" ], "module": "CommCenter", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina" ], "credit": "UTM (@UTMapp)", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-30731", "impact": "An unprivileged application may be able to capture USB devices", "links": [ "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212600" ], "module": "IOUSBHostFamily", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Sunglin from the Knownsec 404", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2021-30733", "impact": "Processing a maliciously crafted font may result in the disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT212528", "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212532", "https://support.apple.com/en-us/HT212533", "https://support.apple.com/en-us/HT212600", "https://support.apple.com/en-us/HT212603" ], "module": "CoreText", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina and macOS Mojave" ], "credit": "Jack Dates of RET2 Systems, Inc. (@ret2systems) working with Trend Micro Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2021-30734", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212528", "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212532", "https://support.apple.com/en-us/HT212533", "https://support.apple.com/en-us/HT212534" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Jack Dates of RET2 Systems, Inc. (@ret2systems) working with Trend Micro Zero Day Initiative", "description": "A malicious application may be able to execute arbitrary code with kernel privileges.", "id": "CVE-2021-30735", "impact": "An out-of-bounds write issue was addressed with improved bounds checking", "links": [ "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212530", "https://support.apple.com/en-us/HT212531" ], "module": "Graphics Drivers", "rsr": "", "update": "July 21, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur" ], "credit": "Ian Beer of Google Project Zero", "description": "A buffer overflow was addressed with improved size validation.", "id": "CVE-2021-30736", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT212528", "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212532", "https://support.apple.com/en-us/HT212533" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "xerub", "description": "A memory corruption issue in the ASN.1 decoder was addressed by removing the vulnerable code.", "id": "CVE-2021-30737", "impact": "Processing a maliciously crafted certificate may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212528", "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212530", "https://support.apple.com/en-us/HT212531", "https://support.apple.com/en-us/HT212532", "https://support.apple.com/en-us/HT212533", "https://support.apple.com/en-us/HT212548" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Mojave" ], "credit": "Qingyang Chen of Topsec Alpha Team, Csaba Fitzl (@theevilbit) of Offensive Security", "description": "A malicious application may be able to overwrite arbitrary files.", "id": "CVE-2021-30738", "impact": "An issue with path validation logic for hardlinks was addressed with improved path sanitization", "links": [ "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212531" ], "module": "PackageKit", "rsr": "", "update": "July 21, 2021" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Zuozhi Fan (@pattern_F_) of Ant Group Tianqiong Security Lab", "description": "A local attacker may be able to elevate their privileges.", "id": "CVE-2021-30739", "impact": "A memory corruption issue was addressed with improved validation", "links": [ "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212530", "https://support.apple.com/en-us/HT212531" ], "module": "Kernel", "rsr": "", "update": "July 21, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur" ], "credit": "Linus Henze (pinauten.de)", "description": "A logic issue was addressed with improved validation.", "id": "CVE-2021-30740", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT212528", "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212532", "https://support.apple.com/en-us/HT212533" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "SYMaster of ZecOps Mobile EDR Team", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2021-30741", "impact": "Processing a maliciously crafted mail message may lead to unexpected memory modification or application termination", "links": [ "https://support.apple.com/en-us/HT212528" ], "module": "Mail", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Mickey Jin of Trend Micro working with Trend Micro Zero Day Initiative", "description": "A memory consumption issue was addressed with improved memory handling.", "id": "CVE-2021-30742", "impact": "Processing a maliciously crafted audio file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212317" ], "module": "Audio", "rsr": "", "update": "July 21, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina" ], "credit": "CFF of Topsec Alpha Team, an anonymous researcher, and Jeonghoon Shin(@singi21a) of THEORI working with Trend Micro Zero Day Initiative", "description": "An out-of-bounds write was addressed with improved input validation.", "id": "CVE-2021-30743", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212317", "https://support.apple.com/en-us/HT212323", "https://support.apple.com/en-us/HT212324", "https://support.apple.com/en-us/HT212325", "https://support.apple.com/en-us/HT212530" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina and macOS Mojave" ], "credit": "Dan Hite of jsontop", "description": "A cross-origin issue with iframe elements was addressed with improved tracking of security origins.", "id": "CVE-2021-30744", "impact": "Processing maliciously crafted web content may lead to universal cross site scripting", "links": [ "https://support.apple.com/en-us/HT212528", "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212532", "https://support.apple.com/en-us/HT212533", "https://support.apple.com/en-us/HT212534" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Mickey Jin (@patch1t) of Trend Micro", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2021-30746", "impact": "Processing a maliciously crafted USD file may disclose memory contents", "links": [ "https://support.apple.com/en-us/HT212528", "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212530", "https://support.apple.com/en-us/HT212531" ], "module": "Model I/O", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur" ], "credit": "George Nosenko", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2021-30748", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT212601", "https://support.apple.com/en-us/HT212602", "https://support.apple.com/en-us/HT212604" ], "module": "AVEVideoEncoder", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina and macOS Mojave" ], "credit": "an anonymous researcher and mipu94 of SEFCOM lab, ASU. working with Trend Micro Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2021-30749", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212528", "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212532", "https://support.apple.com/en-us/HT212533", "https://support.apple.com/en-us/HT212534" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur" ], "credit": "Csaba Fitzl (@theevilbit) of Offensive Security", "description": "The issue was addressed with improved permissions logic.", "id": "CVE-2021-30750", "impact": "A malicious application may be able to access the user's recent contacts", "links": [ "https://support.apple.com/en-us/HT212325" ], "module": "Sandbox", "rsr": "", "update": "May 28, 2021" }, { "available": [ "macOS Big Sur" ], "credit": "Csaba Fitzl (@theevilbit) of Offensive Security", "description": "This issue was addressed with improved data protection.", "id": "CVE-2021-30751", "impact": "A malicious application may be able to bypass certain Privacy preferences", "links": [ "https://support.apple.com/en-us/HT212529" ], "module": "Sandbox", "rsr": "", "update": "July 21, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur" ], "credit": "Ye Zhang (@co0py_Cat) of Baidu Security", "description": "Processing a maliciously crafted image may lead to arbitrary code execution.", "id": "CVE-2021-30752", "impact": "An out-of-bounds read was addressed with improved input validation", "links": [ "https://support.apple.com/en-us/HT212317", "https://support.apple.com/en-us/HT212323", "https://support.apple.com/en-us/HT212324", "https://support.apple.com/en-us/HT212325" ], "module": "Compression", "rsr": "", "update": "July 21, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur" ], "credit": "Xingwei Lin of Ant Security Light-Year Lab", "description": "Processing a maliciously crafted font may result in the disclosure of process memory.", "id": "CVE-2021-30753", "impact": "An out-of-bounds read was addressed with improved input validation", "links": [ "https://support.apple.com/en-us/HT212528", "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212532", "https://support.apple.com/en-us/HT212533" ], "module": "CoreText", "rsr": "", "update": "July 21, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "macOS Big Sur" ], "credit": "Xingwei Lin of Ant Security Light-Year Lab", "description": "Processing a maliciously crafted font may result in the disclosure of process memory", "id": "CVE-2021-30755", "impact": "An out-of-bounds read was addressed with improved input validation", "links": [ "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212532", "https://support.apple.com/en-us/HT212533" ], "module": "FontParser", "rsr": "", "update": "July 21, 2021" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur" ], "credit": "Ricky D'Amelio, Jatayu Holznagel (@jholznagel)", "description": "A local attacker may be able to view Now Playing information from the lock screen.", "id": "CVE-2021-30756", "impact": "A privacy issue in Now Playing was addressed with improved permissions", "links": [ "https://support.apple.com/en-us/HT212528", "https://support.apple.com/en-us/HT212529" ], "module": "MediaRemote", "rsr": "", "update": "July 21, 2021" }, { "available": [ "macOS Catalina 10.15.6 and later" ], "credit": "Wojciech Regu\u0142a (@_r3ggi), Gerg\u0151 Pap of Quadron Cybersecurity Services, Csaba Fitzl (@theevilbit), Yi\u011fit Can YILMAZ (@yilmazcanyigit)", "description": "This issue was addressed by enabling hardened runtime.", "id": "CVE-2021-30757", "impact": "Entitlements and privacy permissions granted to this app may be used by a malicious app", "links": [ "https://support.apple.com/en-us/HT212549" ], "module": "iMovie", "rsr": "", "update": "December 17, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina and macOS Mojave" ], "credit": "Christoph Guttandin of Media Codings", "description": "A type confusion issue was addressed with improved state handling.", "id": "CVE-2021-30758", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212601", "https://support.apple.com/en-us/HT212602", "https://support.apple.com/en-us/HT212604", "https://support.apple.com/en-us/HT212605", "https://support.apple.com/en-us/HT212606" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "hjy79425575 working with Trend Micro Zero Day Initiative", "description": "A stack overflow was addressed with improved input validation.", "id": "CVE-2021-30759", "impact": "Processing a maliciously crafted font file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212600", "https://support.apple.com/en-us/HT212601", "https://support.apple.com/en-us/HT212602", "https://support.apple.com/en-us/HT212603", "https://support.apple.com/en-us/HT212604", "https://support.apple.com/en-us/HT212605" ], "module": "FontParser", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Sunglin of Knownsec 404 team", "description": "An integer overflow was addressed through improved input validation.", "id": "CVE-2021-30760", "impact": "Processing a maliciously crafted font file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212600", "https://support.apple.com/en-us/HT212601", "https://support.apple.com/en-us/HT212602", "https://support.apple.com/en-us/HT212603", "https://support.apple.com/en-us/HT212604", "https://support.apple.com/en-us/HT212605" ], "module": "FontParser", "rsr": "", "update": "" }, { "available": [ "iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation)" ], "credit": "an anonymous researcher", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2021-30761", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.", "links": [ "https://support.apple.com/en-us/HT212548" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation)" ], "credit": "an anonymous researcher", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2021-30762", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.", "links": [ "https://support.apple.com/en-us/HT212548" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Zachary Keffaber (@QuickUpdate5)", "description": "An input validation issue was addressed with improved input validation.", "id": "CVE-2021-30763", "impact": "A shortcut may be able to bypass Internet permission requirements", "links": [ "https://support.apple.com/en-us/HT212601", "https://support.apple.com/en-us/HT212605" ], "module": "ActionKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Anonymous working with Trend Micro Zero Day Initiative", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-30764", "impact": "Processing a maliciously crafted file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212317", "https://support.apple.com/en-us/HT212323", "https://support.apple.com/en-us/HT212324" ], "module": "ImageIO", "rsr": "", "update": "July 21, 2021" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Yinyi Wu (@3ndy1) of Qihoo 360 Vulcan Team, Liu Long of Ant Security Light-Year Lab", "description": "An out-of-bounds write was addressed with improved input validation.", "id": "CVE-2021-30765", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT212600", "https://support.apple.com/en-us/HT212602", "https://support.apple.com/en-us/HT212603" ], "module": "Intel Graphics Driver", "rsr": "", "update": "November 18, 2021" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Liu Long of Ant Security Light-Year Lab", "description": "An out-of-bounds write was addressed with improved input validation.", "id": "CVE-2021-30766", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT212600", "https://support.apple.com/en-us/HT212602", "https://support.apple.com/en-us/HT212603" ], "module": "Intel Graphics Driver", "rsr": "", "update": "November 18, 2021" }, { "available": [ "Apple Watch Series 3 and later", "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "@gorelics", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2021-30767", "impact": "A local user may be able to modify protected parts of the file system", "links": [ "https://support.apple.com//en-us/102761", "https://support.apple.com//en-us/102874", "https://support.apple.com//en-us/102876", "https://support.apple.com//en-us/103169" ], "module": "TCC", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina" ], "credit": "Linus Henze (pinauten.de)", "description": "A logic issue was addressed with improved validation.", "id": "CVE-2021-30768", "impact": "A sandboxed process may be able to circumvent sandbox restrictions", "links": [ "https://support.apple.com/en-us/HT212600", "https://support.apple.com/en-us/HT212601", "https://support.apple.com/en-us/HT212602", "https://support.apple.com/en-us/HT212604", "https://support.apple.com/en-us/HT212605" ], "module": "dyld", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Linus Henze (pinauten.de)", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2021-30769", "impact": "A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication", "links": [ "https://support.apple.com/en-us/HT212601", "https://support.apple.com/en-us/HT212604", "https://support.apple.com/en-us/HT212605" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Linus Henze (pinauten.de)", "description": "A logic issue was addressed with improved validation.", "id": "CVE-2021-30770", "impact": "An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations", "links": [ "https://support.apple.com/en-us/HT212601", "https://support.apple.com/en-us/HT212604", "https://support.apple.com/en-us/HT212605" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur" ], "credit": "Mickey Jin (@patch1t) of Trend Micro, CFF of Topsec Alpha Team", "description": "An out-of-bounds write was addressed with improved input validation.", "id": "CVE-2021-30771", "impact": "Processing a maliciously crafted font file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212528", "https://support.apple.com/en-us/HT212529", "https://support.apple.com/en-us/HT212532", "https://support.apple.com/en-us/HT212533" ], "module": "FontParser", "rsr": "", "update": "January 19, 2022" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Zhongcheng Li (CK01)", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-30772", "impact": "A malicious application may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/HT212600", "https://support.apple.com/en-us/HT212602", "https://support.apple.com/en-us/HT212603" ], "module": "CoreServices", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Linus Henze (pinauten.de)", "description": "An issue in code signature validation was addressed with improved checks.", "id": "CVE-2021-30773", "impact": "A malicious application may be able to bypass code signing checks", "links": [ "https://support.apple.com/en-us/HT212601", "https://support.apple.com/en-us/HT212604", "https://support.apple.com/en-us/HT212605" ], "module": "Identity Service", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina" ], "credit": "Yizhuo Wang of Group of Software Security In Progress (G.O.S.S.I.P) at Shanghai Jiao Tong University", "description": "A logic issue was addressed with improved validation.", "id": "CVE-2021-30774", "impact": "A malicious application may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/HT212600", "https://support.apple.com/en-us/HT212601", "https://support.apple.com/en-us/HT212602", "https://support.apple.com/en-us/HT212604", "https://support.apple.com/en-us/HT212605" ], "module": "Crash Reporter", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina" ], "credit": "JunDong Xie of Ant Security Light-Year Lab", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2021-30775", "impact": "Processing a maliciously crafted audio file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212600", "https://support.apple.com/en-us/HT212601", "https://support.apple.com/en-us/HT212602", "https://support.apple.com/en-us/HT212604", "https://support.apple.com/en-us/HT212605" ], "module": "CoreAudio", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina" ], "credit": "JunDong Xie of Ant Security Light-Year Lab", "description": "A logic issue was addressed with improved validation.", "id": "CVE-2021-30776", "impact": "Playing a malicious audio file may lead to an unexpected application termination", "links": [ "https://support.apple.com/en-us/HT212600", "https://support.apple.com/en-us/HT212601", "https://support.apple.com/en-us/HT212602", "https://support.apple.com/en-us/HT212604", "https://support.apple.com/en-us/HT212605" ], "module": "CoreAudio", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Tim Michaud(@TimGMichaud) of Zoom Video Communications and Gary Nield of ECSC Group plc", "description": "An injection issue was addressed with improved validation.", "id": "CVE-2021-30777", "impact": "A malicious application may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/HT212600", "https://support.apple.com/en-us/HT212602", "https://support.apple.com/en-us/HT212603" ], "module": "CoreStorage", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur" ], "credit": "Csaba Fitzl (@theevilbit) of Offensive Security", "description": "This issue was addressed with improved entitlements.", "id": "CVE-2021-30778", "impact": "A malicious application may be able to bypass Privacy preferences", "links": [ "https://support.apple.com/en-us/HT212602" ], "module": "Kext Management", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Windows 10 and later", "Windows 10 and later via the Microsoft Store", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur" ], "credit": "Jzhu, Ye Zhang(@co0py_Cat) of Baidu Security", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-30779", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212601", "https://support.apple.com/en-us/HT212602", "https://support.apple.com/en-us/HT212604", "https://support.apple.com/en-us/HT212605", "https://support.apple.com/en-us/HT212607", "https://support.apple.com/en-us/HT212609" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Tim Michaud(@TimGMichaud) of Zoom Video Communications", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2021-30780", "impact": "A malicious application may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/HT212600", "https://support.apple.com/en-us/HT212601", "https://support.apple.com/en-us/HT212602", "https://support.apple.com/en-us/HT212603", "https://support.apple.com/en-us/HT212604", "https://support.apple.com/en-us/HT212605" ], "module": "CVMS", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "tr3e", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-30781", "impact": "A local attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212600", "https://support.apple.com/en-us/HT212601", "https://support.apple.com/en-us/HT212602", "https://support.apple.com/en-us/HT212603", "https://support.apple.com/en-us/HT212604", "https://support.apple.com/en-us/HT212605" ], "module": "Audio", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Csaba Fitzl (@theevilbit) of Offensive Security", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-30782", "impact": "A malicious application may be able to access restricted files", "links": [ "https://support.apple.com/en-us/HT212600", "https://support.apple.com/en-us/HT212602", "https://support.apple.com/en-us/HT212603" ], "module": "Sandbox", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "an anonymous researcher, Ron Hass (@ronhass7) of Perception Point", "description": "An access issue was addressed with improved access restrictions.", "id": "CVE-2021-30783", "impact": "A sandboxed process may be able to circumvent sandbox restrictions", "links": [ "https://support.apple.com//en-us/103148", "https://support.apple.com/en-us/HT212600", "https://support.apple.com/en-us/HT212602", "https://support.apple.com/en-us/HT212603" ], "module": "CoreServices", "rsr": "", "update": "September 20, 2021" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "George Nosenko", "description": "Multiple issues were addressed with improved logic.", "id": "CVE-2021-30784", "impact": "A local attacker may be able to execute code on the Apple T2 Security Chip", "links": [ "https://support.apple.com/en-us/HT212600", "https://support.apple.com/en-us/HT212602", "https://support.apple.com/en-us/HT212603" ], "module": "IOKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Windows 10 and later", "Windows 10 and later via the Microsoft Store", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina" ], "credit": "CFF of Topsec Alpha Team, Mickey Jin (@patch1t) of Trend Micro", "description": "A buffer overflow was addressed with improved bounds checking.", "id": "CVE-2021-30785", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212600", "https://support.apple.com/en-us/HT212601", "https://support.apple.com/en-us/HT212602", "https://support.apple.com/en-us/HT212604", "https://support.apple.com/en-us/HT212605", "https://support.apple.com/en-us/HT212607", "https://support.apple.com/en-us/HT212609" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur" ], "credit": "ryuzaki", "description": "A race condition was addressed with improved state handling.", "id": "CVE-2021-30786", "impact": "Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212601", "https://support.apple.com/en-us/HT212602" ], "module": "CoreGraphics", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Anonymous working with Trend Micro Zero Day Initiative", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-30787", "impact": "An application may be able to cause unexpected system termination or write kernel memory", "links": [ "https://support.apple.com/en-us/HT212600", "https://support.apple.com/en-us/HT212602", "https://support.apple.com/en-us/HT212603" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "tr3e working with Trend Micro Zero Day Initiative", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-30788", "impact": "Processing a maliciously crafted tiff file may lead to a denial-of-service or potentially disclose memory contents", "links": [ "https://support.apple.com/en-us/HT212600", "https://support.apple.com/en-us/HT212601", "https://support.apple.com/en-us/HT212602", "https://support.apple.com/en-us/HT212603", "https://support.apple.com/en-us/HT212604", "https://support.apple.com/en-us/HT212605" ], "module": "FontParser", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina" ], "credit": "Mickey Jin (@patch1t) of Trend Micro, Sunglin of Knownsec 404 team", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2021-30789", "impact": "Processing a maliciously crafted font file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212600", "https://support.apple.com/en-us/HT212601", "https://support.apple.com/en-us/HT212602", "https://support.apple.com/en-us/HT212604", "https://support.apple.com/en-us/HT212605" ], "module": "CoreText", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "hjy79425575 working with Trend Micro Zero Day Initiative", "description": "An information disclosure issue was addressed by removing the vulnerable code.", "id": "CVE-2021-30790", "impact": "Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212600", "https://support.apple.com/en-us/HT212602", "https://support.apple.com/en-us/HT212603" ], "module": "AppKit", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Anonymous working with Trend Micro Zero Day Initiative", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2021-30791", "impact": "Processing a maliciously crafted file may disclose user information", "links": [ "https://support.apple.com/en-us/HT212600", "https://support.apple.com/en-us/HT212601", "https://support.apple.com/en-us/HT212602", "https://support.apple.com/en-us/HT212603" ], "module": "Model I/O", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Anonymous working with Trend Micro Zero Day Initiative", "description": "An out-of-bounds write was addressed with improved input validation.", "id": "CVE-2021-30792", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212600", "https://support.apple.com/en-us/HT212601", "https://support.apple.com/en-us/HT212602", "https://support.apple.com/en-us/HT212603" ], "module": "Model I/O", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Zuozhi Fan (@pattern_F_) of Ant Security TianQiong Lab", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2021-30793", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT212600", "https://support.apple.com/en-us/HT212602", "https://support.apple.com/en-us/HT212603" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina and macOS Mojave" ], "credit": "Sergei Glazunov of Google Project Zero", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2021-30795", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212601", "https://support.apple.com/en-us/HT212602", "https://support.apple.com/en-us/HT212604", "https://support.apple.com/en-us/HT212605", "https://support.apple.com/en-us/HT212606" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Mickey Jin (@patch1t) of Trend Micro", "description": "A logic issue was addressed with improved validation.", "id": "CVE-2021-30796", "impact": "Processing a maliciously crafted image may lead to a denial of service", "links": [ "https://support.apple.com/en-us/HT212600", "https://support.apple.com/en-us/HT212601", "https://support.apple.com/en-us/HT212602", "https://support.apple.com/en-us/HT212603" ], "module": "Model I/O", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina and macOS Mojave" ], "credit": "Ivan Fratric of Google Project Zero", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-30797", "impact": "Processing maliciously crafted web content may lead to code execution", "links": [ "https://support.apple.com/en-us/HT212601", "https://support.apple.com/en-us/HT212602", "https://support.apple.com/en-us/HT212604", "https://support.apple.com/en-us/HT212605", "https://support.apple.com/en-us/HT212606" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur" ], "credit": "Mickey Jin (@patch1t) of Trend Micro working with Trend Micro Zero Day Initiative", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2021-30798", "impact": "A malicious application may be able to bypass certain Privacy preferences", "links": [ "https://support.apple.com/en-us/HT212601", "https://support.apple.com/en-us/HT212602", "https://support.apple.com/en-us/HT212605" ], "module": "TCC", "rsr": "", "update": "November 18, 2021" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Sergei Glazunov of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2021-30799", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212600", "https://support.apple.com/en-us/HT212601", "https://support.apple.com/en-us/HT212602", "https://support.apple.com/en-us/HT212603" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "vm_call and Nozhdar Abdulkhaleq Shukri", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-30800", "impact": "Joining a malicious Wi-Fi network may result in a denial of service or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212601" ], "module": "Wi-Fi", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Matthew Denton of Google Chrome Security", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2021-30802", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212601", "https://support.apple.com/en-us/HT212604" ], "module": "Image Processing", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur" ], "credit": "Matt Shockley (twitter.com/mattshockl), Csaba Fitzl (@theevilbit) of Offensive Security", "description": "A permissions issue was addressed with improved validation.", "id": "CVE-2021-30803", "impact": "A malicious application may be able to access a user\u2019s recent Contacts", "links": [ "https://support.apple.com/en-us/HT212602" ], "module": "Identity Services", "rsr": "", "update": "November 18, 2021" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur" ], "credit": "Csaba Fitzl (@theevilbit) of Offensive Security, Wojciech Regu\u0142a (@_r3ggi) of SecuRing", "description": "A permissions issue was addressed with improved validation.", "id": "CVE-2021-30804", "impact": "A malicious application may be able to access Find My data", "links": [ "https://support.apple.com/en-us/HT212601", "https://support.apple.com/en-us/HT212602" ], "module": "Find My", "rsr": "", "update": "December 22, 2022, updated May 2, 2023" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "ABC Research s.r.o", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2021-30805", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT212600", "https://support.apple.com/en-us/HT212602", "https://support.apple.com/en-us/HT212603" ], "module": "AMD Kernel", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur" ], "credit": "an anonymous researcher", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2021-30807", "impact": "An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.", "links": [ "https://support.apple.com/en-us/HT212622", "https://support.apple.com/en-us/HT212623", "https://support.apple.com/en-us/HT212713" ], "module": "IOMobileFrameBuffer", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Csaba Fitzl (@theevilbit) of Offensive Security", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-30808", "impact": "A malicious application may be able to modify protected parts of the file system", "links": [ "https://support.apple.com//en-us/103153", "https://support.apple.com//en-us/103156", "https://support.apple.com//en-us/103235", "https://support.apple.com//en-us/103236" ], "module": "Sandbox", "rsr": "", "update": "November 18, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur and macOS Catalina" ], "credit": "an anonymous researcher", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2021-30809", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com//en-us/103153", "https://support.apple.com//en-us/103156", "https://support.apple.com//en-us/103235", "https://support.apple.com//en-us/103236", "https://support.apple.com//en-us/103237" ], "module": "WebKit", "rsr": "", "update": "November 18, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Peter Scott", "description": "An authorization issue was addressed with improved state management.", "id": "CVE-2021-30810", "impact": "An attacker in physical proximity may be able to force a user onto a malicious Wi-Fi network during device setup", "links": [ "https://support.apple.com//en-us/103153", "https://support.apple.com//en-us/103156", "https://support.apple.com//en-us/103235" ], "module": "Wi-Fi", "rsr": "", "update": "January 19, 2022" }, { "available": [ "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "an anonymous researcher working with Compartir", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-30811", "impact": "A local attacker may be able to read sensitive information", "links": [ "https://support.apple.com//en-us/103147", "https://support.apple.com//en-us/103156", "https://support.apple.com//en-us/103235", "https://support.apple.com/en-us/HT212600", "https://support.apple.com/en-us/HT212603" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "macOS Big Sur" ], "credit": "Benjamin Berger of BBetterTech LLC, Peter Goedtkindt of Informatique-MTF S.A., an anonymous researcher", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2021-30813", "impact": "A person with access to a host Mac may be able to bypass the Login Window in Remote Desktop for a locked instance of macOS", "links": [ "https://support.apple.com//en-us/103147", "https://support.apple.com//en-us/103236" ], "module": "Login Window", "rsr": "", "update": "May 25, 2022" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "Windows 10 and later", "Windows 10 and later via the Microsoft Store", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "hjy79425575", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2021-30814", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com//en-us/103153", "https://support.apple.com//en-us/103154", "https://support.apple.com//en-us/103156", "https://support.apple.com//en-us/103168", "https://support.apple.com//en-us/103235", "https://support.apple.com//en-us/103236" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Anshraj Srivastava (@AnshrajSrivas14) of UKEF", "description": "A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management.", "id": "CVE-2021-30815", "impact": "A local attacker may be able to view contacts from the lock screen", "links": [ "https://support.apple.com//en-us/103235" ], "module": "Siri", "rsr": "", "update": "January 19, 2022" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Atharv (@atharv0x0)", "description": "The issue was addressed with improved permissions logic.", "id": "CVE-2021-30816", "impact": "An attacker with physical access to a device may be able to see private contact information", "links": [ "https://support.apple.com//en-us/103235" ], "module": "FaceTime", "rsr": "", "update": "October 25, 2021" }, { "available": [ "macOS Big Sur" ], "credit": "Csaba Fitzl (@theevilbit) of Offensive Security", "description": "A permissions issue was addressed with improved validation.", "id": "CVE-2021-30817", "impact": "A malicious application may be able to access data about the accounts the user is using Family Sharing with", "links": [ "https://support.apple.com/en-us/HT212602" ], "module": "Family Sharing", "rsr": "", "update": "October 25, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur and macOS Catalina" ], "credit": "Amar Menezes (@amarekano) of Zon8Research", "description": "A type confusion issue was addressed with improved state handling.", "id": "CVE-2021-30818", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com//en-us/103153", "https://support.apple.com//en-us/103156", "https://support.apple.com//en-us/103235", "https://support.apple.com//en-us/103236", "https://support.apple.com//en-us/103237", "https://support.apple.com/en-us/HT212807" ], "module": "WebKit", "rsr": "", "update": "November 18, 2021" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Mojave" ], "credit": "Apple", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2021-30819", "impact": "Processing a maliciously crafted USD file may disclose memory contents", "links": [ "https://support.apple.com//en-us/103147", "https://support.apple.com//en-us/103235", "https://support.apple.com/en-us/HT212530", "https://support.apple.com/en-us/HT212531" ], "module": "Model I/O", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Jianjun Dai of Qihoo 360 Alpha Lab", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2021-30820", "impact": "A remote attacker may be able to cause arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212807" ], "module": "Bluetooth", "rsr": "", "update": "September 20, 2021" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "macOS Big Sur", "macOS Catalina" ], "credit": "Tim Michaud (@TimGMichaud) of Zoom Video Communications", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2021-30821", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com//en-us/103163", "https://support.apple.com//en-us/103164", "https://support.apple.com//en-us/103236" ], "module": "IOGraphics", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "Windows 10 and later", "Windows 10 and later via the Microsoft Store", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur and macOS Catalina" ], "credit": "David Gullasch of Recurity Labs", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2021-30823", "impact": "An attacker in a privileged network position may be able to bypass HSTS", "links": [ "https://support.apple.com//en-us/103153", "https://support.apple.com//en-us/103154", "https://support.apple.com//en-us/103156", "https://support.apple.com//en-us/103168", "https://support.apple.com//en-us/103236", "https://support.apple.com//en-us/103237", "https://support.apple.com/en-us/HT212807" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "macOS Big Sur", "macOS Catalina" ], "credit": "Antonio Zekic (@antoniozekic) of Diverto", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2021-30824", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com//en-us/103163", "https://support.apple.com//en-us/103164", "https://support.apple.com//en-us/103236" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "hjy79425575 working with Trend Micro Zero Day Initiative", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-30825", "impact": "A local attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com//en-us/103235" ], "module": "CoreML", "rsr": "", "update": "" }, { "available": [ "iPhone SE (1st generation), iPad Pro 12.9-inch, iPad Air 2, iPad (5th generation), and iPad mini 4" ], "credit": "CheolJun Park, Sangwook Bae and BeomSeok Oh of KAIST SysSec Lab", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2021-30826", "impact": "In certain situations, the baseband would fail to enable integrity and ciphering protection", "links": [ "https://support.apple.com//en-us/103235", "https://support.apple.com/en-us/HT212807" ], "module": "Telephony", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina" ], "credit": "Nathan Nye of WhiteBeam Security, Inc.", "description": "A permissions issue existed. This issue was addressed with improved permission validation.", "id": "CVE-2021-30827", "impact": "A local attacker may be able to elevate their privileges", "links": [ "https://support.apple.com//en-us/103147", "https://support.apple.com//en-us/103148" ], "module": "CUPS", "rsr": "", "update": "September 20, 2021, updated May 25, 2022" }, { "available": [ "macOS Big Sur", "macOS Catalina" ], "credit": "Nathan Nye of WhiteBeam Security, Inc.", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-30828", "impact": "A local user may be able to read arbitrary files as root", "links": [ "https://support.apple.com//en-us/103147", "https://support.apple.com//en-us/103148" ], "module": "CUPS", "rsr": "", "update": "September 20, 2021, updated May 25, 2022" }, { "available": [ "macOS Big Sur", "macOS Catalina" ], "credit": "Nathan Nye of WhiteBeam Security, Inc.", "description": "A URI parsing issue was addressed with improved parsing.", "id": "CVE-2021-30829", "impact": "A local user may be able to execute arbitrary files", "links": [ "https://support.apple.com//en-us/103147", "https://support.apple.com//en-us/103148" ], "module": "CUPS", "rsr": "", "update": "September 20, 2021, updated May 25, 2022" }, { "available": [ "macOS Big Sur", "macOS Catalina" ], "credit": "Zweig of Kunlun Lab", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2021-30830", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com//en-us/103147", "https://support.apple.com//en-us/103148" ], "module": "Kernel", "rsr": "", "update": "September 20, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Xingwei Lin of Ant Security Light-Year Lab", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2021-30831", "impact": "Processing a maliciously crafted font may result in the disclosure of process memory", "links": [ "https://support.apple.com//en-us/103153", "https://support.apple.com//en-us/103156", "https://support.apple.com//en-us/103235", "https://support.apple.com//en-us/103236" ], "module": "FontParser", "rsr": "", "update": "November 18, 2021" }, { "available": [ "macOS Big Sur", "macOS Catalina" ], "credit": "Mickey Jin (@patch1t) of Trend Micro", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2021-30832", "impact": "A local attacker may be able to elevate their privileges", "links": [ "https://support.apple.com//en-us/103147", "https://support.apple.com//en-us/103148" ], "module": "CVMS", "rsr": "", "update": "September 20, 2021" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "macOS Big Sur", "macOS Catalina" ], "credit": "Richard Warren of NCC Group", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-30833", "impact": "Unpacking a maliciously crafted archive may allow an attacker to write arbitrary files", "links": [ "https://support.apple.com//en-us/103163", "https://support.apple.com//en-us/103164", "https://support.apple.com//en-us/103236" ], "module": "xar", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina" ], "credit": "JunDong Xie of Ant Security Light-Year Lab", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2021-30834", "impact": "Processing a malicious audio file may result in unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com//en-us/103147", "https://support.apple.com//en-us/103153", "https://support.apple.com//en-us/103156", "https://support.apple.com//en-us/103163", "https://support.apple.com//en-us/103235", "https://support.apple.com/en-us/HT212807" ], "module": "CoreAudio", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Windows 10 and later", "Windows 10 and later via the Microsoft Store", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina" ], "credit": "Ye Zhang of Baidu Security", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-30835", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com//en-us/103147", "https://support.apple.com//en-us/103148", "https://support.apple.com//en-us/103153", "https://support.apple.com//en-us/103154", "https://support.apple.com//en-us/103156", "https://support.apple.com//en-us/103168", "https://support.apple.com//en-us/103235" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur and macOS Catalina" ], "credit": "Peter Nguyen Vu Hoang of STAR Labs", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2021-30836", "impact": "Processing a maliciously crafted audio file may disclose restricted memory", "links": [ "https://support.apple.com//en-us/103153", "https://support.apple.com//en-us/103156", "https://support.apple.com//en-us/103235", "https://support.apple.com//en-us/103236", "https://support.apple.com//en-us/103237", "https://support.apple.com/en-us/HT212807" ], "module": "WebKit", "rsr": "", "update": "November 18, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Siddharth Aeri (@b1n4r1b01)", "description": "A memory consumption issue was addressed with improved memory handling.", "id": "CVE-2021-30837", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com//en-us/103153", "https://support.apple.com//en-us/103156", "https://support.apple.com//en-us/103235" ], "module": "Accessory Manager", "rsr": "", "update": "January 19, 2022" }, { "available": [ "Apple TV 4K and Apple TV HD", "iPhone 8 and later, iPad Pro (3rd generation) and later, iPad Air (3rd generation) and later, and iPad mini (5th generation)", "macOS Big Sur" ], "credit": "proteas wang", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2021-30838", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com//en-us/103147", "https://support.apple.com//en-us/103153", "https://support.apple.com//en-us/103235", "https://support.apple.com/en-us/HT212807" ], "module": "Apple Neural Engine", "rsr": "", "update": "May 25, 2022" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Xingwei Lin of Ant Security Light-Year Lab", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-30840", "impact": "Processing a maliciously crafted dfont file may lead to arbitrary code execution", "links": [ "https://support.apple.com//en-us/103153", "https://support.apple.com//en-us/103156", "https://support.apple.com//en-us/103235", "https://support.apple.com//en-us/103236" ], "module": "FontParser", "rsr": "", "update": "November 18, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina" ], "credit": "Xingwei Lin of Ant Security Light-Year Lab", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-30841", "impact": "Processing a maliciously crafted dfont file may lead to arbitrary code execution", "links": [ "https://support.apple.com//en-us/103147", "https://support.apple.com//en-us/103148", "https://support.apple.com//en-us/103153", "https://support.apple.com//en-us/103156", "https://support.apple.com//en-us/103235", "https://support.apple.com/en-us/HT212807" ], "module": "FontParser", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina" ], "credit": "Xingwei Lin of Ant Security Light-Year Lab", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-30842", "impact": "Processing a maliciously crafted dfont file may lead to arbitrary code execution", "links": [ "https://support.apple.com//en-us/103147", "https://support.apple.com//en-us/103148", "https://support.apple.com//en-us/103153", "https://support.apple.com//en-us/103156", "https://support.apple.com//en-us/103235", "https://support.apple.com/en-us/HT212807" ], "module": "FontParser", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina" ], "credit": "Xingwei Lin of Ant Security Light-Year Lab", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-30843", "impact": "Processing a maliciously crafted dfont file may lead to arbitrary code execution", "links": [ "https://support.apple.com//en-us/103147", "https://support.apple.com//en-us/103148", "https://support.apple.com//en-us/103153", "https://support.apple.com//en-us/103156", "https://support.apple.com//en-us/103235", "https://support.apple.com/en-us/HT212807" ], "module": "FontParser", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina" ], "credit": "Peter Nguyen Vu Hoang of STAR Labs", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2021-30844", "impact": "A remote attacker may be able to leak memory", "links": [ "https://support.apple.com//en-us/103147", "https://support.apple.com//en-us/103148", "https://support.apple.com//en-us/103163", "https://support.apple.com//en-us/103164" ], "module": "SMB", "rsr": "", "update": "May 25, 2022" }, { "available": [ "macOS Big Sur" ], "credit": "Peter Nguyen Vu Hoang of STAR Labs", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2021-30845", "impact": "A local user may be able to read kernel memory", "links": [ "https://support.apple.com//en-us/103147" ], "module": "SMB", "rsr": "", "update": "September 20, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur and macOS Catalina" ], "credit": "Sergei Glazunov of Google Project Zero", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2021-30846", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com//en-us/103153", "https://support.apple.com//en-us/103156", "https://support.apple.com//en-us/103235", "https://support.apple.com//en-us/103236", "https://support.apple.com//en-us/103237", "https://support.apple.com/en-us/HT212807" ], "module": "WebKit", "rsr": "", "update": "November 18, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Windows 10 and later", "Windows 10 and later via the Microsoft Store", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina" ], "credit": "Mike Zhang of Pangu Lab", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-30847", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com//en-us/103147", "https://support.apple.com//en-us/103148", "https://support.apple.com//en-us/103153", "https://support.apple.com//en-us/103154", "https://support.apple.com//en-us/103156", "https://support.apple.com//en-us/103168", "https://support.apple.com//en-us/103235", "https://support.apple.com/en-us/HT212807" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur and macOS Catalina" ], "credit": "Sergei Glazunov of Google Project Zero", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2021-30848", "impact": "Processing maliciously crafted web content may lead to code execution", "links": [ "https://support.apple.com//en-us/103235", "https://support.apple.com//en-us/103236", "https://support.apple.com//en-us/103237", "https://support.apple.com/en-us/HT212807" ], "module": "WebKit", "rsr": "", "update": "November 18, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "Windows 10 and later", "Windows 10 and later via the Microsoft Store", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur and macOS Catalina" ], "credit": "Sergei Glazunov of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2021-30849", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com//en-us/103153", "https://support.apple.com//en-us/103154", "https://support.apple.com//en-us/103156", "https://support.apple.com//en-us/103168", "https://support.apple.com//en-us/103235", "https://support.apple.com//en-us/103236", "https://support.apple.com//en-us/103237", "https://support.apple.com/en-us/HT212807" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "macOS Big Sur", "macOS Catalina" ], "credit": "an anonymous researcher", "description": "An access issue was addressed with improved access restrictions.", "id": "CVE-2021-30850", "impact": "A user may gain access to protected parts of the file system", "links": [ "https://support.apple.com//en-us/103147", "https://support.apple.com//en-us/103148", "https://support.apple.com//en-us/103153" ], "module": "Sandbox", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur and macOS Catalina" ], "credit": "Samuel Gro\u00df of Google Project Zero", "description": "A memory corruption vulnerability was addressed with improved locking.", "id": "CVE-2021-30851", "impact": "Processing maliciously crafted web content may lead to code execution", "links": [ "https://support.apple.com//en-us/103153", "https://support.apple.com//en-us/103156", "https://support.apple.com//en-us/103235", "https://support.apple.com//en-us/103236", "https://support.apple.com//en-us/103237" ], "module": "WebKit", "rsr": "", "update": "November 18, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "Windows 10 and later", "Windows 10 and later via the Microsoft Store", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Yinyi Wu (@3ndy1) of Ant Security Light-Year Lab", "description": "A type confusion issue was addressed with improved memory handling.", "id": "CVE-2021-30852", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com//en-us/103153", "https://support.apple.com//en-us/103154", "https://support.apple.com//en-us/103156", "https://support.apple.com//en-us/103168", "https://support.apple.com//en-us/103235", "https://support.apple.com//en-us/103236", "https://support.apple.com/en-us/HT212807" ], "module": "Foundation", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur" ], "credit": "Gordon Long (@ethicalhax) of Box, Inc.", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-30853", "impact": "A malicious application may bypass Gatekeeper checks", "links": [ "https://support.apple.com//en-us/103147" ], "module": "Gatekeeper", "rsr": "", "update": "September 20, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com)", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2021-30854", "impact": "A sandboxed process may be able to circumvent sandbox restrictions", "links": [ "https://support.apple.com//en-us/103153", "https://support.apple.com//en-us/103156", "https://support.apple.com//en-us/103235" ], "module": "Preferences", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina" ], "credit": "Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com)", "description": "A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks.", "id": "CVE-2021-30855", "impact": "An application may be able to access restricted files", "links": [ "https://support.apple.com//en-us/103147", "https://support.apple.com//en-us/103148", "https://support.apple.com//en-us/103153", "https://support.apple.com//en-us/103156", "https://support.apple.com//en-us/103235", "https://support.apple.com/en-us/HT212807" ], "module": "Preferences", "rsr": "", "update": "January 19, 2022" }, { "available": [ "macOS Big Sur" ], "credit": "Csaba Fitzl (@theevilbit) of Offensive Security, Andy Grant of Zoom Video Communications, Thijs Alkemade of Computest Research Division, Wojciech Regu\u0142a of SecuRing (wojciechregula.blog), Cody Thomas of SpecterOps, Mickey Jin of Trend Micro", "description": "This issue was addressed by adding a new Remote Login option for opting into Full Disk Access for Secure Shell sessions.", "id": "CVE-2021-30856", "impact": "A malicious unsandboxed app on a system with Remote Login enabled may bypass Privacy preferences", "links": [ "https://support.apple.com/en-us/HT212325" ], "module": "TCC", "rsr": "", "update": "January 19, 2022, updated May 25, 2022" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina" ], "credit": "Manish Bhatt of Red Team X @Meta, Zweig of Kunlun Lab", "description": "A race condition was addressed with improved locking.", "id": "CVE-2021-30857", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com//en-us/103147", "https://support.apple.com//en-us/103148", "https://support.apple.com//en-us/103153", "https://support.apple.com//en-us/103156", "https://support.apple.com//en-us/103235", "https://support.apple.com/en-us/HT212807" ], "module": "Kernel", "rsr": "", "update": "May 25, 2022" }, { "available": [ "iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina and macOS Mojave" ], "credit": "an anonymous researcher", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2021-30858", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.", "links": [ "https://support.apple.com//en-us/103147", "https://support.apple.com//en-us/103151", "https://support.apple.com//en-us/103157", "https://support.apple.com/en-us/HT212807" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina" ], "credit": "Apple", "description": "A type confusion issue was addressed with improved state handling.", "id": "CVE-2021-30859", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com//en-us/103147", "https://support.apple.com//en-us/103148", "https://support.apple.com/en-us/HT212807" ], "module": "Kernel", "rsr": "", "update": "September 20, 2021" }, { "available": [ "Apple Watch Series 3 and later", "iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina" ], "credit": "The Citizen Lab", "description": "An integer overflow was addressed with improved input validation.", "id": "CVE-2021-30860", "impact": "Processing a maliciously crafted PDF may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.", "links": [ "https://support.apple.com//en-us/103147", "https://support.apple.com//en-us/103148", "https://support.apple.com//en-us/103157", "https://support.apple.com/en-us/HT212806", "https://support.apple.com/en-us/HT212807" ], "module": "CoreGraphics", "rsr": "", "update": "" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "macOS Big Sur and macOS Catalina" ], "credit": "Wojciech Regu\u0142a (@_r3ggi), Ryan Pickren (ryanpickren.com)", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2021-30861", "impact": "A malicious application may bypass Gatekeeper checks", "links": [ "https://support.apple.com//en-us/103236", "https://support.apple.com//en-us/103237" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iOS 12.4 and later or iPadOS 12.4 and later" ], "credit": "Giyas Umarov (@3h6_1) of Holmdel High School", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2021-30862", "impact": "Processing a maliciously crafted URL may lead to arbitrary javascript code execution", "links": [ "https://support.apple.com//en-us/103152" ], "module": "iTunes U", "rsr": "", "update": "" }, { "available": [ "iPhone X, iPhone XR, iPhone XS (all models), iPhone 11 (all models), iPhone 12 (all models), iPad Pro (11-inch), and iPad Pro (3rd generation)" ], "credit": "Wish Wu (\u5434\u6f4d\u6d60 @wish_wu) of Ant Group Tianqiong Security Lab", "description": "This issue was addressed by improving Face ID anti-spoofing models.", "id": "CVE-2021-30863", "impact": "A 3D model constructed to look like the enrolled user may be able to authenticate via Face ID", "links": [ "https://support.apple.com//en-us/103235" ], "module": "Face ID", "rsr": "", "update": "January 19, 2022" }, { "available": [ "Available for devices with Apple Neural Engine: iPhone 8 and later, iPad Pro (3rd generation) and later, iPad Air (3rd generation) and later, and iPad mini (5th generation)", "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "macOS Big Sur" ], "credit": "Ron Hass (@ronhass7) of Perception Point", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2021-30864", "impact": "A sandboxed process may be able to circumvent sandbox restrictions", "links": [ "https://support.apple.com//en-us/103147", "https://support.apple.com//en-us/103236", "https://support.apple.com/en-us/HT212807" ], "module": "LaunchServices", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina" ], "credit": "Zweig of Kunlun Lab", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2021-30865", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com//en-us/103147", "https://support.apple.com//en-us/103148" ], "module": "Kernel", "rsr": "", "update": "September 20, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Fabien Duch\u00eane of UCLouvain (Belgium)", "description": "A user privacy issue was addressed by removing the broadcast MAC address.", "id": "CVE-2021-30866", "impact": "A device may be passively tracked by its WiFi MAC address", "links": [ "https://support.apple.com//en-us/103153", "https://support.apple.com//en-us/103156", "https://support.apple.com//en-us/103235", "https://support.apple.com//en-us/103236" ], "module": "bootp", "rsr": "", "update": "November 18, 2021" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Csaba Fitzl (@theevilbit) of Offensive Security", "description": "The issue was addressed with improved authentication.", "id": "CVE-2021-30867", "impact": "A malicious application may be able to access photo metadata without needing permission to access photos", "links": [ "https://support.apple.com//en-us/103235", "https://support.apple.com//en-us/103236" ], "module": "iCloud Photo Library", "rsr": "", "update": "November 18, 2021" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "macOS Big Sur" ], "credit": "Peter Nguyen Vu Hoang of STAR Labs", "description": "A race condition was addressed with improved locking.", "id": "CVE-2021-30868", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com//en-us/103164", "https://support.apple.com//en-us/103236" ], "module": "SMB", "rsr": "", "update": "" }, { "available": [ "iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur 11.0.1", "macOS Catalina" ], "credit": "Erye Hernandez of Google Threat Analysis Group, Cl\u00e9ment Lecigne of Google Threat Analysis Group, and Ian Beer of Google Project Zero", "description": "A type confusion issue was addressed with improved state handling.", "id": "CVE-2021-30869", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges. Apple is aware of reports that an exploit for this issue exists in the wild.", "links": [ "https://support.apple.com//en-us/103157", "https://support.apple.com//en-us/103158", "https://support.apple.com/en-us/HT212146", "https://support.apple.com/en-us/HT212147" ], "module": "XNU", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Saif Hamed Al Hinai Oman CERT", "description": "A logic issue existed in the handling of document loads. This issue was addressed with improved state management.", "id": "CVE-2021-30870", "impact": "Previewing an html file attached to a note may unexpectedly contact remote servers", "links": [ "https://support.apple.com//en-us/103235" ], "module": "Quick Look", "rsr": "", "update": "October 25, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur" ], "credit": "Denis Tokarev (@illusionofcha0s)", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2021-30871", "impact": "A local attacker may be able to access analytics data", "links": [ "https://support.apple.com/en-us/HT212601", "https://support.apple.com/en-us/HT212602", "https://support.apple.com/en-us/HT212604", "https://support.apple.com/en-us/HT212605" ], "module": "Analytics", "rsr": "", "update": "October 25, 2021, updated May 25, 2022" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "macOS Catalina" ], "credit": "Thijs Alkemade of Computest", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2021-30873", "impact": "A malicious application may be able to elevate privileges", "links": [ "https://support.apple.com//en-us/103163", "https://support.apple.com//en-us/103236" ], "module": "AppKit", "rsr": "", "update": "" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Javier Vieira Boccardo (linkedin.com/javier-vieira-boccardo)", "description": "An authorization issue was addressed with improved state management.", "id": "CVE-2021-30874", "impact": "A VPN configuration may be installed by an app without user permission", "links": [ "https://support.apple.com//en-us/103235", "https://support.apple.com//en-us/103236" ], "module": "NetworkExtension", "rsr": "", "update": "November 18, 2021" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Abhay Kailasia (@abhay_kailasia) of Lakshmi Narain College of Technology", "description": "A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management.", "id": "CVE-2021-30875", "impact": "A local attacker may be able to view contacts from the lock screen", "links": [ "https://support.apple.com//en-us/103161" ], "module": "Siri", "rsr": "", "update": "" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "macOS Big Sur", "macOS Catalina" ], "credit": "Jeremy Brown, hjy79425575", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2021-30876", "impact": "Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory", "links": [ "https://support.apple.com//en-us/103163", "https://support.apple.com//en-us/103164", "https://support.apple.com//en-us/103236" ], "module": "AppleScript", "rsr": "", "update": "" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "macOS Big Sur", "macOS Catalina" ], "credit": "Jeremy Brown", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2021-30877", "impact": "Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory", "links": [ "https://support.apple.com//en-us/103163", "https://support.apple.com//en-us/103164", "https://support.apple.com//en-us/103236" ], "module": "AppleScript", "rsr": "", "update": "" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "macOS Big Sur", "macOS Catalina" ], "credit": "Jeremy Brown, hjy79425575", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2021-30879", "impact": "Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory", "links": [ "https://support.apple.com//en-us/103163", "https://support.apple.com//en-us/103164", "https://support.apple.com//en-us/103236" ], "module": "AppleScript", "rsr": "", "update": "" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "macOS Big Sur", "macOS Catalina" ], "credit": "Jeremy Brown", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2021-30880", "impact": "Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory", "links": [ "https://support.apple.com//en-us/103163", "https://support.apple.com//en-us/103164", "https://support.apple.com//en-us/103236" ], "module": "AppleScript", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina" ], "credit": "Simon Huang (@HuangShaomang) and pjf of IceSword Lab of Qihoo 360", "description": "An input validation issue was addressed with improved memory handling.", "id": "CVE-2021-30881", "impact": "Unpacking a maliciously crafted archive may lead to arbitrary code execution", "links": [ "https://support.apple.com//en-us/103161", "https://support.apple.com//en-us/103163", "https://support.apple.com//en-us/103164", "https://support.apple.com//en-us/103165", "https://support.apple.com//en-us/103167", "https://support.apple.com//en-us/103236" ], "module": "FileProvider", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Adam Bellard and Spencer Reitman of Airtime", "description": "A logic issue was addressed with improved validation.", "id": "CVE-2021-30882", "impact": "An application with microphone permission may unexpectedly access microphone input during a FaceTime call", "links": [ "https://support.apple.com//en-us/103156", "https://support.apple.com//en-us/103235" ], "module": "FaceTime", "rsr": "", "update": "October 25, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur" ], "credit": "an anonymous researcher", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2021-30883", "impact": "An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.", "links": [ "https://support.apple.com//en-us/103159", "https://support.apple.com//en-us/103162", "https://support.apple.com//en-us/103164", "https://support.apple.com//en-us/103165", "https://support.apple.com//en-us/103167", "https://support.apple.com//en-us/103236" ], "module": "IOMobileFrameBuffer", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "an anonymous researcher", "description": "The issue was resolved with additional restrictions on CSS compositing.", "id": "CVE-2021-30884", "impact": "Visiting a maliciously crafted website may reveal a user's browsing history", "links": [ "https://support.apple.com//en-us/103153", "https://support.apple.com//en-us/103156", "https://support.apple.com//en-us/103235", "https://support.apple.com//en-us/103236" ], "module": "WebKit", "rsr": "", "update": "November 18, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "@0xalsr", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2021-30886", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com//en-us/103161", "https://support.apple.com//en-us/103165", "https://support.apple.com//en-us/103167", "https://support.apple.com//en-us/103236" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur and macOS Catalina" ], "credit": "Narendra Bhati (@imnarendrabhati) of Suma Soft Pvt. Ltd.", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2021-30887", "impact": "Processing maliciously crafted web content may lead to unexpectedly unenforced Content Security Policy", "links": [ "https://support.apple.com//en-us/103161", "https://support.apple.com//en-us/103165", "https://support.apple.com//en-us/103166", "https://support.apple.com//en-us/103167", "https://support.apple.com//en-us/103236" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur and macOS Catalina" ], "credit": "Prakash (@1lastBr3ath)", "description": "An information leakage issue was addressed.", "id": "CVE-2021-30888", "impact": "A malicious website using Content Security Policy reports may be able to leak information via redirect behavior", "links": [ "https://support.apple.com//en-us/103161", "https://support.apple.com//en-us/103162", "https://support.apple.com//en-us/103165", "https://support.apple.com//en-us/103166", "https://support.apple.com//en-us/103167", "https://support.apple.com//en-us/103236" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur and macOS Catalina" ], "credit": "Chijin Zhou of ShuiMuYuLin Ltd and Tsinghua wingtecher lab", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2021-30889", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com//en-us/103161", "https://support.apple.com//en-us/103165", "https://support.apple.com//en-us/103166", "https://support.apple.com//en-us/103167", "https://support.apple.com//en-us/103236" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur and macOS Catalina" ], "credit": "an anonymous researcher", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2021-30890", "impact": "Processing maliciously crafted web content may lead to universal cross site scripting", "links": [ "https://support.apple.com//en-us/103161", "https://support.apple.com//en-us/103165", "https://support.apple.com//en-us/103166", "https://support.apple.com//en-us/103167", "https://support.apple.com//en-us/103236" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "macOS Big Sur", "macOS Catalina" ], "credit": "Jonathan Bar Or of Microsoft", "description": "An inherited permissions issue was addressed with additional restrictions.", "id": "CVE-2021-30892", "impact": "A malicious application may be able to modify protected parts of the file system", "links": [ "https://support.apple.com//en-us/103163", "https://support.apple.com//en-us/103164", "https://support.apple.com//en-us/103236" ], "module": "zsh", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Pan ZhenPeng (@Peterpan0927) of Alibaba Security Pandora Lab", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2021-30894", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com//en-us/103161", "https://support.apple.com//en-us/103167" ], "module": "Image Processing", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur" ], "credit": "Denis Tokarev (@illusionofcha0s)", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2021-30895", "impact": "A malicious application may be able to access information about a user's contacts", "links": [ "https://support.apple.com//en-us/102876", "https://support.apple.com//en-us/103159", "https://support.apple.com//en-us/103161", "https://support.apple.com//en-us/103165", "https://support.apple.com//en-us/103167", "https://support.apple.com//en-us/103236" ], "module": "Game Center", "rsr": "", "update": "May 25, 2022" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Denis Tokarev", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2021-30896", "impact": "A malicious application may be able to read user's gameplay data", "links": [ "https://support.apple.com//en-us/103159", "https://support.apple.com//en-us/103165", "https://support.apple.com//en-us/103167", "https://support.apple.com//en-us/103236" ], "module": "Game Center", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "an anonymous researcher", "description": "An issue existed in the specification for the resource timing API. The specification was updated and the updated specification was implemented.", "id": "CVE-2021-30897", "impact": "A malicious website may exfiltrate data cross-origin", "links": [ "https://support.apple.com//en-us/103153", "https://support.apple.com//en-us/103235", "https://support.apple.com//en-us/103236" ], "module": "WebKit", "rsr": "", "update": "November 18, 2021" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Steven Troughton-Smith of High Caffeine Content (@stroughtonsmith)", "description": "An access issue was addressed with additional sandbox restrictions on third party applications.", "id": "CVE-2021-30898", "impact": "A malicious application may be able to access some of the user's Apple ID information, or recent in-app search terms", "links": [ "https://support.apple.com//en-us/103235" ], "module": "Privacy", "rsr": "", "update": "January 19, 2022" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "macOS Big Sur", "macOS Catalina" ], "credit": "Weiteng Chen, Zheng Zhang, and Zhiyun Qian of UC Riverside, and Yu Wang of Didi Research America", "description": "A race condition was addressed with improved state handling.", "id": "CVE-2021-30899", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com//en-us/103163", "https://support.apple.com//en-us/103164", "https://support.apple.com//en-us/103236" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur" ], "credit": "Yinyi Wu (@3ndy1) of Ant Security Light-Year Lab", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2021-30900", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com//en-us/103161", "https://support.apple.com//en-us/103162", "https://support.apple.com//en-us/103164" ], "module": "GPU Drivers", "rsr": "", "update": "" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "macOS Big Sur", "macOS Catalina" ], "credit": "Zuozhi Fan (@pattern_F_) of Ant Security TianQiong Lab, Yinyi Wu (@3ndy1) of Ant Security Light-Year Lab, Jack Dates of RET2 Systems, Inc.", "description": "Multiple out-of-bounds write issues were addressed with improved bounds checking.", "id": "CVE-2021-30901", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com//en-us/103163", "https://support.apple.com//en-us/103164", "https://support.apple.com//en-us/103236" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "08Tc3wBB of ZecOps Mobile EDR Team", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2021-30902", "impact": "A local attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com//en-us/103161", "https://support.apple.com//en-us/103162" ], "module": "Voice Control", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina" ], "credit": "Gongyu Ma of Hangzhou Dianzi University", "description": "An uncontrolled format string issue was addressed with improved input validation.", "id": "CVE-2021-30903", "impact": "A local attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com//en-us/103161", "https://support.apple.com//en-us/103162", "https://support.apple.com//en-us/103163", "https://support.apple.com//en-us/103164", "https://support.apple.com//en-us/103165", "https://support.apple.com//en-us/103167", "https://support.apple.com//en-us/103236" ], "module": "Continuity Camera", "rsr": "", "update": "May 25, 2022" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)" ], "credit": "Reed Meseck of IBM", "description": "A sync issue was addressed with improved state validation.", "id": "CVE-2021-30904", "impact": "A user's messages may continue to sync after the user has signed out of iMessage", "links": [ "https://support.apple.com//en-us/103236" ], "module": "Messages", "rsr": "", "update": "November 18, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina" ], "credit": "Mickey Jin (@patch1t) of Trend Micro", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2021-30905", "impact": "Processing a maliciously crafted file may disclose user information", "links": [ "https://support.apple.com//en-us/103161", "https://support.apple.com//en-us/103163", "https://support.apple.com//en-us/103164", "https://support.apple.com//en-us/103165", "https://support.apple.com//en-us/103167", "https://support.apple.com//en-us/103236", "https://support.apple.com/en-us/HT212807" ], "module": "CoreAudio", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina" ], "credit": "Cees Elzinga", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-30906", "impact": "A local attacker may be able to elevate their privileges", "links": [ "https://support.apple.com//en-us/103161", "https://support.apple.com//en-us/103163", "https://support.apple.com//en-us/103164", "https://support.apple.com//en-us/103165", "https://support.apple.com//en-us/103167", "https://support.apple.com//en-us/103236" ], "module": "iCloud", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina" ], "credit": "Zweig of Kunlun Lab", "description": "An integer overflow was addressed through improved input validation.", "id": "CVE-2021-30907", "impact": "A malicious application may be able to elevate privileges", "links": [ "https://support.apple.com//en-us/103161", "https://support.apple.com//en-us/103162", "https://support.apple.com//en-us/103163", "https://support.apple.com//en-us/103164", "https://support.apple.com//en-us/103165", "https://support.apple.com//en-us/103167", "https://support.apple.com//en-us/103236" ], "module": "Audio", "rsr": "", "update": "" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "macOS Big Sur" ], "credit": "ASentientBot", "description": "An authentication issue was addressed with improved state management.", "id": "CVE-2021-30908", "impact": "A local attacker may be able to view the previous logged in user\u2019s desktop from the fast user switching screen", "links": [ "https://support.apple.com//en-us/103164", "https://support.apple.com//en-us/103236" ], "module": "Windows Server", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina" ], "credit": "Zweig of Kunlun Lab", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2021-30909", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com//en-us/103161", "https://support.apple.com//en-us/103162", "https://support.apple.com//en-us/103163", "https://support.apple.com//en-us/103164", "https://support.apple.com//en-us/103165", "https://support.apple.com//en-us/103167", "https://support.apple.com//en-us/103236" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina" ], "credit": "Mickey Jin (@patch1t) of Trend Micro", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2021-30910", "impact": "Processing a maliciously crafted file may disclose user information", "links": [ "https://support.apple.com//en-us/103161", "https://support.apple.com//en-us/103163", "https://support.apple.com//en-us/103164", "https://support.apple.com//en-us/103167", "https://support.apple.com//en-us/103236" ], "module": "Model I/O", "rsr": "", "update": "" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina" ], "credit": "Rui Yang and Xingwei Lin of Ant Security Light-Year Lab", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2021-30911", "impact": "Processing a maliciously crafted USD file may disclose memory contents", "links": [ "https://support.apple.com//en-us/103161", "https://support.apple.com//en-us/103163", "https://support.apple.com//en-us/103164", "https://support.apple.com//en-us/103236" ], "module": "Model I/O", "rsr": "", "update": "" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "macOS Big Sur", "macOS Catalina" ], "credit": "Kirin (@Pwnrin) and chenyuwang (@mzzzz__) of Tencent Security Xuanwu Lab", "description": "The issue was addressed with improved permissions logic.", "id": "CVE-2021-30912", "impact": "A malicious application may gain access to a user's Keychain items", "links": [ "https://support.apple.com//en-us/103163", "https://support.apple.com//en-us/103164", "https://support.apple.com//en-us/103236" ], "module": "SoftwareUpdate", "rsr": "", "update": "" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "macOS Big Sur", "macOS Catalina" ], "credit": "Kirin (@Pwnrin) and chenyuwang (@mzzzz__) of Tencent Security Xuanwu Lab", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2021-30913", "impact": "An unprivileged application may be able to edit NVRAM variables", "links": [ "https://support.apple.com//en-us/103163", "https://support.apple.com//en-us/103164", "https://support.apple.com//en-us/103236" ], "module": "SoftwareUpdate", "rsr": "", "update": "May 25, 2022" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Zuozhi Fan (@pattern_F_) of Ant Security TianQiong Lab", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2021-30914", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com//en-us/103161" ], "module": "GPU Drivers", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina" ], "credit": "Kostas Angelopoulos", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2021-30915", "impact": "A person with physical access to a device may be determine characteristics of a user's password in a secure text entry field", "links": [ "https://support.apple.com//en-us/103161", "https://support.apple.com//en-us/103163", "https://support.apple.com//en-us/103164", "https://support.apple.com//en-us/103165", "https://support.apple.com//en-us/103167", "https://support.apple.com//en-us/103236" ], "module": "UIKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina" ], "credit": "Zweig of Kunlun Lab", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2021-30916", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com//en-us/102761", "https://support.apple.com//en-us/102885", "https://support.apple.com//en-us/103161", "https://support.apple.com//en-us/103162", "https://support.apple.com//en-us/103163", "https://support.apple.com//en-us/103164", "https://support.apple.com//en-us/103236" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina" ], "credit": "Alexandru-Vlad Niculae and Mateusz Jurczyk of Google Project Zero", "description": "A memory corruption issue existed in the processing of ICC profiles. This issue was addressed with improved input validation.", "id": "CVE-2021-30917", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com//en-us/103161", "https://support.apple.com//en-us/103162", "https://support.apple.com//en-us/103163", "https://support.apple.com//en-us/103164", "https://support.apple.com//en-us/103165", "https://support.apple.com//en-us/103167", "https://support.apple.com//en-us/103236" ], "module": "ColorSync", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "videosdebarraquito", "description": "A Lock Screen issue was addressed with improved state management.", "id": "CVE-2021-30918", "impact": "A user may be able to view restricted content from the Lock Screen", "links": [ "https://support.apple.com//en-us/103160", "https://support.apple.com//en-us/103162" ], "module": "Status Bar", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina" ], "credit": "", "description": "An out-of-bounds write was addressed with improved input validation.", "id": "CVE-2021-30919", "impact": "Processing a maliciously crafted PDF may lead to arbitrary code execution", "links": [ "https://support.apple.com//en-us/103161", "https://support.apple.com//en-us/103162", "https://support.apple.com//en-us/103163", "https://support.apple.com//en-us/103164", "https://support.apple.com//en-us/103165", "https://support.apple.com//en-us/103167", "https://support.apple.com//en-us/103236" ], "module": "CoreGraphics", "rsr": "", "update": "" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)" ], "credit": "Csaba Fitzl (@theevilbit) of Offensive Security", "description": "A permissions issue was addressed with improved validation.", "id": "CVE-2021-30920", "impact": "A local attacker may be able to read sensitive information", "links": [ "https://support.apple.com//en-us/103236" ], "module": "Sandbox", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Maximilian Blochberger of the Security in Distributed Systems Group of University of Hamburg", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2021-30921", "impact": "A user's password may be visible onscreen", "links": [ "https://support.apple.com/en-us/HT212317" ], "module": "UIKit", "rsr": "", "update": "January 19, 2022" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "macOS Big Sur", "macOS Catalina" ], "credit": "Jack Dates of RET2 Systems, Inc., Yinyi Wu (@3ndy1)", "description": "Multiple out-of-bounds write issues were addressed with improved bounds checking.", "id": "CVE-2021-30922", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com//en-us/103163", "https://support.apple.com//en-us/103164", "https://support.apple.com//en-us/103236" ], "module": "Intel Graphics Driver", "rsr": "", "update": "March 31, 2022" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Pan ZhenPeng (@Peterpan0927) of Alibaba Security", "description": "A race condition was addressed with improved locking.", "id": "CVE-2021-30923", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com//en-us/103161", "https://support.apple.com//en-us/103236" ], "module": "File System", "rsr": "", "update": "November 18, 2021" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Elaman Iskakov (@darling_x0r) of Effective and Alexey Katkov (@watman27)", "description": "A denial of service issue was addressed with improved state handling.", "id": "CVE-2021-30924", "impact": "A remote attacker can cause a device to unexpectedly restart", "links": [ "https://support.apple.com//en-us/103161", "https://support.apple.com//en-us/103165", "https://support.apple.com//en-us/103167", "https://support.apple.com//en-us/103236" ], "module": "Kernel", "rsr": "", "update": "November 18, 2021" }, { "available": [ "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur" ], "credit": "Csaba Fitzl (@theevilbit) of Offensive Security", "description": "The issue was addressed with improved permissions logic.", "id": "CVE-2021-30925", "impact": "A malicious application may be able to bypass Privacy preferences", "links": [ "https://support.apple.com//en-us/103147", "https://support.apple.com//en-us/103156", "https://support.apple.com//en-us/103235" ], "module": "Sandbox", "rsr": "", "update": "January 19, 2022" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Jeremy Brown", "description": "A memory corruption issue in the processing of ICC profiles was addressed with improved input validation.", "id": "CVE-2021-30926", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com//en-us/102761", "https://support.apple.com//en-us/102874", "https://support.apple.com//en-us/102885", "https://support.apple.com//en-us/103162", "https://support.apple.com//en-us/103163", "https://support.apple.com//en-us/103164" ], "module": "ColorSync", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Xinru Chi of Pangu Lab", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2021-30927", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com//en-us/102761", "https://support.apple.com//en-us/102874", "https://support.apple.com//en-us/102876", "https://support.apple.com//en-us/102885", "https://support.apple.com//en-us/103169" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Windows 10 and later", "Windows 10 and later via the Microsoft Store", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur" ], "credit": "Mickey Jin (@patch1t) of Trend Micro", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2021-30928", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com//en-us/103147", "https://support.apple.com//en-us/103153", "https://support.apple.com//en-us/103154", "https://support.apple.com//en-us/103156", "https://support.apple.com//en-us/103168", "https://support.apple.com//en-us/103235", "https://support.apple.com/en-us/HT212807" ], "module": "CoreGraphics", "rsr": "", "update": "May 25, 2022" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Rui Yang and Xingwei Lin of Ant Security Light-Year Lab", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2021-30929", "impact": "Processing a maliciously crafted USD file may disclose memory contents", "links": [ "https://support.apple.com//en-us/102874", "https://support.apple.com//en-us/102876", "https://support.apple.com//en-us/103169" ], "module": "Model I/O", "rsr": "", "update": "" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur and macOS Catalina" ], "credit": "Oguz K\u0131rat, Matthias Keller (m-keller.com)", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2021-30930", "impact": "An attacker may be able to track users through their IP address", "links": [ "https://support.apple.com//en-us/103235", "https://support.apple.com//en-us/103236", "https://support.apple.com//en-us/103237" ], "module": "WebRTC", "rsr": "", "update": "November 18, 2021, updated September 16, 2022" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "macOS Big Sur", "macOS Catalina" ], "credit": "Weiteng Chen, Zheng Zhang, and Zhiyun Qian of UC Riverside, and Yu Wang of Didi Research America", "description": "A logic issue was addressed with improved validation.", "id": "CVE-2021-30931", "impact": "A malicious application may be able to disclose kernel memory", "links": [ "https://support.apple.com//en-us/102876", "https://support.apple.com//en-us/103169", "https://support.apple.com//en-us/103236" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "macOS Big Sur" ], "credit": "Jack Dates of RET2 Systems, Inc.", "description": "A race condition was addressed with improved state handling.", "id": "CVE-2021-30933", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com//en-us/103147", "https://support.apple.com//en-us/103236" ], "module": "Graphics Drivers", "rsr": "", "update": "March 31, 2022" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "macOS Big Sur and macOS Catalina", "macOS Monterey" ], "credit": "Dani Biro", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2021-30934", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com//en-us/102761", "https://support.apple.com//en-us/102874", "https://support.apple.com//en-us/102885", "https://support.apple.com//en-us/103170" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "an anonymous researcher", "description": "A logic issue was addressed with improved validation.", "id": "CVE-2021-30935", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com//en-us/102874", "https://support.apple.com//en-us/102876", "https://support.apple.com//en-us/103169" ], "module": "CoreBluetooth", "rsr": "", "update": "May 25, 2022" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "macOS Big Sur and macOS Catalina", "macOS Monterey" ], "credit": "Chijin Zhou of ShuiMuYuLin Ltd and Tsinghua wingtecher lab", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2021-30936", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com//en-us/102761", "https://support.apple.com//en-us/102874", "https://support.apple.com//en-us/102885", "https://support.apple.com//en-us/103170" ], "module": "WebKit", "rsr": "", "update": "May 25, 2022" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Sergei Glazunov of Google Project Zero", "description": "A memory corruption vulnerability was addressed with improved locking.", "id": "CVE-2021-30937", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com//en-us/102761", "https://support.apple.com//en-us/102874", "https://support.apple.com//en-us/102876", "https://support.apple.com//en-us/102885", "https://support.apple.com//en-us/103169" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Xinru Chi of Pangu Lab", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-30938", "impact": "A local user may be able to cause unexpected system termination or read kernel memory", "links": [ "https://support.apple.com//en-us/102874", "https://support.apple.com//en-us/102876", "https://support.apple.com//en-us/103169" ], "module": "Wi-Fi", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Mickey Jin (@patch1t) of Trend Micro, Jaewon Min of Cisco Talos, Rui Yang and Xingwei Lin of Ant Security Light-Year Lab", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2021-30939", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com//en-us/102761", "https://support.apple.com//en-us/102874", "https://support.apple.com//en-us/102876", "https://support.apple.com//en-us/102885", "https://support.apple.com//en-us/103169" ], "module": "ImageIO", "rsr": "", "update": "May 25, 2022" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Rui Yang and Xingwei Lin of Ant Security Light-Year Lab", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2021-30940", "impact": "Processing a maliciously crafted USD file may disclose memory contents", "links": [ "https://support.apple.com//en-us/102874", "https://support.apple.com//en-us/102876", "https://support.apple.com//en-us/103169" ], "module": "Model I/O", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Rui Yang and Xingwei Lin of Ant Security Light-Year Lab", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2021-30941", "impact": "Processing a maliciously crafted USD file may disclose memory contents", "links": [ "https://support.apple.com//en-us/102874", "https://support.apple.com//en-us/102876", "https://support.apple.com//en-us/103169" ], "module": "Model I/O", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Mateusz Jurczyk of Google Project Zero", "description": "A memory corruption issue in the processing of ICC profiles was addressed with improved input validation.", "id": "CVE-2021-30942", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com//en-us/102761", "https://support.apple.com//en-us/102874", "https://support.apple.com//en-us/102876", "https://support.apple.com//en-us/102885", "https://support.apple.com//en-us/103169" ], "module": "ColorSync", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 3 and later", "macOS Monterey" ], "credit": "Joshua Sardella", "description": "An issue in the handling of group membership was resolved with improved logic.", "id": "CVE-2021-30943", "impact": "A malicious user may be able to leave a messages group but continue to receive messages in that group", "links": [ "https://support.apple.com//en-us/102761", "https://support.apple.com//en-us/102874" ], "module": "Messages", "rsr": "", "update": "May 25, 2022" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "macOS Monterey" ], "credit": "Wojciech Regu\u0142a (@_r3ggi) of SecuRing", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2021-30944", "impact": "A malicious app may be able to access data from other apps by enabling additional logging", "links": [ "https://support.apple.com//en-us/102761", "https://support.apple.com//en-us/102874", "https://support.apple.com//en-us/102885" ], "module": "SQLite", "rsr": "", "update": "May 25, 2022" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com)", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-30945", "impact": "A local attacker may be able to elevate their privileges", "links": [ "https://support.apple.com//en-us/102761", "https://support.apple.com//en-us/102874", "https://support.apple.com//en-us/102876", "https://support.apple.com//en-us/102885", "https://support.apple.com//en-us/103169" ], "module": "Crash Reporter", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 3 and later", "macOS Big Sur", "macOS Monterey" ], "credit": "@gorelics, and Ron Masas of BreakPoint.sh", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2021-30946", "impact": "A malicious application may be able to bypass certain Privacy preferences", "links": [ "https://support.apple.com//en-us/102761", "https://support.apple.com//en-us/102874", "https://support.apple.com//en-us/102876" ], "module": "Sandbox", "rsr": "", "update": "May 11, 2023" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "macOS Big Sur", "macOS Monterey" ], "credit": "Csaba Fitzl (@theevilbit) of Offensive Security", "description": "An access issue was addressed with additional sandbox restrictions.", "id": "CVE-2021-30947", "impact": "An application may be able to access a user's files", "links": [ "https://support.apple.com//en-us/102761", "https://support.apple.com//en-us/102874", "https://support.apple.com//en-us/102876", "https://support.apple.com//en-us/102885" ], "module": "Sandbox", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Ian Beer of Google Project Zero", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2021-30949", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com//en-us/102761", "https://support.apple.com//en-us/102874", "https://support.apple.com//en-us/102876", "https://support.apple.com//en-us/102885", "https://support.apple.com//en-us/103169" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "@gorelics", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2021-30950", "impact": "A malicious application may bypass Gatekeeper checks", "links": [ "https://support.apple.com//en-us/102874", "https://support.apple.com//en-us/102876", "https://support.apple.com//en-us/103169" ], "module": "Archive Utility", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "macOS Big Sur and macOS Catalina", "macOS Monterey" ], "credit": "Pangu via Tianfu Cup", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2021-30951", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com//en-us/102761", "https://support.apple.com//en-us/102874", "https://support.apple.com//en-us/102885", "https://support.apple.com//en-us/103170" ], "module": "WebKit", "rsr": "", "update": "May 25, 2022" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "macOS Big Sur and macOS Catalina", "macOS Monterey" ], "credit": "@18f and @jq0904 of DBAPP Security\u2018s weibin lab via Tianfu Cup", "description": "An integer overflow was addressed with improved input validation.", "id": "CVE-2021-30952", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com//en-us/102761", "https://support.apple.com//en-us/102874", "https://support.apple.com//en-us/102885", "https://support.apple.com//en-us/103170" ], "module": "WebKit", "rsr": "", "update": "May 25, 2022" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "macOS Big Sur and macOS Catalina", "macOS Monterey" ], "credit": "Jianjun Dai of 360 Vulnerability Research Institute via Tianfu Cup", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2021-30953", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com//en-us/102761", "https://support.apple.com//en-us/102874", "https://support.apple.com//en-us/102885", "https://support.apple.com//en-us/103170" ], "module": "WebKit", "rsr": "", "update": "May 25, 2022" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "macOS Big Sur and macOS Catalina", "macOS Monterey" ], "credit": "Kunlun Lab via Tianfu Cup", "description": "A type confusion issue was addressed with improved memory handling.", "id": "CVE-2021-30954", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com//en-us/102761", "https://support.apple.com//en-us/102874", "https://support.apple.com//en-us/102885", "https://support.apple.com//en-us/103170" ], "module": "WebKit", "rsr": "", "update": "May 25, 2022" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "macOS Monterey" ], "credit": "Zweig of Kunlun Lab", "description": "A race condition was addressed with improved state handling.", "id": "CVE-2021-30955", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com//en-us/102761", "https://support.apple.com//en-us/102874", "https://support.apple.com//en-us/102885" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "macOS Big Sur", "macOS Monterey" ], "credit": "JunDong Xie of Ant Security Light-Year Lab", "description": "A buffer overflow was addressed with improved memory handling.", "id": "CVE-2021-30957", "impact": "Processing a maliciously crafted audio file may lead to arbitrary code execution", "links": [ "https://support.apple.com//en-us/102761", "https://support.apple.com//en-us/102874", "https://support.apple.com//en-us/102876", "https://support.apple.com//en-us/102885" ], "module": "CoreAudio", "rsr": "", "update": "May 25, 2022" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "JunDong Xie of Ant Security Light-Year Lab", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2021-30958", "impact": "Playing a malicious audio file may lead to arbitrary code execution", "links": [ "https://support.apple.com//en-us/102761", "https://support.apple.com//en-us/102874", "https://support.apple.com//en-us/102876", "https://support.apple.com//en-us/102885", "https://support.apple.com//en-us/103169" ], "module": "CoreAudio", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina" ], "credit": "JunDong Xie of Ant Security Light-Year Lab", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2021-30959", "impact": "Parsing a maliciously crafted audio file may lead to disclosure of user information", "links": [ "https://support.apple.com//en-us/102876", "https://support.apple.com//en-us/103169" ], "module": "CoreAudio", "rsr": "", "update": "May 25, 2022" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "macOS Monterey" ], "credit": "JunDong Xie of Ant Security Light-Year Lab", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2021-30960", "impact": "Parsing a maliciously crafted audio file may lead to disclosure of user information", "links": [ "https://support.apple.com//en-us/102761", "https://support.apple.com//en-us/102874", "https://support.apple.com//en-us/102885" ], "module": "Audio", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina" ], "credit": "JunDong Xie of Ant Security Light-Year Lab", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2021-30961", "impact": "Parsing a maliciously crafted audio file may lead to disclosure of user information", "links": [ "https://support.apple.com//en-us/102876", "https://support.apple.com//en-us/103169" ], "module": "CoreAudio", "rsr": "", "update": "May 25, 2022" }, { "available": [ "Apple TV 4K and Apple TV HD", "macOS Big Sur" ], "credit": "JunDong Xie of Ant Security Light-Year Lab", "description": "A memory initialization issue was addressed with improved memory handling.", "id": "CVE-2021-30962", "impact": "Parsing a maliciously crafted audio file may lead to disclosure of user information", "links": [ "https://support.apple.com//en-us/102876", "https://support.apple.com//en-us/102885" ], "module": "CoreAudio", "rsr": "", "update": "May 25, 2022" }, { "available": [ "macOS Big Sur", "macOS Catalina" ], "credit": "JunDong Xie of Ant Security Light-Year Lab", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2021-30963", "impact": "Parsing a maliciously crafted audio file may lead to disclosure of user information", "links": [ "https://support.apple.com//en-us/102876", "https://support.apple.com//en-us/103169" ], "module": "CoreAudio", "rsr": "", "update": "May 25, 2022" }, { "available": [ "Apple Watch Series 3 and later", "macOS Monterey" ], "credit": "Andy Grant of Zoom Video Communications", "description": "An inherited permissions issue was addressed with additional restrictions.", "id": "CVE-2021-30964", "impact": "A malicious application may be able to bypass Privacy preferences", "links": [ "https://support.apple.com//en-us/102761", "https://support.apple.com//en-us/102874" ], "module": "TCC", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Csaba Fitzl (@theevilbit) of Offensive Security", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2021-30965", "impact": "A malicious application may be able to cause a denial of service to Endpoint Security clients", "links": [ "https://support.apple.com//en-us/102874", "https://support.apple.com//en-us/102876", "https://support.apple.com//en-us/103169" ], "module": "TCC", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "macOS Monterey" ], "credit": "Michal Rajcan of Jamf, Matt Vlasach of Jamf (Wandera)", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2021-30966", "impact": "User traffic might unexpectedly be leaked to a proxy server despite PAC configurations", "links": [ "https://support.apple.com//en-us/102761", "https://support.apple.com//en-us/102874", "https://support.apple.com//en-us/102885" ], "module": "CFNetwork Proxies", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Csaba Fitzl (@theevilbit) of Offensive Security", "description": "A validation issue related to hard link behavior was addressed with improved sandbox restrictions.", "id": "CVE-2021-30968", "impact": "A malicious application may be able to bypass certain Privacy preferences", "links": [ "https://support.apple.com//en-us/102761", "https://support.apple.com//en-us/102874", "https://support.apple.com//en-us/102876", "https://support.apple.com//en-us/102885", "https://support.apple.com//en-us/103169" ], "module": "Sandbox", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina" ], "credit": "Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com)", "description": "A path handling issue was addressed with improved validation.", "id": "CVE-2021-30969", "impact": "Processing a maliciously crafted URL may cause unexpected JavaScript execution from a file on disk", "links": [ "https://support.apple.com//en-us/102876", "https://support.apple.com//en-us/103169" ], "module": "Help Viewer", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Monterey" ], "credit": "Jonathan Bar Or of Microsoft", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2021-30970", "impact": "A malicious application may be able to bypass Privacy preferences", "links": [ "https://support.apple.com//en-us/102874", "https://support.apple.com//en-us/102876" ], "module": "TCC", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Ye Zhang (@co0py_Cat) of Baidu Security", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2021-30971", "impact": "Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com//en-us/102874", "https://support.apple.com//en-us/102876", "https://support.apple.com//en-us/103169" ], "module": "Model I/O", "rsr": "", "update": "" }, { "available": [ "macOS Monterey" ], "credit": "Xuxiang Yang (@another1024), Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com), Csaba Fitzl (@theevilbit) of Offensive Security, jhftss (@patch1t), Wojciech Regu\u0142a (@_r3ggi)", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-30972", "impact": "A malicious application may be able to bypass certain Privacy preferences", "links": [ "https://support.apple.com//en-us/102874" ], "module": "TCC", "rsr": "", "update": "May 25, 2022" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Ye Zhang (@co0py_Cat) of Baidu Security", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2021-30973", "impact": "Processing a maliciously crafted file may disclose user information", "links": [ "https://support.apple.com//en-us/102874", "https://support.apple.com//en-us/102876", "https://support.apple.com//en-us/103169" ], "module": "Model I/O", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Ryan Pickren (ryanpickren.com)", "description": "This issue was addressed by disabling execution of JavaScript when viewing a scripting dictionary.", "id": "CVE-2021-30975", "impact": "A malicious OSAX scripting addition may bypass Gatekeeper checks and circumvent sandbox restrictions", "links": [ "https://support.apple.com//en-us/102874", "https://support.apple.com//en-us/102876", "https://support.apple.com//en-us/103169" ], "module": "Script Editor", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "chenyuwang (@mzzzz__) and Kirin (@Pwnrin) of Tencent Security Xuanwu Lab", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2021-30976", "impact": "A malicious application may bypass Gatekeeper checks", "links": [ "https://support.apple.com//en-us/102874", "https://support.apple.com//en-us/102876", "https://support.apple.com//en-us/103169" ], "module": "LaunchServices", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Jack Dates of RET2 Systems, Inc.", "description": "A buffer overflow was addressed with improved bounds checking.", "id": "CVE-2021-30977", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com//en-us/102874", "https://support.apple.com//en-us/102876", "https://support.apple.com//en-us/103169" ], "module": "Graphics Drivers", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Mickey Jin (@patch1t) of Trend Micro", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2021-30979", "impact": "Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com//en-us/102874", "https://support.apple.com//en-us/102876", "https://support.apple.com//en-us/103169" ], "module": "Model I/O", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Xinru Chi of Pangu Lab", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2021-30980", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com//en-us/102761", "https://support.apple.com//en-us/102874", "https://support.apple.com//en-us/102876", "https://support.apple.com//en-us/102885", "https://support.apple.com//en-us/103169" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Liu Long of Ant Security Light-Year Lab, Jack Dates of RET2 Systems, Inc.", "description": "A buffer overflow was addressed with improved bounds checking.", "id": "CVE-2021-30981", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com//en-us/102874", "https://support.apple.com//en-us/102876", "https://support.apple.com//en-us/103169" ], "module": "Intel Graphics Driver", "rsr": "", "update": "May 25, 2022" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Weiteng Chen, Zheng Zhang, and Zhiyun Qian of UC Riverside, and Yu Wang of Didi Research America", "description": "A race condition was addressed with improved locking.", "id": "CVE-2021-30982", "impact": "A remote attacker may be able to cause unexpected application termination or heap corruption", "links": [ "https://support.apple.com//en-us/102874", "https://support.apple.com//en-us/102876", "https://support.apple.com//en-us/103169" ], "module": "IOUSBHostFamily", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "macOS Big Sur and macOS Catalina", "macOS Monterey" ], "credit": "Kunlun Lab via Tianfu Cup", "description": "A race condition was addressed with improved state handling.", "id": "CVE-2021-30984", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com//en-us/102761", "https://support.apple.com//en-us/102874", "https://support.apple.com//en-us/102885", "https://support.apple.com//en-us/103170" ], "module": "WebKit", "rsr": "", "update": "May 25, 2022" }, { "available": [ "macOS Monterey" ], "credit": "Min (Spark) Zheng, Xiaolong Bai of Alibaba Inc.", "description": "A device configuration issue was addressed with an updated configuration.", "id": "CVE-2021-30986", "impact": "A device may be passively tracked by its Bluetooth MAC address", "links": [ "https://support.apple.com//en-us/102874" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "macOS Monterey" ], "credit": "Jason Meller, Fritz Ifert-Miller, and Joseph Sokol-Margolis of Kolide", "description": "An access issue was addressed with improved access restrictions.", "id": "CVE-2021-30987", "impact": "A device may be passively tracked via BSSIDs", "links": [ "https://support.apple.com//en-us/102874" ], "module": "Airport", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Ron Masas of BreakPoint.sh", "description": "A logic issue was addressed with improved validation.", "id": "CVE-2021-30990", "impact": "A malicious application may bypass Gatekeeper checks", "links": [ "https://support.apple.com//en-us/102874", "https://support.apple.com//en-us/102876", "https://support.apple.com//en-us/103169" ], "module": "LaunchServices", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "macOS Monterey" ], "credit": "OSS-Fuzz, Ned Williamson of Google Project Zero", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2021-30993", "impact": "An attacker in a privileged network position may be able to execute arbitrary code", "links": [ "https://support.apple.com//en-us/102761", "https://support.apple.com//en-us/102874", "https://support.apple.com//en-us/102885" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)" ], "credit": "Sergii Kryvoblotskyi of MacPaw Inc.", "description": "An access issue was addressed with improved access restrictions.", "id": "CVE-2021-30994", "impact": "A malicious application may be able to access local users' Apple IDs", "links": [ "https://support.apple.com//en-us/103236" ], "module": "App Store", "rsr": "", "update": "May 25, 2022" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Mickey Jin (@patch1t) of Trend Micro, Mickey Jin (@patch1t)", "description": "A race condition was addressed with improved state handling.", "id": "CVE-2021-30995", "impact": "A malicious application may be able to elevate privileges", "links": [ "https://support.apple.com//en-us/102761", "https://support.apple.com//en-us/102874", "https://support.apple.com//en-us/102876", "https://support.apple.com//en-us/102885", "https://support.apple.com//en-us/103169" ], "module": "Preferences", "rsr": "", "update": "" }, { "available": [ "macOS Monterey" ], "credit": "Saar Amar (@AmarSaar)", "description": "A race condition was addressed with improved state handling.", "id": "CVE-2021-30996", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com//en-us/102874" ], "module": "IOMobileFrameBuffer", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "an anonymous researcher", "description": "The issue was addressed with improved permissions logic.", "id": "CVE-2021-30999", "impact": "A user may be unable to fully delete browsing history", "links": [ "https://support.apple.com/en-us/HT212528" ], "module": "Safari", "rsr": "", "update": "May 25, 2022" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "macOS Monterey" ], "credit": "Denis Tokarev (@illusionofcha0s)", "description": "A permissions issue was addressed with improved validation.", "id": "CVE-2021-31000", "impact": "A malicious application may be able to read sensitive contact information", "links": [ "https://support.apple.com//en-us/102761", "https://support.apple.com//en-us/102874", "https://support.apple.com//en-us/102885" ], "module": "Game Center", "rsr": "", "update": "May 25, 2022" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Rajanish Pathak (@h4ckologic) and Hardik Mehta (@hardw00t)", "description": "An access issue was addressed with improved access restrictions.", "id": "CVE-2021-31001", "impact": "An attacker in a privileged network position may be able to leak sensitive user information", "links": [ "https://support.apple.com//en-us/103235" ], "module": "Telephony", "rsr": "", "update": "May 25, 2022" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "macOS Big Sur" ], "credit": "Peter Nguy\u1ec5n V\u0169 Ho\u00e0ng of STAR Labs", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2021-31002", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com//en-us/102876", "https://support.apple.com//en-us/103236" ], "module": "SMB", "rsr": "", "update": "September 16, 2022" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "macOS Big Sur" ], "credit": "Csaba Fitzl (@theevilbit) of Offensive Security", "description": "A race condition was addressed with improved locking.", "id": "CVE-2021-31004", "impact": "An application may be able to gain elevated privileges", "links": [ "https://support.apple.com//en-us/103236", "https://support.apple.com/en-us/HT212602" ], "module": "Security", "rsr": "", "update": "March 31, 2022" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Jonathan Austin of Wells Fargo, Attila Soki", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2021-31005", "impact": "Turning off \"Block all remote content\" may not apply to all remote content types", "links": [ "https://support.apple.com//en-us/103235", "https://support.apple.com//en-us/103236" ], "module": "WebKit", "rsr": "", "update": "March 31, 2022" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "macOS Big Sur" ], "credit": "Csaba Fitzl (@theevilbit) of Offensive Security", "description": "A permissions issue was addressed with improved validation.", "id": "CVE-2021-31006", "impact": "A malicious application may be able to bypass certain Privacy preferences", "links": [ "https://support.apple.com/en-us/HT212602", "https://support.apple.com/en-us/HT212604", "https://support.apple.com/en-us/HT212605" ], "module": "App Store", "rsr": "", "update": "May 25, 2022" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Monterey" ], "credit": "Csaba Fitzl (@theevilbit) of Offensive Security", "description": "A permissions issue was addressed with improved validation.", "id": "CVE-2021-31007", "impact": "A malicious application may be able to bypass Privacy preferences", "links": [ "https://support.apple.com//en-us/102874", "https://support.apple.com//en-us/102876", "https://support.apple.com//en-us/103161", "https://support.apple.com//en-us/103165", "https://support.apple.com//en-us/103167" ], "module": "File Provider", "rsr": "", "update": "May 25, 2022" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur and macOS Catalina" ], "credit": "", "description": "A type confusion issue was addressed with improved memory handling.", "id": "CVE-2021-31008", "impact": "Processing maliciously crafted web content may lead to code execution", "links": [ "https://support.apple.com//en-us/103165", "https://support.apple.com//en-us/103166", "https://support.apple.com//en-us/103167", "https://support.apple.com//en-us/103235", "https://support.apple.com//en-us/103236" ], "module": "WebKit", "rsr": "", "update": "March 31, 2022" }, { "available": [ "macOS Monterey" ], "credit": "Mickey Jin (@patch1t) of Trend Micro", "description": "Multiple issues were addressed by removing HDF5.", "id": "CVE-2021-31009", "impact": "Multiple issues in HDF5", "links": [ "https://support.apple.com//en-us/102874" ], "module": "Model I/O", "rsr": "", "update": "May 25, 2022" }, { "available": [ "Apple Watch Series 3 and later", "iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina" ], "credit": "Citizen Lab and Google Project Zero", "description": "A deserialization issue was addressed through improved validation.", "id": "CVE-2021-31010", "impact": "A sandboxed process may be able to circumvent sandbox restrictions. Apple was aware of a report that this issue may have been actively exploited at the time of release.", "links": [ "https://support.apple.com//en-us/103147", "https://support.apple.com//en-us/103148", "https://support.apple.com//en-us/103157", "https://support.apple.com/en-us/HT212806", "https://support.apple.com/en-us/HT212807" ], "module": "Core Telephony", "rsr": "", "update": "May 25, 2022" }, { "available": [ "Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later)" ], "credit": "Michal Moravec of Logicworks, s.r.o.", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2021-31011", "impact": "A user in a privileged network position may be able to leak sensitive user information", "links": [ "https://support.apple.com//en-us/103236" ], "module": "Managed Configuration", "rsr": "", "update": "September 16, 2022" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "macOS Big Sur", "macOS Monterey" ], "credit": "Daniel Lim Wee Soong of STAR Labs", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2021-31013", "impact": "Processing a maliciously crafted font may result in the disclosure of process memory", "links": [ "https://support.apple.com//en-us/102761", "https://support.apple.com//en-us/102874", "https://support.apple.com//en-us/102876", "https://support.apple.com//en-us/102885" ], "module": "FontParser", "rsr": "", "update": "September 16, 2022" }, { "available": [ "macOS Big Sur 11.2, macOS Catalina 10.15.7, macOS Mojave 10.14.6" ], "credit": "Qualys", "description": "This issue was addressed by updating to sudo version 1.9.5p2.", "id": "CVE-2021-3156", "impact": "A local attacker may be able to elevate their privileges", "links": [ "https://support.apple.com/en-us/HT212177" ], "module": "Sudo", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur" ], "credit": "", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-3518", "impact": "A remote attacker may be able to cause arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT212601", "https://support.apple.com/en-us/HT212602", "https://support.apple.com/en-us/HT212604", "https://support.apple.com/en-us/HT212605" ], "module": "libxml2", "rsr": "", "update": "" }, { "available": [ "Android version 5.0 and later" ], "credit": "Sourav Newatia (linkedin.com/in/sourav-newatia-5b0848a8)", "description": "This issue was addressed by using HTTPS when sending information over the network.", "id": "CVE-2021-46841", "impact": "An attacker in a privileged network position can track a user's activity", "links": [ "https://support.apple.com/en-us/HT213472" ], "module": "Apple Music on Android", "rsr": "", "update": "" } ] ================================================ FILE: 2021/README.md ================================================ # Apple CVE 2021 * data source: https://support.apple.com/en-us/HT201222 * [2021.json](2021.json) ## ITW | Index | CVE ID | Module | |:-----:|:------:|:------------------ | | 1 | CVE-2021-1782 | Kernel | | 2 | CVE-2021-1870 | WebKit | | 3 | CVE-2021-1871 | WebKit | | 4 | CVE-2021-1879 | WebKit | | 5 | CVE-2021-30657 | System Preferences | | 6 | CVE-2021-30661 | WebKit Storage | | 7 | CVE-2021-30665 | WebKit | | 8 | CVE-2021-30666 | WebKit | | 9 | CVE-2021-30761 | WebKit | | 10 | CVE-2021-30762 | WebKit | | 11 | CVE-2021-30807 | IOMobileFrameBuffer | | 12 | CVE-2021-30858 | WebKit | | 13 | CVE-2021-30860 | CoreGraphics | | 14 | CVE-2021-30869 | XNU | | 15 | CVE-2021-30883 | IOMobileFrameBuffer | ## Modules | Index | Module Name | CVE Count | |:-----:|:------------------ |:---------:| | 1 | WebKit | 53 | | 2 | ImageIO | 43 | | 3 | Kernel | 39 | | 4 | Model I/O | 30 | | 5 | FontParser | 18 | | 6 | CoreAudio | 15 | | 7 | Intel Graphics Driver | 14 | | 8 | OpenLDAP | 11 | | 9 | Sandbox | 10 | | 10 | Bluetooth | 9 | | 11 | TCC | 9 | | 12 | IDE Xcode Server | 8 | | 13 | Wi-Fi | 8 | | 14 | Measure | 7 | | 15 | Audio | 7 | | 16 | Preferences | 6 | | 17 | CoreText | 6 | | 18 | CoreGraphics | 6 | | 19 | smbx | 6 | | 20 | WebRTC | 5 | | 21 | Crash Reporter | 5 | | 22 | Heimdal | 5 | | 23 | AppleScript | 5 | | 24 | Login Window | 4 | | 25 | curl | 4 | | 26 | Messages | 4 | | 27 | Safari | 4 | | 28 | App Store | 4 | | 29 | LaunchServices | 4 | | 30 | Graphics Drivers | 4 | | 31 | SMB | 4 | | 32 | Foundation | 3 | | 33 | Telephony | 3 | | 34 | Siri | 3 | | 35 | FaceTime | 3 | | 36 | GPU Drivers | 3 | | 37 | SoftwareUpdate | 3 | | 38 | CVMS | 3 | | 39 | IOMobileFrameBuffer | 3 | | 40 | CUPS | 3 | | 41 | Game Center | 3 | | 42 | ColorSync | 3 | | 43 | Screen Sharing | 2 | | 44 | SQLite | 2 | | 45 | Directory Utility | 2 | | 46 | iTunes Store | 2 | | 47 | Analytics | 2 | | 48 | IOKit | 2 | | 49 | APFS | 2 | | 50 | Archive Utility | 2 | | 51 | AppleMobileFileIntegrity | 2 | | 52 | Notes | 2 | | 53 | Apple Neural Engine | 2 | | 54 | AMD | 2 | | 55 | Kext Management | 2 | | 56 | Mail | 2 | | 57 | AVEVideoEncoder | 2 | | 58 | IOUSBHostFamily | 2 | | 59 | Security | 2 | | 60 | CoreServices | 2 | | 61 | AppKit | 2 | | 62 | Image Processing | 2 | | 63 | UIKit | 2 | | 64 | libexpat | 1 | | 65 | Power Management | 1 | | 66 | CFNetwork Cache | 1 | | 67 | wifivelocityd | 1 | | 68 | tcpdump | 1 | | 69 | NetFSFramework | 1 | | 70 | Phone Keypad | 1 | | 71 | IOSkywalkFamily | 1 | | 72 | CoreMedia | 1 | | 73 | CoreAnimation | 1 | | 74 | Swift | 1 | | 75 | DiskArbitration | 1 | | 76 | FairPlay | 1 | | 77 | Xcode IDE | 1 | | 78 | Endpoint Security | 1 | | 79 | Core Motion | 1 | | 80 | Networking | 1 | | 81 | MobileInstallation | 1 | | 82 | Shortcuts | 1 | | 83 | MobileAccessoryUpdater | 1 | | 84 | Accessibility | 1 | | 85 | Assets | 1 | | 86 | Time Machine | 1 | | 87 | Wallet | 1 | | 88 | CFNetwork | 1 | | 89 | Quick Response | 1 | | 90 | Password Manager | 1 | | 91 | SampleAnalysis | 1 | | 92 | WindowServer | 1 | | 93 | libxslt | 1 | | 94 | NSRemoteView | 1 | | 95 | Git | 1 | | 96 | libxpc | 1 | | 97 | GarageBand | 1 | | 98 | System Preferences | 1 | | 99 | Installer | 1 | | 100 | CoreFoundation | 1 | | 101 | WebKit Storage | 1 | | 102 | Software Update | 1 | | 103 | Dock | 1 | | 104 | Boot Camp | 1 | | 105 | NSOpenPanel | 1 | | 106 | Core Services | 1 | | 107 | apache | 1 | | 108 | CommCenter | 1 | | 109 | PackageKit | 1 | | 110 | Compression | 1 | | 111 | MediaRemote | 1 | | 112 | iMovie | 1 | | 113 | ActionKit | 1 | | 114 | dyld | 1 | | 115 | Identity Service | 1 | | 116 | CoreStorage | 1 | | 117 | Identity Services | 1 | | 118 | Find My | 1 | | 119 | AMD Kernel | 1 | | 120 | Family Sharing | 1 | | 121 | IOGraphics | 1 | | 122 | CoreML | 1 | | 123 | xar | 1 | | 124 | Accessory Manager | 1 | | 125 | Gatekeeper | 1 | | 126 | iTunes U | 1 | | 127 | Face ID | 1 | | 128 | bootp | 1 | | 129 | iCloud Photo Library | 1 | | 130 | XNU | 1 | | 131 | Quick Look | 1 | | 132 | NetworkExtension | 1 | | 133 | FileProvider | 1 | | 134 | zsh | 1 | | 135 | Privacy | 1 | | 136 | Voice Control | 1 | | 137 | Continuity Camera | 1 | | 138 | iCloud | 1 | | 139 | Windows Server | 1 | | 140 | Status Bar | 1 | | 141 | File System | 1 | | 142 | CoreBluetooth | 1 | | 143 | CFNetwork Proxies | 1 | | 144 | Help Viewer | 1 | | 145 | Script Editor | 1 | | 146 | Airport | 1 | | 147 | File Provider | 1 | | 148 | Core Telephony | 1 | | 149 | Managed Configuration | 1 | | 150 | Sudo | 1 | | 151 | libxml2 | 1 | | 152 | Apple Music on Android | 1 | ================================================ FILE: 2022/2022.json ================================================ [ { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Kostya Kortchinsky of Google Security Team", "description": "This issue was addressed with improved checks.", "id": "CVE-2015-4142", "impact": "A remote attacker may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/HT213258" ], "module": "Wi-Fi", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Tavis Ormandy", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2018-25032", "impact": "An attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213255", "https://support.apple.com/en-us/HT213256", "https://support.apple.com/en-us/HT213257" ], "module": "zlib", "rsr": "", "update": "" }, { "available": [ "macOS Monterey 12 and later" ], "credit": "", "description": "Multiple issues were addressed with updating FasterXML jackson-databind and Apache Log4j2.", "id": "CVE-2019-14379", "impact": "Multiple issues in iTMSTransporter", "links": [ "https://support.apple.com/en-us/HT213189" ], "module": "iTMSTransporter", "rsr": "", "update": "" }, { "available": [ "macOS Monterey" ], "credit": "", "description": "Multiple issues were addressed by updating to curl version 7.79.1.", "id": "CVE-2021-22945", "impact": "Multiple issues in curl", "links": [ "https://support.apple.com/en-us/HT213183" ], "module": "curl", "rsr": "", "update": "March 21, 2022" }, { "available": [ "macOS Monterey" ], "credit": "", "description": "Multiple issues were addressed by updating to curl version 7.79.1.", "id": "CVE-2021-22946", "impact": "Multiple issues in curl", "links": [ "https://support.apple.com/en-us/HT213183" ], "module": "curl", "rsr": "", "update": "March 21, 2022" }, { "available": [ "macOS Monterey" ], "credit": "", "description": "Multiple issues were addressed by updating to curl version 7.79.1.", "id": "CVE-2021-22947", "impact": "Multiple issues in curl", "links": [ "https://support.apple.com/en-us/HT213183" ], "module": "curl", "rsr": "", "update": "March 21, 2022" }, { "available": [ "macOS Monterey" ], "credit": "Evgeny Kotkov, visualsvn.com", "description": "Multiple issues were addressed by updating subversion.", "id": "CVE-2021-28544", "impact": "Multiple issues in subversion", "links": [ "https://support.apple.com/en-us/HT213345" ], "module": "subversion", "rsr": "", "update": "" }, { "available": [ "macOS Monterey" ], "credit": "an anonymous researcher", "description": "A lock screen issue was addressed with improved state management.", "id": "CVE-2021-30918", "impact": "A user may be able to view restricted content from the lock screen", "links": [ "https://support.apple.com/en-us/HT213183" ], "module": "VoiceOver", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "@gorelics, and Ron Masas of BreakPoint.sh", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2021-30946", "impact": "An app may be able to bypass certain Privacy preferences", "links": [ "https://support.apple.com/en-us/HT213056", "https://support.apple.com/en-us/HT213182", "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213193", "https://support.apple.com/en-us/HT213256", "https://support.apple.com/en-us/HT213343", "https://support.apple.com/en-us/HT213344" ], "module": "LaunchServices", "rsr": "", "update": "June 6, 2023" }, { "available": [ "macOS Big Sur" ], "credit": "JunDong Xie of Ant Security Light-Year Lab", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2021-30960", "impact": "Parsing a maliciously crafted audio file may lead to disclosure of user information", "links": [ "https://support.apple.com/en-us/HT213055" ], "module": "Audio", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina" ], "credit": "Xuxiang Yang (@another1024), Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com), Csaba Fitzl (@theevilbit) of Offensive Security, jhftss (@patch1t), Wojciech Regu\u0142a (@_r3ggi)", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-30972", "impact": "A malicious application may be able to bypass certain Privacy preferences", "links": [ "https://support.apple.com/en-us/HT213055", "https://support.apple.com/en-us/HT213056" ], "module": "TCC", "rsr": "", "update": "May 25, 2022" }, { "available": [ "macOS Monterey" ], "credit": "Jack Dates of RET2 Systems, Inc.", "description": "A buffer overflow was addressed with improved bounds checking.", "id": "CVE-2021-30977", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213183" ], "module": "Graphics Drivers", "rsr": "", "update": "May 25, 2022" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 4 and later", "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 8 and later" ], "credit": "", "description": "This issue was addressed with improved checks.", "id": "CVE-2021-36690", "impact": "A remote user may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/HT213446", "https://support.apple.com/en-us/HT213486", "https://support.apple.com/en-us/HT213487", "https://support.apple.com/en-us/HT213488" ], "module": "SQLite", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Monterey" ], "credit": "", "description": "Multiple memory corruption issues existed in libarchive. These issues were addressed with improved input validation.", "id": "CVE-2021-36976", "impact": "Multiple issues in libarchive", "links": [ "https://support.apple.com/en-us/HT213182", "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213193" ], "module": "libarchive", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "macOS Big Sur", "macOS Monterey" ], "credit": "", "description": "A buffer overflow was addressed with improved bounds checking.", "id": "CVE-2021-39537", "impact": "A user may be able to cause unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213443", "https://support.apple.com/en-us/HT213444", "https://support.apple.com/en-us/HT213488" ], "module": "ncurses", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "", "description": "Multiple issues were addressed by updating Vim.", "id": "CVE-2021-4136", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213256", "https://support.apple.com/en-us/HT213343" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "", "description": "Multiple issues were addressed by updating Vim.", "id": "CVE-2021-4166", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213256", "https://support.apple.com/en-us/HT213343" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "", "description": "Multiple issues were addressed by updating Vim.", "id": "CVE-2021-4173", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213256", "https://support.apple.com/en-us/HT213343" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "", "description": "Multiple issues were addressed by updating Vim.", "id": "CVE-2021-4187", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213256", "https://support.apple.com/en-us/HT213343" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "", "description": "Multiple issues were addressed by updating Vim.", "id": "CVE-2021-4192", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213256", "https://support.apple.com/en-us/HT213343" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "", "description": "Multiple issues were addressed by updating Vim.", "id": "CVE-2021-4193", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213256", "https://support.apple.com/en-us/HT213343" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "", "description": "Multiple issues were addressed by updating apache to version 2.4.53.", "id": "CVE-2021-44224", "impact": "Multiple issues in apache", "links": [ "https://support.apple.com/en-us/HT213255", "https://support.apple.com/en-us/HT213256", "https://support.apple.com/en-us/HT213257" ], "module": "apache", "rsr": "", "update": "" }, { "available": [ "macOS Monterey 12 and later" ], "credit": "", "description": "Multiple issues were addressed with updating FasterXML jackson-databind and Apache Log4j2.", "id": "CVE-2021-44228", "impact": "Multiple issues in iTMSTransporter", "links": [ "https://support.apple.com/en-us/HT213189" ], "module": "iTMSTransporter", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "", "description": "Multiple issues were addressed by updating apache to version 2.4.53.", "id": "CVE-2021-44790", "impact": "Multiple issues in apache", "links": [ "https://support.apple.com/en-us/HT213255", "https://support.apple.com/en-us/HT213256", "https://support.apple.com/en-us/HT213257" ], "module": "apache", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "", "description": "This issue was addressed by updating to zsh version 5.8.1.", "id": "CVE-2021-45444", "impact": "A remote attacker may be able to cause arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213255", "https://support.apple.com/en-us/HT213256", "https://support.apple.com/en-us/HT213257" ], "module": "zsh", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "", "description": "Multiple issues were addressed by updating Vim.", "id": "CVE-2021-46059", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213256", "https://support.apple.com/en-us/HT213343" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "", "description": "Multiple issues were addressed by updating Vim.", "id": "CVE-2022-0128", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213256", "https://support.apple.com/en-us/HT213343" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Monterey" ], "credit": "", "description": "Multiple issues were addressed by updating Vim.", "id": "CVE-2022-0156", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213344" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Monterey" ], "credit": "", "description": "Multiple issues were addressed by updating Vim.", "id": "CVE-2022-0158", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213344" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "macOS Monterey" ], "credit": "", "description": "Multiple issues were addressed by updating Vim.", "id": "CVE-2022-0261", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213444", "https://support.apple.com/en-us/HT213488" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "macOS Monterey" ], "credit": "", "description": "Multiple issues were addressed by updating Vim.", "id": "CVE-2022-0318", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213444", "https://support.apple.com/en-us/HT213488" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "macOS Monterey" ], "credit": "", "description": "Multiple issues were addressed by updating Vim.", "id": "CVE-2022-0319", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213444", "https://support.apple.com/en-us/HT213488" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "macOS Monterey" ], "credit": "", "description": "Multiple issues were addressed by updating Vim.", "id": "CVE-2022-0351", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213444", "https://support.apple.com/en-us/HT213488" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "macOS Monterey" ], "credit": "", "description": "Multiple issues were addressed by updating Vim.", "id": "CVE-2022-0359", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213444", "https://support.apple.com/en-us/HT213488" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "macOS Monterey" ], "credit": "", "description": "Multiple issues were addressed by updating Vim.", "id": "CVE-2022-0361", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213444", "https://support.apple.com/en-us/HT213488" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "macOS Monterey" ], "credit": "", "description": "Multiple issues were addressed by updating Vim.", "id": "CVE-2022-0368", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213444", "https://support.apple.com/en-us/HT213488" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "macOS Monterey" ], "credit": "", "description": "Multiple issues were addressed by updating Vim.", "id": "CVE-2022-0392", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213444", "https://support.apple.com/en-us/HT213488" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "", "description": "A denial of service issue was addressed with improved state handling.", "id": "CVE-2022-0530", "impact": "Processing a maliciously crafted file may lead to a denial of service", "links": [ "https://support.apple.com/en-us/HT213255", "https://support.apple.com/en-us/HT213256", "https://support.apple.com/en-us/HT213257" ], "module": "zip", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "", "description": "Multiple issues were addressed by updating Vim.", "id": "CVE-2022-0554", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "", "description": "Multiple issues were addressed by updating Vim.", "id": "CVE-2022-0572", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "", "description": "Multiple issues were addressed by updating Vim.", "id": "CVE-2022-0629", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "", "description": "Multiple issues were addressed by updating Vim.", "id": "CVE-2022-0685", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "", "description": "Multiple issues were addressed by updating Vim.", "id": "CVE-2022-0696", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "", "description": "Multiple issues were addressed by updating Vim.", "id": "CVE-2022-0714", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "", "description": "Multiple issues were addressed by updating Vim.", "id": "CVE-2022-0729", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "", "description": "A denial of service issue was addressed with improved input validation.", "id": "CVE-2022-0778", "impact": "Processing a maliciously crafted certificate may lead to a denial of service", "links": [ "https://support.apple.com/en-us/HT213255", "https://support.apple.com/en-us/HT213256", "https://support.apple.com/en-us/HT213257" ], "module": "LibreSSL", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "", "description": "Multiple issues were addressed by updating Vim.", "id": "CVE-2022-0943", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "", "description": "Multiple issues were addressed by updating Vim.", "id": "CVE-2022-1381", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "", "description": "Multiple issues were addressed by updating Vim.", "id": "CVE-2022-1420", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "", "description": "Multiple issues were addressed by updating Vim.", "id": "CVE-2022-1616", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "", "description": "Multiple issues were addressed by updating Vim.", "id": "CVE-2022-1619", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "", "description": "Multiple issues were addressed by updating Vim.", "id": "CVE-2022-1620", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "", "description": "Multiple issues were addressed by updating Vim.", "id": "CVE-2022-1621", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 4 and later", "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 8 and later", "macOS Big Sur", "macOS Monterey" ], "credit": "", "description": "A denial-of-service issue was addressed with improved validation.", "id": "CVE-2022-1622", "impact": "Processing an image may lead to a denial-of-service", "links": [ "https://support.apple.com/en-us/HT213443", "https://support.apple.com/en-us/HT213444", "https://support.apple.com/en-us/HT213446", "https://support.apple.com/en-us/HT213486", "https://support.apple.com/en-us/HT213487", "https://support.apple.com/en-us/HT213488" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "", "description": "Multiple issues were addressed by updating Vim.", "id": "CVE-2022-1629", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "", "description": "Multiple issues were addressed by updating Vim.", "id": "CVE-2022-1674", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "macOS Big Sur", "macOS Monterey" ], "credit": "", "description": "Multiple issues were addressed by updating Vim.", "id": "CVE-2022-1720", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213443", "https://support.apple.com/en-us/HT213444", "https://support.apple.com/en-us/HT213488" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "", "description": "Multiple issues were addressed by updating Vim.", "id": "CVE-2022-1725", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "", "description": "Multiple issues were addressed by updating Vim.", "id": "CVE-2022-1733", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "", "description": "Multiple issues were addressed by updating Vim.", "id": "CVE-2022-1735", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "", "description": "Multiple issues were addressed by updating Vim.", "id": "CVE-2022-1769", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "", "description": "Multiple issues were addressed by updating Vim.", "id": "CVE-2022-1851", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "", "description": "Multiple issues were addressed by updating Vim.", "id": "CVE-2022-1897", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "", "description": "Multiple issues were addressed by updating Vim.", "id": "CVE-2022-1898", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "", "description": "Multiple issues were addressed by updating Vim.", "id": "CVE-2022-1927", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "", "description": "Multiple issues were addressed by updating Vim.", "id": "CVE-2022-1942", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "", "description": "Multiple issues were addressed by updating Vim.", "id": "CVE-2022-1968", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "macOS Big Sur", "macOS Monterey" ], "credit": "", "description": "Multiple issues were addressed by updating Vim.", "id": "CVE-2022-2000", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213443", "https://support.apple.com/en-us/HT213444", "https://support.apple.com/en-us/HT213488" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "macOS Big Sur", "macOS Monterey" ], "credit": "", "description": "Multiple issues were addressed by updating Vim.", "id": "CVE-2022-2042", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213443", "https://support.apple.com/en-us/HT213444", "https://support.apple.com/en-us/HT213488" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "macOS Big Sur", "macOS Monterey" ], "credit": "", "description": "Multiple issues were addressed by updating Vim.", "id": "CVE-2022-2124", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213443", "https://support.apple.com/en-us/HT213444", "https://support.apple.com/en-us/HT213488" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "macOS Big Sur", "macOS Monterey" ], "credit": "", "description": "Multiple issues were addressed by updating Vim.", "id": "CVE-2022-2125", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213443", "https://support.apple.com/en-us/HT213444", "https://support.apple.com/en-us/HT213488" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "macOS Big Sur", "macOS Monterey" ], "credit": "", "description": "Multiple issues were addressed by updating Vim.", "id": "CVE-2022-2126", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213443", "https://support.apple.com/en-us/HT213444", "https://support.apple.com/en-us/HT213488" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Monterey" ], "credit": "Florian Weimer (@fweimer)", "description": "A race condition was addressed with additional validation.", "id": "CVE-2022-21658", "impact": "An application may be able to delete files for which it does not have permission", "links": [ "https://support.apple.com/en-us/HT213182", "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213186", "https://support.apple.com/en-us/HT213193" ], "module": "LLVM", "rsr": "", "update": "May 25, 2022" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Monterey" ], "credit": "Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com)", "description": "A logic issue was addressed with improved validation.", "id": "CVE-2022-22578", "impact": "A malicious application may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/HT213053", "https://support.apple.com/en-us/HT213054", "https://support.apple.com/en-us/HT213057", "https://support.apple.com/en-us/HT213059" ], "module": "Crash Reporter", "rsr": "", "update": "May 25, 2022" }, { "available": [ "Apple TV 4K and Apple TV HD", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Mickey Jin (@patch1t) of Trend Micro", "description": "An information disclosure issue was addressed with improved state management.", "id": "CVE-2022-22579", "impact": "Processing a maliciously crafted STL file may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213053", "https://support.apple.com/en-us/HT213054", "https://support.apple.com/en-us/HT213055", "https://support.apple.com/en-us/HT213056", "https://support.apple.com/en-us/HT213057" ], "module": "Model I/O", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Richard Warren of NCC Group", "description": "A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks.", "id": "CVE-2022-22582", "impact": "A local user may be able to write arbitrary files", "links": [ "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213184", "https://support.apple.com/en-us/HT213185" ], "module": "xar", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Ron Hass (@ronhass7) of Perception Point, Mickey Jin (@patch1t)", "description": "A permissions issue was addressed with improved validation.", "id": "CVE-2022-22583", "impact": "An application may be able to access restricted files", "links": [ "https://support.apple.com/en-us/HT213054", "https://support.apple.com/en-us/HT213055", "https://support.apple.com/en-us/HT213056" ], "module": "PackageKit", "rsr": "", "update": "May 25, 2022" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Monterey" ], "credit": "Mickey Jin (@patch1t) of Trend Micro", "description": "A memory corruption issue was addressed with improved validation.", "id": "CVE-2022-22584", "impact": "Processing a maliciously crafted file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213053", "https://support.apple.com/en-us/HT213054", "https://support.apple.com/en-us/HT213057", "https://support.apple.com/en-us/HT213059" ], "module": "ColorSync", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Monterey" ], "credit": "Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab (https://xlab.tencent.com)", "description": "An issue existed within the path validation logic for symlinks. This issue was addressed with improved path sanitization.", "id": "CVE-2022-22585", "impact": "An application may be able to access a user's files", "links": [ "https://support.apple.com/en-us/HT213053", "https://support.apple.com/en-us/HT213054", "https://support.apple.com/en-us/HT213055", "https://support.apple.com/en-us/HT213057", "https://support.apple.com/en-us/HT213059" ], "module": "iCloud", "rsr": "", "update": "" }, { "available": [ "macOS Monterey" ], "credit": "an anonymous researcher", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2022-22586", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213054" ], "module": "AMD Kernel", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Monterey" ], "credit": "an anonymous researcher, Meysam Firouzi (@R00tkitSMM) of MBition - Mercedes-Benz Innovation Lab, Siddharth Aeri (@b1n4r1b01)", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2022-22587", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.", "links": [ "https://support.apple.com/en-us/HT213053", "https://support.apple.com/en-us/HT213054", "https://support.apple.com/en-us/HT213055" ], "module": "IOMobileFrameBuffer", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Trevor Spiniolas (@TrevorSpiniolas)", "description": "A resource exhaustion issue was addressed with improved input validation.", "id": "CVE-2022-22588", "impact": "Processing a maliciously crafted HomeKit accessory name may cause a denial of service", "links": [ "https://support.apple.com/en-us/HT213043" ], "module": "HomeKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Big Sur and macOS Catalina", "macOS Catalina", "macOS Monterey" ], "credit": "Heige of KnownSec 404 Team (knownsec.com) and Bo Qu of Palo Alto Networks (paloaltonetworks.com)", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2022-22589", "impact": "Processing a maliciously crafted mail message may lead to running arbitrary javascript", "links": [ "https://support.apple.com/en-us/HT213053", "https://support.apple.com/en-us/HT213054", "https://support.apple.com/en-us/HT213057", "https://support.apple.com/en-us/HT213058", "https://support.apple.com/en-us/HT213059", "https://support.apple.com/en-us/HT213185", "https://support.apple.com/en-us/HT213255", "https://support.apple.com/en-us/HT213256" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur and macOS Catalina", "macOS Monterey" ], "credit": "Toan Pham from Team Orca of Sea Security (security.sea.com)", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2022-22590", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213053", "https://support.apple.com/en-us/HT213054", "https://support.apple.com/en-us/HT213057", "https://support.apple.com/en-us/HT213058", "https://support.apple.com/en-us/HT213059" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Monterey" ], "credit": "Antonio Zekic (@antoniozekic) of Diverto", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2022-22591", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213054" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur and macOS Catalina", "macOS Monterey" ], "credit": "Prakash (@1lastBr3ath)", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2022-22592", "impact": "Processing maliciously crafted web content may prevent Content Security Policy from being enforced", "links": [ "https://support.apple.com/en-us/HT213053", "https://support.apple.com/en-us/HT213054", "https://support.apple.com/en-us/HT213057", "https://support.apple.com/en-us/HT213058", "https://support.apple.com/en-us/HT213059" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Peter Nguy\u1ec5n V\u0169 Ho\u00e0ng of STAR Labs", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2022-22593", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213053", "https://support.apple.com/en-us/HT213054", "https://support.apple.com/en-us/HT213055", "https://support.apple.com/en-us/HT213056", "https://support.apple.com/en-us/HT213057", "https://support.apple.com/en-us/HT213059" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur and macOS Catalina", "macOS Monterey" ], "credit": "Martin Bajanik of FingerprintJS", "description": "A cross-origin issue in the IndexDB API was addressed with improved input validation.", "id": "CVE-2022-22594", "impact": "A website may be able to track sensitive user information", "links": [ "https://support.apple.com/en-us/HT213053", "https://support.apple.com/en-us/HT213054", "https://support.apple.com/en-us/HT213057", "https://support.apple.com/en-us/HT213058", "https://support.apple.com/en-us/HT213059" ], "module": "WebKit Storage", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "an anonymous researcher", "description": "A memory corruption issue was addressed with improved validation.", "id": "CVE-2022-22596", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213182", "https://support.apple.com/en-us/HT213193" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Qi Sun and Robert Ai of Trend Micro", "description": "A memory corruption issue was addressed with improved validation.", "id": "CVE-2022-22597", "impact": "Processing a maliciously crafted file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213184", "https://support.apple.com/en-us/HT213185" ], "module": "AppleScript", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Will Blaschko of Team Quasko", "description": "An issue with app access to camera metadata was addressed with improved logic.", "id": "CVE-2022-22598", "impact": "An app may be able to learn information about the current camera view before being granted camera access", "links": [ "https://support.apple.com/en-us/HT213182" ], "module": "CoreMedia", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Monterey" ], "credit": "Andrew Goldberg of the University of Texas at Austin, McCombs School of Business (linkedin.com/andrew-goldberg-/)", "description": "A permissions issue was addressed with improved validation.", "id": "CVE-2022-22599", "impact": "A person with physical access to a device may be able to use Siri to obtain some location information from the lock screen", "links": [ "https://support.apple.com/en-us/HT213182", "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213184", "https://support.apple.com/en-us/HT213193" ], "module": "Siri", "rsr": "", "update": "May 25, 2022" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Monterey" ], "credit": "Sudhakar Muthumani (@sudhakarmuthu04) of Primefort Private Limited, Khiem Tran", "description": "The issue was addressed with improved permissions logic.", "id": "CVE-2022-22600", "impact": "A malicious application may be able to bypass certain Privacy preferences", "links": [ "https://support.apple.com/en-us/HT213182", "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213186", "https://support.apple.com/en-us/HT213193" ], "module": "Sandbox", "rsr": "", "update": "May 25, 2022" }, { "available": [ "macOS Monterey 12 and later" ], "credit": "hjy79425575", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2022-22601", "impact": "Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213189" ], "module": "otool", "rsr": "", "update": "" }, { "available": [ "macOS Monterey 12 and later" ], "credit": "hjy79425575", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2022-22602", "impact": "Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213189" ], "module": "otool", "rsr": "", "update": "" }, { "available": [ "macOS Monterey 12 and later" ], "credit": "hjy79425575", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2022-22603", "impact": "Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213189" ], "module": "otool", "rsr": "", "update": "" }, { "available": [ "macOS Monterey 12 and later" ], "credit": "hjy79425575", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2022-22604", "impact": "Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213189" ], "module": "otool", "rsr": "", "update": "" }, { "available": [ "macOS Monterey 12 and later" ], "credit": "hjy79425575", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2022-22605", "impact": "Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213189" ], "module": "otool", "rsr": "", "update": "" }, { "available": [ "macOS Monterey 12 and later" ], "credit": "hjy79425575", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2022-22606", "impact": "Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213189" ], "module": "otool", "rsr": "", "update": "" }, { "available": [ "macOS Monterey 12 and later" ], "credit": "hjy79425575", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2022-22607", "impact": "Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213189" ], "module": "otool", "rsr": "", "update": "" }, { "available": [ "macOS Monterey 12 and later" ], "credit": "hjy79425575", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2022-22608", "impact": "Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213189" ], "module": "otool", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Monterey" ], "credit": "Mickey Jin (@patch1t), and Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com)", "description": "The issue was addressed with additional permissions checks.", "id": "CVE-2022-22609", "impact": "A malicious application may be able to read other applications' settings", "links": [ "https://support.apple.com/en-us/HT213182", "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213186", "https://support.apple.com/en-us/HT213193" ], "module": "Preferences", "rsr": "", "update": "June 8, 2023" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur and macOS Catalina", "macOS Monterey" ], "bugzilla": "232812", "credit": "Quan Yin of Bigo Technology Live Client Team", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2022-22610", "impact": "Processing maliciously crafted web content may lead to code execution", "links": [ "https://support.apple.com/en-us/HT213182", "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213186", "https://support.apple.com/en-us/HT213187", "https://support.apple.com/en-us/HT213193" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Windows 10 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Monterey" ], "credit": "Xingyu Jin of Google", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2022-22611", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213182", "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213186", "https://support.apple.com/en-us/HT213188", "https://support.apple.com/en-us/HT213193" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Windows 10 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Monterey" ], "credit": "Xingyu Jin of Google", "description": "A memory consumption issue was addressed with improved memory handling.", "id": "CVE-2022-22612", "impact": "Processing a maliciously crafted image may lead to heap corruption", "links": [ "https://support.apple.com/en-us/HT213182", "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213186", "https://support.apple.com/en-us/HT213188", "https://support.apple.com/en-us/HT213193" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "an anonymous researcher, Alex", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2022-22613", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213182", "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213184", "https://support.apple.com/en-us/HT213185", "https://support.apple.com/en-us/HT213186", "https://support.apple.com/en-us/HT213193" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "an anonymous researcher", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2022-22614", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213182", "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213184", "https://support.apple.com/en-us/HT213185", "https://support.apple.com/en-us/HT213186", "https://support.apple.com/en-us/HT213193" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "an anonymous researcher", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2022-22615", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213182", "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213184", "https://support.apple.com/en-us/HT213185", "https://support.apple.com/en-us/HT213186", "https://support.apple.com/en-us/HT213193" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Ferdous Saljooki (@malwarezoo) and Jaron Bradley (@jbradley89) of Jamf Software, Mickey Jin (@patch1t)", "description": "This issue was addressed with improved checks.", "id": "CVE-2022-22616", "impact": "A maliciously crafted ZIP archive may bypass Gatekeeper checks", "links": [ "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213184", "https://support.apple.com/en-us/HT213185" ], "module": "BOM", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Mickey Jin (@patch1t)", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2022-22617", "impact": "An application may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213184", "https://support.apple.com/en-us/HT213185", "https://support.apple.com/en-us/HT213257" ], "module": "PackageKit", "rsr": "", "update": "July 6, 2022" }, { "available": [ "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Yicong Ding (@AntonioDing)", "description": "This issue was addressed with improved checks.", "id": "CVE-2022-22618", "impact": "A user may be able to bypass the Emergency SOS passcode prompt", "links": [ "https://support.apple.com/en-us/HT213182", "https://support.apple.com/en-us/HT213193" ], "module": "Phone", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur and macOS Catalina", "macOS Monterey" ], "credit": "an anonymous researcher", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2022-22620", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.", "links": [ "https://support.apple.com/en-us/HT213091", "https://support.apple.com/en-us/HT213092", "https://support.apple.com/en-us/HT213093" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Monterey" ], "credit": "Joey Hewitt", "description": "This issue was addressed with improved checks.", "id": "CVE-2022-22621", "impact": "A person with physical access to an iOS device may be able to see sensitive information via keyboard suggestions", "links": [ "https://support.apple.com/en-us/HT213182", "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213186", "https://support.apple.com/en-us/HT213193" ], "module": "UIKit", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Ingyu Lim (@_kanarena)", "description": "This issue was addressed with improved checks.", "id": "CVE-2022-22622", "impact": "A person with physical access to an iOS device may be able to see sensitive information via keyboard suggestions", "links": [ "https://support.apple.com/en-us/HT213182" ], "module": "Markup", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur and macOS Catalina", "macOS Monterey" ], "bugzilla": "233172", "credit": "Kirin (@Pwnrin) of Tencent Security Xuanwu Lab", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2022-22624", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213182", "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213186", "https://support.apple.com/en-us/HT213187", "https://support.apple.com/en-us/HT213193" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Mickey Jin (@patch1t) of Trend Micro", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2022-22625", "impact": "Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213184", "https://support.apple.com/en-us/HT213185" ], "module": "AppleScript", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Mickey Jin (@patch1t) of Trend Micro", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2022-22626", "impact": "Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213184", "https://support.apple.com/en-us/HT213185" ], "module": "AppleScript", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Qi Sun and Robert Ai of Trend Micro", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2022-22627", "impact": "Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213184", "https://support.apple.com/en-us/HT213185" ], "module": "AppleScript", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur and macOS Catalina", "macOS Monterey" ], "bugzilla": "234147", "credit": "Kirin (@Pwnrin) of Tencent Security Xuanwu Lab", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2022-22628", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213182", "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213186", "https://support.apple.com/en-us/HT213187", "https://support.apple.com/en-us/HT213193" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Windows 10 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur and macOS Catalina", "macOS Monterey" ], "bugzilla": "234966", "credit": "Jeonghoon Shin at Theori working with Trend Micro Zero Day Initiative", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2022-22629", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213182", "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213186", "https://support.apple.com/en-us/HT213187", "https://support.apple.com/en-us/HT213188", "https://support.apple.com/en-us/HT213193" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Jeremy Brown working with Trend Micro Zero Day Initiative", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2022-22630", "impact": "A remote user may cause an unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213255", "https://support.apple.com/en-us/HT213256" ], "module": "AppleEvents", "rsr": "", "update": "June 6, 2023" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Wang Yu of cyberserval", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2022-22631", "impact": "An application may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213184", "https://support.apple.com/en-us/HT213185" ], "module": "AppleGraphicsControl", "rsr": "", "update": "May 25, 2022" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Monterey" ], "credit": "Keegan Saunders", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2022-22632", "impact": "A malicious application may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/HT213182", "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213184", "https://support.apple.com/en-us/HT213186", "https://support.apple.com/en-us/HT213193" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Monterey" ], "credit": "ryuzaki", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2022-22633", "impact": "Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213182", "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213184", "https://support.apple.com/en-us/HT213186", "https://support.apple.com/en-us/HT213193" ], "module": "Accelerate Framework", "rsr": "", "update": "May 25, 2022" }, { "available": [ "Apple TV 4K and Apple TV HD", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "an anonymous researcher", "description": "A buffer overflow was addressed with improved bounds checking.", "id": "CVE-2022-22634", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213182", "https://support.apple.com/en-us/HT213186" ], "module": "AVEVideoEncoder", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "an anonymous researcher", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2022-22635", "impact": "An application may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT213182", "https://support.apple.com/en-us/HT213186" ], "module": "AVEVideoEncoder", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "an anonymous researcher", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2022-22636", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213182", "https://support.apple.com/en-us/HT213186" ], "module": "AVEVideoEncoder", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur and macOS Catalina", "macOS Monterey" ], "bugzilla": "235294", "credit": "Tom McKee of Google", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2022-22637", "impact": "A malicious website may cause unexpected cross-origin behavior", "links": [ "https://support.apple.com/en-us/HT213182", "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213186", "https://support.apple.com/en-us/HT213187", "https://support.apple.com/en-us/HT213193" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "derrek (@derrekr6)", "description": "A null pointer dereference was addressed with improved validation.", "id": "CVE-2022-22638", "impact": "An attacker in a privileged position may be able to perform a denial of service attack", "links": [ "https://support.apple.com/en-us/HT213182", "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213184", "https://support.apple.com/en-us/HT213185", "https://support.apple.com/en-us/HT213186", "https://support.apple.com/en-us/HT213193" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Monterey" ], "credit": "Mickey Jin (@patch1t)", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2022-22639", "impact": "An application may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT213182", "https://support.apple.com/en-us/HT213183" ], "module": "SoftwareUpdate", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Monterey" ], "credit": "sqrtpwn", "description": "A memory corruption issue was addressed with improved validation.", "id": "CVE-2022-22640", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213182", "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213186", "https://support.apple.com/en-us/HT213193" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Monterey" ], "credit": "Mohamed Ghannam (@_simo36)", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2022-22641", "impact": "An application may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT213182", "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213186" ], "module": "IOGPUFamily", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Yicong Ding (@AntonioDing)", "description": "This issue was addressed with improved checks.", "id": "CVE-2022-22642", "impact": "A user may be able to bypass the Emergency SOS passcode prompt", "links": [ "https://support.apple.com/en-us/HT213182" ], "module": "FaceTime", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later", "macOS Monterey" ], "credit": "Sonali Luthar of the University of Virginia, Michael Liao of the University of Illinois at Urbana-Champaign, Rohan Pahwa of Rutgers University, and Bao Nguyen of University of Florida", "description": "This issue was addressed with improved checks.", "id": "CVE-2022-22643", "impact": "A user may send audio and video in a FaceTime call without knowing that they have done so", "links": [ "https://support.apple.com/en-us/HT213182", "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213446", "https://support.apple.com/en-us/HT213488" ], "module": "FaceTime", "rsr": "", "update": "March 16, 2023" }, { "available": [ "macOS Monterey" ], "credit": "Thomas Roth (@stacksmashing) of leveldown security", "description": "A privacy issue existed in the handling of Contact cards. This was addressed with improved state management.", "id": "CVE-2022-22644", "impact": "A malicious application may be able to access information about a user's contacts", "links": [ "https://support.apple.com/en-us/HT213183" ], "module": "NSSpellChecker", "rsr": "", "update": "May 25, 2022" }, { "available": [ "macOS Monterey" ], "credit": "Mickey Jin (@patch1t), Mickey Jin (@patch1t) of Trend Micro", "description": "This issue was addressed by removing the vulnerable code.", "id": "CVE-2022-22646", "impact": "A malicious application may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/HT213054" ], "module": "PackageKit", "rsr": "", "update": "May 11, 2023" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Yuto Ikeda of Kyushu University", "description": "This issue was addressed with improved checks.", "id": "CVE-2022-22647", "impact": "A person with access to a Mac may be able to bypass Login Window", "links": [ "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213184", "https://support.apple.com/en-us/HT213185" ], "module": "Login Window", "rsr": "", "update": "May 25, 2022" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Mickey Jin (@patch1t) of Trend Micro", "description": "This issue was addressed with improved checks.", "id": "CVE-2022-22648", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213184", "https://support.apple.com/en-us/HT213185" ], "module": "AppleScript", "rsr": "", "update": "May 25, 2022" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Wojciech Regu\u0142a (@_r3ggi) of SecuRing", "description": "This issue was addressed with improved checks.", "id": "CVE-2022-22650", "impact": "A plug-in may be able to inherit the application's permissions and access user data", "links": [ "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213184", "https://support.apple.com/en-us/HT213185" ], "module": "QuickTime Player", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Monterey" ], "credit": "Felix Poulin-Belanger", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2022-22651", "impact": "A remote attacker may be able to cause unexpected system termination or corrupt kernel memory", "links": [ "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213184" ], "module": "SMB", "rsr": "", "update": "May 25, 2022" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Ka\u011fan E\u011flence (linkedin.com/in/kaganeglence), O\u011fuz K\u0131rat (@oguzkirat)", "description": "The GSMA authentication panel could be presented on the lock screen. The issue was resolved by requiring device unlock to interact with the GSMA authentication panel.", "id": "CVE-2022-22652", "impact": "A person with physical access may be able to view and modify the carrier account information and settings from the lock screen", "links": [ "https://support.apple.com/en-us/HT213182" ], "module": "Cellular", "rsr": "", "update": "May 25, 2022" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Aymeric Chaib of CERT Banque de France", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2022-22653", "impact": "A malicious website may be able to access information about the user and their devices", "links": [ "https://support.apple.com/en-us/HT213182" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 3 and later", "macOS Big Sur and macOS Catalina" ], "credit": "Abdullah Md Shaleh of take0ver", "description": "A user interface issue was addressed.", "id": "CVE-2022-22654", "impact": "Visiting a malicious website may lead to address bar spoofing", "links": [ "https://support.apple.com/en-us/HT213187", "https://support.apple.com/en-us/HT213193" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Monterey" ], "credit": "Csaba Fitzl (@theevilbit) of Offensive Security", "description": "An access issue was addressed with improvements to the sandbox.", "id": "CVE-2022-22655", "impact": "An app may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT213182", "https://support.apple.com/en-us/HT213183" ], "module": "Sandbox", "rsr": "", "update": "June 8, 2023" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "", "description": "An authentication issue was addressed with improved state management.", "id": "CVE-2022-22656", "impact": "A local attacker may be able to view the previous logged in user\u2019s desktop from the fast user switching screen", "links": [ "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213184", "https://support.apple.com/en-us/HT213185" ], "module": "LoginWindow", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur 11.5 and later", "macOS Monterey" ], "credit": "Brandon Perry of Atredis Partners", "description": "A memory initialization issue was addressed with improved memory handling.", "id": "CVE-2022-22657", "impact": "Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213190", "https://support.apple.com/en-us/HT213191" ], "module": "MIDI", "rsr": "", "update": "" }, { "available": [ "iPhone 8 and later" ], "credit": "", "description": "An input validation issue was addressed with improved input validation.", "id": "CVE-2022-22658", "impact": "Processing a maliciously crafted email message may lead to a denial-of-service", "links": [ "https://support.apple.com/en-us/HT213480" ], "module": "Mail", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "George Chen Kaidi of PayPal", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2022-22659", "impact": "An attacker in a privileged network position may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT213182" ], "module": "NetworkExtension", "rsr": "", "update": "May 25, 2022" }, { "available": [ "macOS Monterey" ], "credit": "Guilherme Rambo of Best Buddy Apps (rambo.codes)", "description": "This issue was addressed with a new entitlement.", "id": "CVE-2022-22660", "impact": "An app may be able to spoof system notifications and UI", "links": [ "https://support.apple.com/en-us/HT213183" ], "module": "System Preferences", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Wang Yu of cyberserval, and Pan ZhenPeng (@Peterpan0927) of Alibaba Security Pandora Lab", "description": "A type confusion issue was addressed with improved state handling.", "id": "CVE-2022-22661", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213184", "https://support.apple.com/en-us/HT213185" ], "module": "Intel Graphics Driver", "rsr": "", "update": "May 25, 2022, updated June 8, 2023" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "Windows 10 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Prakash (@1lastBr3ath) of Threat Nix", "description": "A cookie management issue was addressed with improved state management.", "id": "CVE-2022-22662", "impact": "Processing maliciously crafted web content may disclose sensitive user information", "links": [ "https://support.apple.com/en-us/HT213182", "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213184", "https://support.apple.com/en-us/HT213185", "https://support.apple.com/en-us/HT213186", "https://support.apple.com/en-us/HT213188", "https://support.apple.com/en-us/HT213193" ], "module": "WebKit", "rsr": "", "update": "May 25, 2022" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Arsenii Kostromin (0x3c3e)", "description": "This issue was addressed with improved checks to prevent unauthorized actions.", "id": "CVE-2022-22663", "impact": "A malicious application may bypass Gatekeeper checks", "links": [ "https://support.apple.com/en-us/HT213182", "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213255", "https://support.apple.com/en-us/HT213256", "https://support.apple.com/en-us/HT213488" ], "module": "CoreTypes", "rsr": "", "update": "March 16, 2023" }, { "available": [ "macOS Big Sur 11.5 and later", "macOS Monterey" ], "credit": "Brandon Perry of Atredis Partners", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2022-22664", "impact": "Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213190", "https://support.apple.com/en-us/HT213191" ], "module": "MIDI", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Lockheed Martin Red Team", "description": "A logic issue was addressed with improved validation.", "id": "CVE-2022-22665", "impact": "A malicious application may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213184", "https://support.apple.com/en-us/HT213185", "https://support.apple.com/en-us/HT213255", "https://support.apple.com/en-us/HT213256" ], "module": "AppKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Marc Schoenefeld, Dr. rer. nat.", "description": "A memory corruption issue was addressed with improved validation.", "id": "CVE-2022-22666", "impact": "Processing a maliciously crafted image may lead to heap corruption", "links": [ "https://support.apple.com/en-us/HT213182", "https://support.apple.com/en-us/HT213186", "https://support.apple.com/en-us/HT213193" ], "module": "AppleAVD", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Justin Sherman of the University of Maryland, Baltimore County", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2022-22667", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213182" ], "module": "GPU Drivers", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Monterey" ], "credit": "MrPhil17", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2022-22668", "impact": "A malicious application may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT213182", "https://support.apple.com/en-us/HT213183" ], "module": "Wi-Fi", "rsr": "", "update": "" }, { "available": [ "macOS Monterey" ], "credit": "an anonymous researcher", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2022-22669", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213183" ], "module": "AMD", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Brandon Azad", "description": "An access issue was addressed with improved access restrictions.", "id": "CVE-2022-22670", "impact": "A malicious application may be able to identify what other applications a user has installed", "links": [ "https://support.apple.com/en-us/HT213182", "https://support.apple.com/en-us/HT213186", "https://support.apple.com/en-us/HT213193" ], "module": "MediaRemote", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "videosdebarraquito", "description": "An authentication issue was addressed with improved state management.", "id": "CVE-2022-22671", "impact": "A person with physical access to an iOS device may be able to access photos from the lock screen", "links": [ "https://support.apple.com/en-us/HT213182" ], "module": "VoiceOver", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Siddharth Aeri (@b1n4r1b01)", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2022-22672", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213182", "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213184", "https://support.apple.com/en-us/HT213185" ], "module": "MobileAccessoryUpdater", "rsr": "", "update": "May 25, 2022" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Abhay Kailasia (@abhay_kailasia) of Lakshmi Narain College Of Technology Bhopal", "description": "This issue was addressed with improved checks.", "id": "CVE-2022-22673", "impact": "Processing a large input may lead to a denial of service", "links": [ "https://support.apple.com/en-us/HT213258" ], "module": "Notes", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "an anonymous researcher", "description": "An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation.", "id": "CVE-2022-22674", "impact": "A local user may be able to read kernel memory", "links": [ "https://support.apple.com/en-us/HT213220", "https://support.apple.com/en-us/HT213255", "https://support.apple.com/en-us/HT213256" ], "module": "Graphics Drivers", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Monterey" ], "credit": "an anonymous researcher", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2022-22675", "impact": "An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.", "links": [ "https://support.apple.com/en-us/HT213219", "https://support.apple.com/en-us/HT213220", "https://support.apple.com/en-us/HT213253", "https://support.apple.com/en-us/HT213254", "https://support.apple.com/en-us/HT213256" ], "module": "AppleAVD", "rsr": "", "update": "" }, { "available": [ "macOS Monterey" ], "credit": "Mickey Jin (@patch1t) of Trend Micro", "description": "An event handler validation issue in the XPC Services API was addressed by removing the service.", "id": "CVE-2022-22676", "impact": "An application may be able to delete files for which it does not have permission", "links": [ "https://support.apple.com/en-us/HT213054" ], "module": "PackageKit", "rsr": "", "update": "May 25, 2022" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Monterey" ], "bugzilla": "237524", "credit": "an anonymous researcher", "description": "A logic issue in the handling of concurrent media was addressed with improved state handling.", "id": "CVE-2022-22677", "impact": "Video self-preview in a webRTC call may be interrupted if the user answers a phone call", "links": [ "https://support.apple.com/en-us/HT213257", "https://support.apple.com/en-us/HT213258" ], "module": "WebRTC", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "", "description": "Multiple issues were addressed by updating apache to version 2.4.53.", "id": "CVE-2022-22719", "impact": "Multiple issues in apache", "links": [ "https://support.apple.com/en-us/HT213255", "https://support.apple.com/en-us/HT213256", "https://support.apple.com/en-us/HT213257" ], "module": "apache", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "", "description": "Multiple issues were addressed by updating apache to version 2.4.53.", "id": "CVE-2022-22720", "impact": "Multiple issues in apache", "links": [ "https://support.apple.com/en-us/HT213255", "https://support.apple.com/en-us/HT213256", "https://support.apple.com/en-us/HT213257" ], "module": "apache", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "", "description": "Multiple issues were addressed by updating apache to version 2.4.53.", "id": "CVE-2022-22721", "impact": "Multiple issues in apache", "links": [ "https://support.apple.com/en-us/HT213255", "https://support.apple.com/en-us/HT213256", "https://support.apple.com/en-us/HT213257" ], "module": "apache", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur and macOS Catalina", "macOS Monterey" ], "bugzilla": "242339", "credit": "Jan Vojtesek of Avast Threat Intelligence team", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2022-2294", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution.", "links": [ "https://support.apple.com/en-us/HT213341", "https://support.apple.com/en-us/HT213345", "https://support.apple.com/en-us/HT213346" ], "module": "WebRTC", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2022-23308", "impact": "A remote attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213253", "https://support.apple.com/en-us/HT213254", "https://support.apple.com/en-us/HT213255", "https://support.apple.com/en-us/HT213256", "https://support.apple.com/en-us/HT213257", "https://support.apple.com/en-us/HT213258" ], "module": "libxml2", "rsr": "", "update": "" }, { "available": [ "macOS Monterey" ], "credit": "Evgeny Kotkov, visualsvn.com", "description": "Multiple issues were addressed by updating subversion.", "id": "CVE-2022-24070", "impact": "Multiple issues in subversion", "links": [ "https://support.apple.com/en-us/HT213345" ], "module": "subversion", "rsr": "", "update": "" }, { "available": [ "macOS Monterey 12 or later" ], "credit": "\u4fde\u6668\u4e1c", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2022-24765", "impact": "On multi-user machines Git users might find themselves unexpectedly in a Git worktree", "links": [ "https://support.apple.com/en-us/HT213261" ], "module": "Git", "rsr": "", "update": "" }, { "available": [ "macOS Ventura" ], "credit": "", "description": "This issue was addressed with improved checks.", "id": "CVE-2022-24836", "impact": "A remote user may be able to cause unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213532" ], "module": "Ruby", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Mickey Jin (@patch1t) of Trend Micro", "description": "An issue in the handling of symlinks was addressed with improved validation.", "id": "CVE-2022-26688", "impact": "A malicious app with root privileges may be able to modify the contents of system files", "links": [ "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213184", "https://support.apple.com/en-us/HT213185" ], "module": "PackageKit", "rsr": "", "update": "May 25, 2022" }, { "available": [ "macOS Monterey" ], "credit": "Mickey Jin (@patch1t) of Trend Micro", "description": "A race condition was addressed with additional validation.", "id": "CVE-2022-26690", "impact": "A malicious application may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/HT213183" ], "module": "PackageKit", "rsr": "", "update": "May 25, 2022" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Joshua Mason of Mandiant", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2022-26691", "impact": "An application may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213184", "https://support.apple.com/en-us/HT213185" ], "module": "CUPS", "rsr": "", "update": "May 25, 2022" }, { "available": [ "macOS Monterey" ], "credit": "Wojciech Regu\u0142a (@_r3ggi) of SecuRing", "description": "This issue was addressed with improved checks.", "id": "CVE-2022-26693", "impact": "A plug-in may be able to inherit the application's permissions and access user data", "links": [ "https://support.apple.com/en-us/HT213257" ], "module": "Preview", "rsr": "", "update": "" }, { "available": [ "macOS Monterey" ], "credit": "Wojciech Regu\u0142a (@_r3ggi) of SecuRing", "description": "This issue was addressed with improved checks.", "id": "CVE-2022-26694", "impact": "A plug-in may be able to inherit the application's permissions and access user data", "links": [ "https://support.apple.com/en-us/HT213257" ], "module": "Contacts", "rsr": "", "update": "" }, { "available": [ "macOS Monterey" ], "credit": "Ron Waisberg, an anonymous researcher, Wojciech Regu\u0142a (@_r3ggi) of SecuRing, and Ron Hass (@ronhass7) of Perception Point", "description": "This issue was addressed with improved environment sanitization.", "id": "CVE-2022-26696", "impact": "A sandboxed process may be able to circumvent sandbox restrictions", "links": [ "https://support.apple.com/en-us/HT213257" ], "module": "Terminal", "rsr": "", "update": "September 16, 2022, updated October 31, 2023" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Qi Sun and Robert Ai of Trend Micro", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2022-26697", "impact": "Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT213255", "https://support.apple.com/en-us/HT213256", "https://support.apple.com/en-us/HT213257" ], "module": "AppleScript", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Qi Sun of Trend Micro", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2022-26698", "impact": "Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT213255", "https://support.apple.com/en-us/HT213256", "https://support.apple.com/en-us/HT213257" ], "module": "AppleScript", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "Csaba Fitzl (@theevilbit) of Offensive Security", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2022-26699", "impact": "An app may be able to cause a denial-of-service to Endpoint Security clients", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "TCC", "rsr": "", "update": "August 1, 2023" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur and macOS Catalina", "macOS Monterey" ], "bugzilla": "238178", "credit": "ryuzaki", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2022-26700", "impact": "Processing maliciously crafted web content may lead to code execution", "links": [ "https://support.apple.com/en-us/HT213253", "https://support.apple.com/en-us/HT213254", "https://support.apple.com/en-us/HT213257", "https://support.apple.com/en-us/HT213258", "https://support.apple.com/en-us/HT213260" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Monterey" ], "credit": "chenyuwang (@mzzzz__) of Tencent Security Xuanwu Lab", "description": "A race condition was addressed with improved locking.", "id": "CVE-2022-26701", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213254", "https://support.apple.com/en-us/HT213257", "https://support.apple.com/en-us/HT213258" ], "module": "IOKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "an anonymous researcher, Antonio Zekic (@antoniozekic), and John Aakerblom (@jaakerblom)", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2022-26702", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213253", "https://support.apple.com/en-us/HT213254", "https://support.apple.com/en-us/HT213258" ], "module": "AppleAVD", "rsr": "", "update": "June 7, 2023" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Salman Syed (@slmnsd551)", "description": "An authorization issue was addressed with improved state management.", "id": "CVE-2022-26703", "impact": "A person with physical access to an iOS device may be able to access photos from the lock screen", "links": [ "https://support.apple.com/en-us/HT213258" ], "module": "Shortcuts", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Joshua Mason of Mandiant", "description": "A validation issue in the handling of symlinks was addressed with improved validation of symlinks.", "id": "CVE-2022-26704", "impact": "An app may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT213257", "https://support.apple.com/en-us/HT213258", "https://support.apple.com/en-us/HT213343", "https://support.apple.com/en-us/HT213344" ], "module": "Spotlight", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Monterey" ], "credit": "Arsenii Kostromin (0x3c3e), Jonathan Bar Or of Microsoft", "description": "An access issue was addressed with additional sandbox restrictions on third-party applications.", "id": "CVE-2022-26706", "impact": "A sandboxed process may be able to circumvent sandbox restrictions", "links": [ "https://support.apple.com/en-us/HT213253", "https://support.apple.com/en-us/HT213254", "https://support.apple.com/en-us/HT213256", "https://support.apple.com/en-us/HT213257", "https://support.apple.com/en-us/HT213258" ], "module": "LaunchServices", "rsr": "", "update": "July 6, 2022" }, { "available": [ "macOS Monterey" ], "credit": "Wojciech Regu\u0142a (@_r3ggi) of SecuRing", "description": "An issue in the handling of environment variables was addressed with improved validation.", "id": "CVE-2022-26707", "impact": "A user may be able to view sensitive user information", "links": [ "https://support.apple.com/en-us/HT213257" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "July 6, 2022" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Monterey" ], "credit": "Max Shavrick (@_mxms) of the Google Security Team", "description": "This issue was addressed with improved checks.", "id": "CVE-2022-26708", "impact": "An attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213253", "https://support.apple.com/en-us/HT213254", "https://support.apple.com/en-us/HT213257", "https://support.apple.com/en-us/HT213258" ], "module": "libresolv", "rsr": "", "update": "June 21, 2022" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur and macOS Catalina", "macOS Monterey" ], "bugzilla": "236950", "credit": "Chijin Zhou of ShuiMuYuLin Ltd and Tsinghua wingtecher lab", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2022-26709", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213253", "https://support.apple.com/en-us/HT213254", "https://support.apple.com/en-us/HT213257", "https://support.apple.com/en-us/HT213258", "https://support.apple.com/en-us/HT213260" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Monterey" ], "bugzilla": "237475", "credit": "Chijin Zhou of ShuiMuYuLin Ltd and Tsinghua wingtecher lab", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2022-26710", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213253", "https://support.apple.com/en-us/HT213254", "https://support.apple.com/en-us/HT213257", "https://support.apple.com/en-us/HT213258" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 3 and later", "Windows 10 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Monterey" ], "credit": "actae0n of Blacksun Hackers Club working with Trend Micro Zero Day Initiative", "description": "An integer overflow issue was addressed with improved input validation.", "id": "CVE-2022-26711", "impact": "A remote attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213253", "https://support.apple.com/en-us/HT213254", "https://support.apple.com/en-us/HT213257", "https://support.apple.com/en-us/HT213258", "https://support.apple.com/en-us/HT213259" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Monterey" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed by removing the vulnerable code.", "id": "CVE-2022-26712", "impact": "A malicious application may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/HT213256", "https://support.apple.com/en-us/HT213257" ], "module": "PackageKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Peter Nguy\u1ec5n V\u0169 Ho\u00e0ng (@peternguyen14) of STAR Labs (@starlabs_sg)", "description": "A memory corruption issue was addressed with improved validation.", "id": "CVE-2022-26714", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213253", "https://support.apple.com/en-us/HT213254", "https://support.apple.com/en-us/HT213255", "https://support.apple.com/en-us/HT213256", "https://support.apple.com/en-us/HT213257", "https://support.apple.com/en-us/HT213258" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Peter Nguy\u1ec5n V\u0169 Ho\u00e0ng of STAR Labs", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2022-26715", "impact": "An application may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT213255", "https://support.apple.com/en-us/HT213256", "https://support.apple.com/en-us/HT213257" ], "module": "SMB", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur and macOS Catalina", "macOS Monterey" ], "bugzilla": "238183", "credit": "SorryMybad (@S0rryMybad) of Kunlun Lab", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2022-26716", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213253", "https://support.apple.com/en-us/HT213254", "https://support.apple.com/en-us/HT213257", "https://support.apple.com/en-us/HT213258", "https://support.apple.com/en-us/HT213260" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 3 and later", "Windows 10 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur and macOS Catalina", "macOS Monterey" ], "bugzilla": "238171", "credit": "Jeonghoon Shin of Theori", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2022-26717", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213253", "https://support.apple.com/en-us/HT213254", "https://support.apple.com/en-us/HT213257", "https://support.apple.com/en-us/HT213258", "https://support.apple.com/en-us/HT213259", "https://support.apple.com/en-us/HT213260" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Monterey" ], "credit": "Peter Nguy\u1ec5n V\u0169 Ho\u00e0ng of STAR Labs", "description": "An out-of-bounds read issue was addressed with improved input validation.", "id": "CVE-2022-26718", "impact": "An application may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT213256", "https://support.apple.com/en-us/HT213257" ], "module": "SMB", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur and macOS Catalina", "macOS Monterey" ], "bugzilla": "238699", "credit": "Dongzhuo Zhao working with ADLab of Venustech", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2022-26719", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213253", "https://support.apple.com/en-us/HT213254", "https://support.apple.com/en-us/HT213257", "https://support.apple.com/en-us/HT213258", "https://support.apple.com/en-us/HT213260" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Liu Long of Ant Security Light-Year Lab", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2022-26720", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213255", "https://support.apple.com/en-us/HT213256", "https://support.apple.com/en-us/HT213257" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Yonghwi Jin (@jinmo123) of Theori", "description": "A memory initialization issue was addressed.", "id": "CVE-2022-26721", "impact": "A malicious application may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/HT213255", "https://support.apple.com/en-us/HT213256", "https://support.apple.com/en-us/HT213257" ], "module": "CVMS", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Yonghwi Jin (@jinmo123) of Theori", "description": "A memory initialization issue was addressed.", "id": "CVE-2022-26722", "impact": "A malicious application may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/HT213255", "https://support.apple.com/en-us/HT213256", "https://support.apple.com/en-us/HT213257" ], "module": "CVMS", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Monterey" ], "credit": "Felix Poulin-Belanger", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2022-26723", "impact": "Mounting a maliciously crafted Samba network share may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213256", "https://support.apple.com/en-us/HT213257" ], "module": "SMB", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD" ], "credit": "Jorge A. Caballero (@DataDrivenMD)", "description": "An authentication issue was addressed with improved state management.", "id": "CVE-2022-26724", "impact": "A local user may be able to enable iCloud Photos without authentication", "links": [ "https://support.apple.com/en-us/HT213254" ], "module": "AuthKit", "rsr": "", "update": "" }, { "available": [ "macOS Monterey" ], "credit": "Andrew Williams and Avi Drissman of Google", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2022-26725", "impact": "Photo location information may persist after it is removed with Preview Inspector", "links": [ "https://support.apple.com/en-us/HT213257" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Antonio Cheong Yu Xuan of YCISCQ", "description": "This issue was addressed with improved checks.", "id": "CVE-2022-26726", "impact": "An app may be able to capture a user's screen", "links": [ "https://support.apple.com/en-us/HT213253", "https://support.apple.com/en-us/HT213255", "https://support.apple.com/en-us/HT213256", "https://support.apple.com/en-us/HT213257", "https://support.apple.com/en-us/HT213258" ], "module": "TCC", "rsr": "", "update": "June 6, 2023" }, { "available": [ "macOS Catalina", "macOS Monterey" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed with improved entitlements.", "id": "CVE-2022-26727", "impact": "A malicious application may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/HT213255", "https://support.apple.com/en-us/HT213257" ], "module": "PackageKit", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed with improved entitlements.", "id": "CVE-2022-26728", "impact": "A malicious application may be able to access restricted files", "links": [ "https://support.apple.com/en-us/HT213255", "https://support.apple.com/en-us/HT213256", "https://support.apple.com/en-us/HT213257" ], "module": "SoftwareUpdate", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "David Hoyt of Hoyt LLC", "description": "A memory corruption issue existed in the processing of ICC profiles. This issue was addressed with improved input validation.", "id": "CVE-2022-26730", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "ColorSync", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Monterey" ], "credit": "an anonymous researcher", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2022-26731", "impact": "A malicious website may be able to track users in Safari private browsing mode", "links": [ "https://support.apple.com/en-us/HT213256", "https://support.apple.com/en-us/HT213257", "https://support.apple.com/en-us/HT213258" ], "module": "Safari Private Browsing", "rsr": "", "update": "July 6, 2022" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Monterey" ], "credit": "an anonymous researcher", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2022-26736", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213254", "https://support.apple.com/en-us/HT213257", "https://support.apple.com/en-us/HT213258" ], "module": "AVEVideoEncoder", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Monterey" ], "credit": "an anonymous researcher", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2022-26737", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213254", "https://support.apple.com/en-us/HT213257", "https://support.apple.com/en-us/HT213258" ], "module": "AVEVideoEncoder", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Monterey" ], "credit": "an anonymous researcher", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2022-26738", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213254", "https://support.apple.com/en-us/HT213257", "https://support.apple.com/en-us/HT213258" ], "module": "AVEVideoEncoder", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Monterey" ], "credit": "an anonymous researcher", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2022-26739", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213254", "https://support.apple.com/en-us/HT213257", "https://support.apple.com/en-us/HT213258" ], "module": "AVEVideoEncoder", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Monterey" ], "credit": "an anonymous researcher", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2022-26740", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213254", "https://support.apple.com/en-us/HT213257", "https://support.apple.com/en-us/HT213258" ], "module": "AVEVideoEncoder", "rsr": "", "update": "" }, { "available": [ "macOS Monterey" ], "credit": "ABC Research s.r.o", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2022-26741", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213257" ], "module": "AMD", "rsr": "", "update": "" }, { "available": [ "macOS Monterey" ], "credit": "ABC Research s.r.o", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2022-26742", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213257" ], "module": "AMD", "rsr": "", "update": "" }, { "available": [ "macOS Monterey" ], "credit": "Jordy Zomer (@pwningsystems)", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2022-26743", "impact": "An attacker that has already achieved code execution in macOS Recovery may be able to escalate to kernel privileges", "links": [ "https://support.apple.com/en-us/HT213257" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later" ], "credit": "an anonymous researcher", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2022-26744", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213258", "https://support.apple.com/en-us/HT213446" ], "module": "GPU Drivers", "rsr": "", "update": "October 27, 2022" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Monterey" ], "credit": "Scarlet Raine", "description": "A memory corruption issue was addressed with improved validation.", "id": "CVE-2022-26745", "impact": "A malicious application may disclose restricted memory", "links": [ "https://support.apple.com/en-us/HT213253", "https://support.apple.com/en-us/HT213254", "https://support.apple.com/en-us/HT213256", "https://support.apple.com/en-us/HT213257", "https://support.apple.com/en-us/HT213258" ], "module": "Wi-Fi", "rsr": "", "update": "July 6, 2022" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "@gorelics", "description": "This issue was addressed by removing the vulnerable code.", "id": "CVE-2022-26746", "impact": "A malicious application may be able to bypass Privacy preferences", "links": [ "https://support.apple.com/en-us/HT213255", "https://support.apple.com/en-us/HT213256", "https://support.apple.com/en-us/HT213257" ], "module": "Printing", "rsr": "", "update": "" }, { "available": [ "macOS Monterey 12 or later" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed with improved checks.", "id": "CVE-2022-26747", "impact": "An app may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT213261" ], "module": "IDE", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Jeonghoon Shin of Theori working with Trend Micro Zero Day Initiative", "description": "An out-of-bounds write issue was addressed with improved input validation.", "id": "CVE-2022-26748", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213255", "https://support.apple.com/en-us/HT213256", "https://support.apple.com/en-us/HT213257" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "macOS Monterey" ], "credit": "ABC Research s.r.o", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2022-26749", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213257" ], "module": "AMD", "rsr": "", "update": "" }, { "available": [ "macOS Monterey" ], "credit": "ABC Research s.r.o", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2022-26750", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213257" ], "module": "AMD", "rsr": "", "update": "" }, { "available": [ "Windows 10 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2022-26751", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213255", "https://support.apple.com/en-us/HT213256", "https://support.apple.com/en-us/HT213257", "https://support.apple.com/en-us/HT213258", "https://support.apple.com/en-us/HT213259" ], "module": "AppleGraphicsControl", "rsr": "", "update": "" }, { "available": [ "macOS Monterey" ], "credit": "ABC Research s.r.o", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2022-26752", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213257" ], "module": "AMD", "rsr": "", "update": "" }, { "available": [ "macOS Monterey" ], "credit": "ABC Research s.r.o", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2022-26753", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213257" ], "module": "AMD", "rsr": "", "update": "" }, { "available": [ "macOS Monterey" ], "credit": "ABC Research s.r.o", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2022-26754", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213257" ], "module": "AMD", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Arsenii Kostromin (0x3c3e)", "description": "This issue was addressed with improved environment sanitization.", "id": "CVE-2022-26755", "impact": "A malicious application may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/HT213255", "https://support.apple.com/en-us/HT213256", "https://support.apple.com/en-us/HT213257" ], "module": "Tcl", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Jack Dates of RET2 Systems, Inc", "description": "An out-of-bounds write issue was addressed with improved input validation.", "id": "CVE-2022-26756", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213255", "https://support.apple.com/en-us/HT213256", "https://support.apple.com/en-us/HT213257" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Ned Williamson of Google Project Zero", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2022-26757", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213253", "https://support.apple.com/en-us/HT213254", "https://support.apple.com/en-us/HT213255", "https://support.apple.com/en-us/HT213256", "https://support.apple.com/en-us/HT213257", "https://support.apple.com/en-us/HT213258" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Monterey" ], "credit": "an anonymous researcher", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2022-26758", "impact": "A malicious application may cause unexpected changes in memory shared between processes", "links": [ "https://support.apple.com/en-us/HT213257" ], "module": "Kernel", "rsr": "", "update": "October 31, 2023" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "08Tc3wBB of ZecOps Mobile EDR Team", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2022-26760", "impact": "A malicious application may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/HT213258" ], "module": "Wi-Fi", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Wang Yu of Cyberserval", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2022-26761", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213255", "https://support.apple.com/en-us/HT213256", "https://support.apple.com/en-us/HT213257" ], "module": "Wi-Fi", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Monterey" ], "credit": "Wang Yu of Cyberserval", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2022-26762", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT213257", "https://support.apple.com/en-us/HT213258" ], "module": "Wi-Fi", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Linus Henze of Pinauten GmbH (pinauten.de)", "description": "An out-of-bounds access issue was addressed with improved bounds checking.", "id": "CVE-2022-26763", "impact": "A malicious application may be able to execute arbitrary code with system privileges", "links": [ "https://support.apple.com/en-us/HT213253", "https://support.apple.com/en-us/HT213254", "https://support.apple.com/en-us/HT213255", "https://support.apple.com/en-us/HT213256", "https://support.apple.com/en-us/HT213257", "https://support.apple.com/en-us/HT213258" ], "module": "DriverKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Monterey" ], "credit": "Linus Henze of Pinauten GmbH (pinauten.de)", "description": "A memory corruption issue was addressed with improved validation.", "id": "CVE-2022-26764", "impact": "An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations", "links": [ "https://support.apple.com/en-us/HT213253", "https://support.apple.com/en-us/HT213254", "https://support.apple.com/en-us/HT213257", "https://support.apple.com/en-us/HT213258" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Monterey" ], "credit": "Linus Henze of Pinauten GmbH (pinauten.de)", "description": "A race condition was addressed with improved state handling.", "id": "CVE-2022-26765", "impact": "A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication", "links": [ "https://support.apple.com/en-us/HT213253", "https://support.apple.com/en-us/HT213254", "https://support.apple.com/en-us/HT213257", "https://support.apple.com/en-us/HT213258" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Linus Henze of Pinauten GmbH (pinauten.de)", "description": "A certificate parsing issue was addressed with improved checks.", "id": "CVE-2022-26766", "impact": "A malicious app may be able to bypass signature validation", "links": [ "https://support.apple.com/en-us/HT213253", "https://support.apple.com/en-us/HT213254", "https://support.apple.com/en-us/HT213255", "https://support.apple.com/en-us/HT213256", "https://support.apple.com/en-us/HT213257", "https://support.apple.com/en-us/HT213258" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Monterey" ], "credit": "Wojciech Regu\u0142a (@_r3ggi) of SecuRing", "description": "The issue was addressed with additional permissions checks.", "id": "CVE-2022-26767", "impact": "A malicious application may be able to bypass Privacy preferences", "links": [ "https://support.apple.com/en-us/HT213256", "https://support.apple.com/en-us/HT213257" ], "module": "LaunchServices", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Monterey" ], "credit": "an anonymous researcher", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2022-26768", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213253", "https://support.apple.com/en-us/HT213254", "https://support.apple.com/en-us/HT213256", "https://support.apple.com/en-us/HT213257", "https://support.apple.com/en-us/HT213346" ], "module": "IOMobileFrameBuffer", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Antonio Zekic (@antoniozekic)", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2022-26769", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213255", "https://support.apple.com/en-us/HT213256", "https://support.apple.com/en-us/HT213257" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Liu Long of Ant Security Light-Year Lab", "description": "An out-of-bounds read issue was addressed with improved input validation.", "id": "CVE-2022-26770", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213255", "https://support.apple.com/en-us/HT213256", "https://support.apple.com/en-us/HT213257" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "an anonymous researcher", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2022-26771", "impact": "A malicious application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213253", "https://support.apple.com/en-us/HT213254", "https://support.apple.com/en-us/HT213258" ], "module": "IOSurfaceAccelerator", "rsr": "", "update": "" }, { "available": [ "macOS Monterey" ], "credit": "an anonymous researcher", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2022-26772", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213257" ], "module": "AMD", "rsr": "", "update": "" }, { "available": [ "Windows 10 and later" ], "credit": "Sai Wynn Myat (@404death)", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2022-26773", "impact": "An application may be able to delete files for which it does not have permission", "links": [ "https://support.apple.com/en-us/HT213259" ], "module": "Mobile Device Service", "rsr": "", "update": "" }, { "available": [ "Windows 10 and later" ], "credit": "Sai Wynn Myat (@404death)", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2022-26774", "impact": "A local attacker may be able to elevate their privileges", "links": [ "https://support.apple.com/en-us/HT213259" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Catalina", "macOS Monterey" ], "credit": "Max Shavrick (@_mxms) of the Google Security Team", "description": "An integer overflow was addressed with improved input validation.", "id": "CVE-2022-26775", "impact": "An attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213253", "https://support.apple.com/en-us/HT213254", "https://support.apple.com/en-us/HT213255", "https://support.apple.com/en-us/HT213257", "https://support.apple.com/en-us/HT213258" ], "module": "libresolv", "rsr": "", "update": "June 21, 2022" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Monterey" ], "credit": "Max Shavrick (@_mxms) of the Google Security Team, Zubair Ashraf of Crowdstrike", "description": "This issue was addressed with improved checks.", "id": "CVE-2022-26776", "impact": "An attacker may be able to cause unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213253", "https://support.apple.com/en-us/HT213254", "https://support.apple.com/en-us/HT213256", "https://support.apple.com/en-us/HT213257", "https://support.apple.com/en-us/HT213258" ], "module": "libresolv", "rsr": "", "update": "June 21, 2022" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Monterey" ], "credit": "Hexhive (hexhive.epfl.ch), NCNIPC of China (nipc.org.cn)", "description": "This issue was addressed with improved checks.", "id": "CVE-2022-26981", "impact": "An app may cause unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213340", "https://support.apple.com/en-us/HT213342", "https://support.apple.com/en-us/HT213345", "https://support.apple.com/en-us/HT213346" ], "module": "Liblouis", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "macOS Big Sur", "macOS Monterey" ], "credit": "", "description": "A memory corruption issue was addressed by updating Ruby to version 2.6.10.", "id": "CVE-2022-28739", "impact": "A remote user may be able to cause unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213488", "https://support.apple.com/en-us/HT213493", "https://support.apple.com/en-us/HT213494" ], "module": "Ruby", "rsr": "", "update": "" }, { "available": [ "macOS Monterey" ], "credit": "Evgeny Kotkov, visualsvn.com", "description": "Multiple issues were addressed by updating subversion.", "id": "CVE-2022-29046", "impact": "Multiple issues in subversion", "links": [ "https://support.apple.com/en-us/HT213345" ], "module": "subversion", "rsr": "", "update": "" }, { "available": [ "macOS Monterey" ], "credit": "Evgeny Kotkov, visualsvn.com", "description": "Multiple issues were addressed by updating subversion.", "id": "CVE-2022-29048", "impact": "Multiple issues in subversion", "links": [ "https://support.apple.com/en-us/HT213345" ], "module": "subversion", "rsr": "", "update": "" }, { "available": [ "macOS Ventura" ], "credit": "", "description": "This issue was addressed with improved checks.", "id": "CVE-2022-29181", "impact": "A remote user may be able to cause unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213532" ], "module": "Ruby", "rsr": "", "update": "" }, { "available": [ "macOS Monterey 12.5 and later" ], "credit": "Carlo Marcelo Arenas Bel\u00f3n and Johannes Schindelin", "description": "Multiple issues were addressed by updating to git version 2.32.3.", "id": "CVE-2022-29187", "impact": "Multiple issues in git", "links": [ "https://support.apple.com/en-us/HT213496" ], "module": "Git", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "", "description": "A denial-of-service issue was addressed with improved validation.", "id": "CVE-2022-29458", "impact": "Processing a maliciously crafted file may lead to a denial-of-service or potentially disclose memory contents", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "ncurses", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "", "description": "Multiple issues were addressed by updating to curl version 7.84.0.", "id": "CVE-2022-32205", "impact": "Multiple issues in curl", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "", "description": "Multiple issues were addressed by updating to curl version 7.84.0.", "id": "CVE-2022-32206", "impact": "Multiple issues in curl", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "", "description": "Multiple issues were addressed by updating to curl version 7.84.0.", "id": "CVE-2022-32207", "impact": "Multiple issues in curl", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "", "description": "Multiple issues were addressed by updating to curl version 7.84.0.", "id": "CVE-2022-32208", "impact": "Multiple issues in curl", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Wojciech Regu\u0142a (@_r3ggi) of SecuRing", "description": "This issue was addressed by enabling hardened runtime.", "id": "CVE-2022-32781", "impact": "An app with root privileges may be able to access private information", "links": [ "https://support.apple.com/en-us/HT213257", "https://support.apple.com/en-us/HT213258", "https://support.apple.com/en-us/HT213343", "https://support.apple.com/en-us/HT213344" ], "module": "FaceTime", "rsr": "", "update": "" }, { "available": [ "macOS Monterey" ], "credit": "Wojciech Regu\u0142a (@_r3ggi) of SecuRing", "description": "This issue was addressed by enabling hardened runtime.", "id": "CVE-2022-32782", "impact": "An app with root privileges may be able to access private information", "links": [ "https://support.apple.com/en-us/HT213257" ], "module": "Photo Booth", "rsr": "", "update": "July 6, 2022" }, { "available": [ "macOS Monterey" ], "credit": "Jon Thompson of Evolve (Des Moines, IA)", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2022-32783", "impact": "An app may gain unauthorized access to Bluetooth", "links": [ "https://support.apple.com/en-us/HT213257" ], "module": "Bluetooth", "rsr": "", "update": "July 6, 2022" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur and macOS Catalina" ], "credit": "Young Min Kim of CompSec Lab at Seoul National University", "description": "The issue was addressed with improved UI handling.", "id": "CVE-2022-32784", "impact": "Visiting a maliciously crafted website may leak sensitive data", "links": [ "https://support.apple.com/en-us/HT213341", "https://support.apple.com/en-us/HT213346" ], "module": "Safari Extensions", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Yi\u011fit Can YILMAZ (@yilmazcanyigit)", "description": "A null pointer dereference was addressed with improved validation.", "id": "CVE-2022-32785", "impact": "Processing an image may lead to a denial-of-service", "links": [ "https://support.apple.com/en-us/HT213343", "https://support.apple.com/en-us/HT213344", "https://support.apple.com/en-us/HT213345", "https://support.apple.com/en-us/HT213346" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Mickey Jin (@patch1t)", "description": "An issue in the handling of environment variables was addressed with improved validation.", "id": "CVE-2022-32786", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/HT213343", "https://support.apple.com/en-us/HT213344", "https://support.apple.com/en-us/HT213345" ], "module": "PackageKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Dohyun Lee (@l33d0hyun) of SSD Secure Disclosure Labs & DNSLab, Korea Univ.", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2022-32787", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213340", "https://support.apple.com/en-us/HT213342", "https://support.apple.com/en-us/HT213343", "https://support.apple.com/en-us/HT213344", "https://support.apple.com/en-us/HT213345", "https://support.apple.com/en-us/HT213346" ], "module": "ICU", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Monterey" ], "credit": "Natalie Silvanovich of Google Project Zero", "description": "A buffer overflow issue was addressed with improved bounds checking.", "id": "CVE-2022-32788", "impact": "A remote user may be able to cause kernel code execution", "links": [ "https://support.apple.com/en-us/HT213340", "https://support.apple.com/en-us/HT213342", "https://support.apple.com/en-us/HT213345", "https://support.apple.com/en-us/HT213346" ], "module": "AppleAVD", "rsr": "", "update": "" }, { "available": [ "macOS Monterey" ], "credit": "Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2022-32789", "impact": "An app may be able to bypass Privacy preferences", "links": [ "https://support.apple.com/en-us/HT213345" ], "module": "Automation", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Max Shavrick (@_mxms) of the Google Security Team", "description": "This issue was addressed with improved checks.", "id": "CVE-2022-32790", "impact": "A remote user may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/HT213253", "https://support.apple.com/en-us/HT213254", "https://support.apple.com/en-us/HT213255", "https://support.apple.com/en-us/HT213256", "https://support.apple.com/en-us/HT213257", "https://support.apple.com/en-us/HT213258" ], "module": "libresolv", "rsr": "", "update": "June 21, 2022" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur and macOS Catalina", "macOS Monterey" ], "bugzilla": "240720", "credit": "Manfred Paul (@_manfp) working with Trend Micro Zero Day Initiative", "description": "An out-of-bounds write issue was addressed with improved input validation.", "id": "CVE-2022-32792", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213340", "https://support.apple.com/en-us/HT213341", "https://support.apple.com/en-us/HT213342", "https://support.apple.com/en-us/HT213345", "https://support.apple.com/en-us/HT213346" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later", "macOS Monterey" ], "credit": "an anonymous researcher", "description": "Multiple out-of-bounds write issues were addressed with improved bounds checking.", "id": "CVE-2022-32793", "impact": "An app may be able to disclose kernel memory", "links": [ "https://support.apple.com/en-us/HT213340", "https://support.apple.com/en-us/HT213342", "https://support.apple.com/en-us/HT213345", "https://support.apple.com/en-us/HT213346", "https://support.apple.com/en-us/HT213446" ], "module": "GPU Drivers", "rsr": "", "update": "March 16, 2023" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Mickey Jin (@patch1t)", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2022-32794", "impact": "An app may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT213255", "https://support.apple.com/en-us/HT213256", "https://support.apple.com/en-us/HT213257" ], "module": "PackageKit", "rsr": "", "update": "October 4, 2022" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later" ], "credit": "Narendra Bhati of Suma Soft Pvt. Ltd. Pune (India) @imnarendrabhati", "description": "This issue was addressed with improved checks.", "id": "CVE-2022-32795", "impact": "Visiting a malicious website may lead to address bar spoofing", "links": [ "https://support.apple.com/en-us/HT213445", "https://support.apple.com/en-us/HT213446" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "macOS Monterey" ], "credit": "Sreejith Krishnan R (@skr0x1c0)", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2022-32796", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213345" ], "module": "SMB", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Mickey Jin (@patch1t), Ye Zhang (@co0py_Cat) of Baidu Security, Mickey Jin (@patch1t) of Trend Micro", "description": "This issue was addressed with improved checks.", "id": "CVE-2022-32797", "impact": "Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT213343", "https://support.apple.com/en-us/HT213344", "https://support.apple.com/en-us/HT213345" ], "module": "AppleScript", "rsr": "", "update": "" }, { "available": [ "macOS Monterey" ], "credit": "Sreejith Krishnan R (@skr0x1c0)", "description": "An out-of-bounds write issue was addressed with improved input validation.", "id": "CVE-2022-32798", "impact": "An app may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT213345" ], "module": "SMB", "rsr": "", "update": "" }, { "available": [ "macOS Catalina", "macOS Monterey" ], "credit": "Sreejith Krishnan R (@skr0x1c0)", "description": "An out-of-bounds read issue was addressed with improved bounds checking.", "id": "CVE-2022-32799", "impact": "A user in a privileged network position may be able to leak sensitive information", "links": [ "https://support.apple.com/en-us/HT213343", "https://support.apple.com/en-us/HT213345" ], "module": "SMB", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed with improved checks.", "id": "CVE-2022-32800", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/HT213343", "https://support.apple.com/en-us/HT213344", "https://support.apple.com/en-us/HT213345" ], "module": "PackageKit", "rsr": "", "update": "" }, { "available": [ "macOS Monterey" ], "credit": "Joshua Mason (@josh@jhu.edu)", "description": "This issue was addressed with improved checks.", "id": "CVE-2022-32801", "impact": "An app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/HT213345" ], "module": "Spotlight", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Monterey" ], "credit": "Ivan Fratric of Google Project Zero, Mickey Jin (@patch1t)", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2022-32802", "impact": "Processing a maliciously crafted file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213342", "https://support.apple.com/en-us/HT213345", "https://support.apple.com/en-us/HT213346" ], "module": "ImageIO", "rsr": "", "update": "September 16, 2022" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Csaba Fitzl (@theevilbit) of Offensive Security", "description": "The issue was addressed with improved handling of caches.", "id": "CVE-2022-32805", "impact": "An app may be able to access sensitive user information", "links": [ "https://support.apple.com/en-us/HT213343", "https://support.apple.com/en-us/HT213344", "https://support.apple.com/en-us/HT213345" ], "module": "Calendar", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab", "description": "This issue was addressed with improved file handling.", "id": "CVE-2022-32807", "impact": "An app may be able to overwrite arbitrary files", "links": [ "https://support.apple.com/en-us/HT213343", "https://support.apple.com/en-us/HT213344", "https://support.apple.com/en-us/HT213345" ], "module": "Spindump", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "Mickey Jin (@patch1t)", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2022-32809", "impact": "Processing an image may lead to a denial-of-service", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "ImageIO", "rsr": "", "update": "August 1, 2023" }, { "available": [ "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (3rd generation) and later, iPad Air (3rd generation) and later, and iPad mini (5th generation)", "macOS Monterey" ], "credit": "Mohamed Ghannam (@_simo36)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2022-32810", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213340", "https://support.apple.com/en-us/HT213345", "https://support.apple.com/en-us/HT213346" ], "module": "Apple Neural Engine", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "ABC Research s.r.o", "description": "A memory corruption vulnerability was addressed with improved locking.", "id": "CVE-2022-32811", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213343", "https://support.apple.com/en-us/HT213344", "https://support.apple.com/en-us/HT213345" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Yinyi Wu (@3ndy1), ABC Research s.r.o.", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2022-32812", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213343", "https://support.apple.com/en-us/HT213344", "https://support.apple.com/en-us/HT213345" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Xinru Chi of Pangu Lab", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2022-32813", "impact": "An app with root privileges may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213340", "https://support.apple.com/en-us/HT213342", "https://support.apple.com/en-us/HT213343", "https://support.apple.com/en-us/HT213344", "https://support.apple.com/en-us/HT213345", "https://support.apple.com/en-us/HT213346" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Monterey" ], "credit": "Pan ZhenPeng (@Peterpan0927)", "description": "A type confusion issue was addressed with improved checks.", "id": "CVE-2022-32814", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213340", "https://support.apple.com/en-us/HT213342", "https://support.apple.com/en-us/HT213344", "https://support.apple.com/en-us/HT213345", "https://support.apple.com/en-us/HT213346" ], "module": "Multi-Touch", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Xinru Chi of Pangu Lab", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2022-32815", "impact": "An app with root privileges may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213340", "https://support.apple.com/en-us/HT213342", "https://support.apple.com/en-us/HT213343", "https://support.apple.com/en-us/HT213344", "https://support.apple.com/en-us/HT213345", "https://support.apple.com/en-us/HT213346" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Monterey" ], "bugzilla": "239316", "credit": "Dohyun Lee (@l33d0hyun) of SSD Secure Disclosure Labs & DNSLab, Korea Univ.", "description": "The issue was addressed with improved UI handling.", "id": "CVE-2022-32816", "impact": "Visiting a website that frames malicious content may lead to UI spoofing", "links": [ "https://support.apple.com/en-us/HT213340", "https://support.apple.com/en-us/HT213342", "https://support.apple.com/en-us/HT213345", "https://support.apple.com/en-us/HT213346" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Monterey" ], "credit": "Xinru Chi of Pangu Lab", "description": "An out-of-bounds read issue was addressed with improved bounds checking.", "id": "CVE-2022-32817", "impact": "An app may be able to disclose kernel memory", "links": [ "https://support.apple.com/en-us/HT213340", "https://support.apple.com/en-us/HT213342", "https://support.apple.com/en-us/HT213345", "https://support.apple.com/en-us/HT213346" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Monterey" ], "credit": "Sreejith Krishnan R (@skr0x1c0)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2022-32818", "impact": "An app may be able to leak sensitive kernel state", "links": [ "https://support.apple.com/en-us/HT213345" ], "module": "SMB", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Joshua Mason of Mandiant", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2022-32819", "impact": "An app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/HT213340", "https://support.apple.com/en-us/HT213342", "https://support.apple.com/en-us/HT213343", "https://support.apple.com/en-us/HT213344", "https://support.apple.com/en-us/HT213345", "https://support.apple.com/en-us/HT213346" ], "module": "File System Events", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "an anonymous researcher", "description": "An out-of-bounds write issue was addressed with improved input validation.", "id": "CVE-2022-32820", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213340", "https://support.apple.com/en-us/HT213342", "https://support.apple.com/en-us/HT213343", "https://support.apple.com/en-us/HT213344", "https://support.apple.com/en-us/HT213345", "https://support.apple.com/en-us/HT213346" ], "module": "Audio", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Monterey" ], "credit": "John Aakerblom (@jaakerblom)", "description": "A memory corruption issue was addressed with improved validation.", "id": "CVE-2022-32821", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213340", "https://support.apple.com/en-us/HT213342", "https://support.apple.com/en-us/HT213345", "https://support.apple.com/en-us/HT213346" ], "module": "GPU Drivers", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "", "description": "A memory initialization issue was addressed with improved memory handling.", "id": "CVE-2022-32823", "impact": "An app may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT213340", "https://support.apple.com/en-us/HT213342", "https://support.apple.com/en-us/HT213343", "https://support.apple.com/en-us/HT213344", "https://support.apple.com/en-us/HT213345", "https://support.apple.com/en-us/HT213346" ], "module": "libxml2", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Antonio Zekic (@antoniozekic) and John Aakerblom (@jaakerblom)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2022-32824", "impact": "An app may be able to disclose kernel memory", "links": [ "https://support.apple.com/en-us/HT213340", "https://support.apple.com/en-us/HT213342", "https://support.apple.com/en-us/HT213346" ], "module": "AppleAVD", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Monterey" ], "credit": "John Aakerblom (@jaakerblom)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2022-32825", "impact": "An app may be able to disclose kernel memory", "links": [ "https://support.apple.com/en-us/HT213340", "https://support.apple.com/en-us/HT213342", "https://support.apple.com/en-us/HT213344", "https://support.apple.com/en-us/HT213345", "https://support.apple.com/en-us/HT213346" ], "module": "Audio", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Mickey Jin (@patch1t) of Trend Micro", "description": "An authorization issue was addressed with improved state management.", "id": "CVE-2022-32826", "impact": "An app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/HT213340", "https://support.apple.com/en-us/HT213342", "https://support.apple.com/en-us/HT213343", "https://support.apple.com/en-us/HT213344", "https://support.apple.com/en-us/HT213345", "https://support.apple.com/en-us/HT213346" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 8 and later" ], "credit": "Antonio Zekic (@antoniozekic), Natalie Silvanovich of Google Project Zero, and an anonymous researcher", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2022-32827", "impact": "An app may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/HT213446", "https://support.apple.com/en-us/HT213488" ], "module": "AppleAVD", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Monterey" ], "credit": "Antonio Zekic (@antoniozekic) and John Aakerblom (@jaakerblom)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2022-32828", "impact": "An app may be able to disclose kernel memory", "links": [ "https://support.apple.com/en-us/HT213342", "https://support.apple.com/en-us/HT213345", "https://support.apple.com/en-us/HT213346" ], "module": "CoreMedia", "rsr": "", "update": "" }, { "available": [ "iPhone 8 and later, iPad Pro (3rd generation) and later, iPad Air (3rd generation) and later, and iPad mini (5th generation)", "macOS Monterey" ], "credit": "Tingting Yin of Tsinghua University, and Min Zheng of Ant Group", "description": "This issue was addressed with improved checks.", "id": "CVE-2022-32829", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213345", "https://support.apple.com/en-us/HT213346" ], "module": "Kernel", "rsr": "", "update": "September 16, 2022" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Ye Zhang (@co0py_Cat) of Baidu Security", "description": "An out-of-bounds read issue was addressed with improved bounds checking.", "id": "CVE-2022-32830", "impact": "Processing a maliciously crafted image may lead to disclosure of user information", "links": [ "https://support.apple.com/en-us/HT213342", "https://support.apple.com/en-us/HT213346" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Ye Zhang (@co0py_Cat) of Baidu Security", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2022-32831", "impact": "Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT213343", "https://support.apple.com/en-us/HT213344", "https://support.apple.com/en-us/HT213345" ], "module": "AppleScript", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Tommy Muir (@Muirey03)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2022-32832", "impact": "An app with root privileges may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213340", "https://support.apple.com/en-us/HT213342", "https://support.apple.com/en-us/HT213343", "https://support.apple.com/en-us/HT213344", "https://support.apple.com/en-us/HT213345", "https://support.apple.com/en-us/HT213346" ], "module": "APFS", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 8 and later", "macOS Big Sur and macOS Monterey" ], "credit": "Csaba Fitzl (@theevilbit) of Offensive Security, Jeff Johnson", "description": "The issue was addressed with improved handling of caches.", "id": "CVE-2022-32833", "impact": "An app may be able to bypass Privacy preferences", "links": [ "https://support.apple.com/en-us/HT213442", "https://support.apple.com/en-us/HT213446", "https://support.apple.com/en-us/HT213488" ], "module": "WebKit Storage", "rsr": "", "update": "December 22, 2022" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Xuxiang Yang (@another1024) of Tencent Security Xuanwu Lab (xlab.tencent.com), Gordon Long, Thijs Alkemade (@xnyhps) of Computest Sector 7, Adam Chester from TrustedSec, Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com), Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab (xlab.tencent.com)", "description": "An access issue was addressed with improvements to the sandbox.", "id": "CVE-2022-32834", "impact": "An app may be able to access sensitive user information", "links": [ "https://support.apple.com/en-us/HT213343", "https://support.apple.com/en-us/HT213344", "https://support.apple.com/en-us/HT213345" ], "module": "TCC", "rsr": "", "update": "September 16, 2022, updated June 6, 2023" }, { "available": [ "Apple Watch Series 4 and later", "iPhone 8 and later" ], "credit": "Guilherme Rambo of Best Buddy Apps (rambo.codes)", "description": "This issue was addressed with improved entitlements.", "id": "CVE-2022-32835", "impact": "An app may be able to read a persistent device identifier", "links": [ "https://support.apple.com/en-us/HT213446", "https://support.apple.com/en-us/HT213486" ], "module": "Watch app", "rsr": "", "update": "" }, { "available": [ "Android version 5.0 and later" ], "credit": "hluwa", "description": "This issue was addressed with improved state management.", "id": "CVE-2022-32836", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/HT213473" ], "module": "Apple Music on Android", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Catalina", "macOS Monterey" ], "credit": "Wang Yu of Cyberserval", "description": "This issue was addressed with improved checks.", "id": "CVE-2022-32837", "impact": "An app may be able to cause unexpected system termination or write kernel memory", "links": [ "https://support.apple.com/en-us/HT213342", "https://support.apple.com/en-us/HT213343", "https://support.apple.com/en-us/HT213345", "https://support.apple.com/en-us/HT213346" ], "module": "Wi-Fi", "rsr": "", "update": "September 16, 2022" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Mickey Jin (@patch1t) of Trend Micro", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2022-32838", "impact": "An app may be able to read arbitrary files", "links": [ "https://support.apple.com/en-us/HT213343", "https://support.apple.com/en-us/HT213344", "https://support.apple.com/en-us/HT213345", "https://support.apple.com/en-us/HT213346" ], "module": "PluginKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "STAR Labs (@starlabs_sg)", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2022-32839", "impact": "A remote user may cause an unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213340", "https://support.apple.com/en-us/HT213342", "https://support.apple.com/en-us/HT213343", "https://support.apple.com/en-us/HT213344", "https://support.apple.com/en-us/HT213345", "https://support.apple.com/en-us/HT213346" ], "module": "CoreText", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (3rd generation) and later, iPad Air (3rd generation) and later, and iPad mini (5th generation)", "macOS Monterey" ], "credit": "Mohamed Ghannam (@_simo36)", "description": "This issue was addressed with improved checks.", "id": "CVE-2022-32840", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213340", "https://support.apple.com/en-us/HT213345", "https://support.apple.com/en-us/HT213346" ], "module": "Apple Neural Engine", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Monterey" ], "credit": "hjy79425575", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2022-32841", "impact": "Processing a maliciously crafted image may result in disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT213340", "https://support.apple.com/en-us/HT213342", "https://support.apple.com/en-us/HT213345", "https://support.apple.com/en-us/HT213346" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "macOS Catalina", "macOS Monterey" ], "credit": "Sreejith Krishnan R (@skr0x1c0)", "description": "An out-of-bounds read issue was addressed with improved input validation.", "id": "CVE-2022-32842", "impact": "An app may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT213343", "https://support.apple.com/en-us/HT213345" ], "module": "SMB", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Kai Lu of Zscaler's ThreatLabz", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2022-32843", "impact": "Processing a maliciously crafted Postscript file may result in unexpected app termination or disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT213343", "https://support.apple.com/en-us/HT213344", "https://support.apple.com/en-us/HT213345" ], "module": "PS Normalizer", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Sreejith Krishnan R (@skr0x1c0)", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2022-32844", "impact": "An app with arbitrary kernel read and write capability may be able to bypass Pointer Authentication", "links": [ "https://support.apple.com/en-us/HT213340", "https://support.apple.com/en-us/HT213342", "https://support.apple.com/en-us/HT213346" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (3rd generation) and later, iPad Air (3rd generation) and later, and iPad mini (5th generation)", "macOS Monterey" ], "credit": "Mohamed Ghannam (@_simo36)", "description": "This issue was addressed with improved checks.", "id": "CVE-2022-32845", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/HT213340", "https://support.apple.com/en-us/HT213345", "https://support.apple.com/en-us/HT213346" ], "module": "Apple Neural Engine", "rsr": "", "update": "" }, { "available": [ "Android version 5.0 and later" ], "credit": "Martin Mwangi Kibuchi", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2022-32846", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/HT213473" ], "module": "Apple Music on Android", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Wang Yu of Cyberserval", "description": "This issue was addressed with improved checks.", "id": "CVE-2022-32847", "impact": "A remote user may be able to cause unexpected system termination or corrupt kernel memory", "links": [ "https://support.apple.com/en-us/HT213340", "https://support.apple.com/en-us/HT213342", "https://support.apple.com/en-us/HT213343", "https://support.apple.com/en-us/HT213344", "https://support.apple.com/en-us/HT213345", "https://support.apple.com/en-us/HT213346" ], "module": "Wi-Fi", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Monterey" ], "credit": "Jeremy Legendre of MacEnhance", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2022-32848", "impact": "An app may be able to capture a user\u2019s screen", "links": [ "https://support.apple.com/en-us/HT213344", "https://support.apple.com/en-us/HT213345" ], "module": "Windows Server", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Joshua Jones", "description": "An information disclosure issue was addressed by removing the vulnerable code.", "id": "CVE-2022-32849", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/HT213342", "https://support.apple.com/en-us/HT213343", "https://support.apple.com/en-us/HT213344", "https://support.apple.com/en-us/HT213345", "https://support.apple.com/en-us/HT213346", "https://support.apple.com/en-us/HT213488" ], "module": "iCloud Photo Library", "rsr": "", "update": "November 9, 2022" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Ye Zhang (@co0py_Cat) of Baidu Security", "description": "An out-of-bounds read issue was addressed with improved input validation.", "id": "CVE-2022-32851", "impact": "Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT213343", "https://support.apple.com/en-us/HT213344", "https://support.apple.com/en-us/HT213345" ], "module": "AppleScript", "rsr": "", "update": "" }, { "available": [ "macOS Monterey" ], "credit": "Ye Zhang (@co0py_Cat) of Baidu Security", "description": "An out-of-bounds read issue was addressed with improved input validation.", "id": "CVE-2022-32852", "impact": "Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT213345" ], "module": "AppleScript", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Ye Zhang(@co0py_Cat) of Baidu Security", "description": "An out-of-bounds read issue was addressed with improved input validation.", "id": "CVE-2022-32853", "impact": "Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT213343", "https://support.apple.com/en-us/HT213344", "https://support.apple.com/en-us/HT213345" ], "module": "AppleScript", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 4 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later", "macOS Big Sur" ], "credit": "Holger Fuhrmannek of Deutsche Telekom Security", "description": "This issue was addressed with improved checks.", "id": "CVE-2022-32854", "impact": "An app may be able to bypass Privacy preferences", "links": [ "https://support.apple.com/en-us/HT213443", "https://support.apple.com/en-us/HT213445", "https://support.apple.com/en-us/HT213446", "https://support.apple.com/en-us/HT213486" ], "module": "Contacts", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Zitong Wu(\u5434\u6893\u6850) from Zhuhai No.1 Middle School(\u73e0\u6d77\u5e02\u7b2c\u4e00\u4e2d\u5b66)", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2022-32855", "impact": "A user may be able to view restricted content from the lock screen", "links": [ "https://support.apple.com/en-us/HT213346" ], "module": "Home", "rsr": "", "update": "September 16, 2022" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Jeffrey Paul (sneak.berlin)", "description": "This issue was addressed by using HTTPS when sending information over the network.", "id": "CVE-2022-32857", "impact": "A user in a privileged network position can track a user\u2019s activity", "links": [ "https://support.apple.com/en-us/HT213340", "https://support.apple.com/en-us/HT213342", "https://support.apple.com/en-us/HT213343", "https://support.apple.com/en-us/HT213344", "https://support.apple.com/en-us/HT213345", "https://support.apple.com/en-us/HT213346" ], "module": "Software Update", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 4 and later", "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 8 and later" ], "credit": "Mohamed Ghannam (@_simo36)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2022-32858", "impact": "An app may be able to leak sensitive kernel state", "links": [ "https://support.apple.com/en-us/HT213446", "https://support.apple.com/en-us/HT213486", "https://support.apple.com/en-us/HT213488" ], "module": "Apple Neural Engine", "rsr": "", "update": "" }, { "available": [ "iPhone 8 and later" ], "credit": "", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2022-32859", "impact": "Deleted contacts may still appear in spotlight search results", "links": [ "https://support.apple.com/en-us/HT213446" ], "module": "Time Zone", "rsr": "", "update": "October 27, 2022" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Wang Yu of Cyberserval", "description": "An out-of-bounds write was addressed with improved input validation.", "id": "CVE-2022-32860", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213343", "https://support.apple.com/en-us/HT213344", "https://support.apple.com/en-us/HT213345", "https://support.apple.com/en-us/HT213346" ], "module": "Wi-Fi", "rsr": "", "update": "June 6, 2023" }, { "available": [ "macOS Big Sur and macOS Catalina", "macOS Monterey" ], "credit": "Matthias Keller (m-keller.com)", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2022-32861", "impact": "A user may be tracked through their IP address", "links": [ "https://support.apple.com/en-us/HT213341", "https://support.apple.com/en-us/HT213345" ], "module": "WebKit", "rsr": "", "update": "September 16, 2022" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "macOS Big Sur", "macOS Monterey" ], "credit": "Rohit Chatterjee of University of Illinois Urbana-Champaign", "description": "This issue was addressed with improved data protection.", "id": "CVE-2022-32862", "impact": "An app with root privileges may be able to access private information", "links": [ "https://support.apple.com/en-us/HT213488", "https://support.apple.com/en-us/HT213493", "https://support.apple.com/en-us/HT213494" ], "module": "Sandbox", "rsr": "", "update": "May 11, 2023" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur and macOS Catalina", "macOS Monterey" ], "credit": "P1umer(@p1umer), afang(@afang5472), xmzyshypnc(@xmzyshypnc1)", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2022-32863", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213340", "https://support.apple.com/en-us/HT213341", "https://support.apple.com/en-us/HT213342", "https://support.apple.com/en-us/HT213345", "https://support.apple.com/en-us/HT213346" ], "module": "WebKit", "rsr": "", "update": "September 16, 2022, updated March 16, 2023" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 4 and later", "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later", "macOS Big Sur", "macOS Monterey" ], "credit": "Linus Henze of Pinauten GmbH (pinauten.de)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2022-32864", "impact": "An app may be able to disclose kernel memory", "links": [ "https://support.apple.com/en-us/HT213443", "https://support.apple.com/en-us/HT213444", "https://support.apple.com/en-us/HT213445", "https://support.apple.com/en-us/HT213446", "https://support.apple.com/en-us/HT213486", "https://support.apple.com/en-us/HT213487", "https://support.apple.com/en-us/HT213488" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 8 and later" ], "credit": "Linus Henze of Pinauten GmbH (pinauten.de)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2022-32865", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213446", "https://support.apple.com/en-us/HT213488" ], "module": "DriverKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 4 and later", "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 8 and later", "macOS Big Sur", "macOS Monterey" ], "credit": "Linus Henze of Pinauten GmbH (pinauten.de)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2022-32866", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213443", "https://support.apple.com/en-us/HT213444", "https://support.apple.com/en-us/HT213446", "https://support.apple.com/en-us/HT213486", "https://support.apple.com/en-us/HT213487", "https://support.apple.com/en-us/HT213488" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 8 and later" ], "credit": "Kshitij Kumar and Jai Musunuri of Crowdstrike", "description": "This issue was addressed with improved data protection.", "id": "CVE-2022-32867", "impact": "A user with physical access to an iOS device may be able to read past diagnostic logs", "links": [ "https://support.apple.com/en-us/HT213446", "https://support.apple.com/en-us/HT213488" ], "module": "Crash Reporter", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later", "macOS Big Sur and macOS Monterey" ], "bugzilla": "242278", "credit": "Michael", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2022-32868", "impact": "A website may be able to track users through Safari web extensions", "links": [ "https://support.apple.com/en-us/HT213442", "https://support.apple.com/en-us/HT213445", "https://support.apple.com/en-us/HT213446" ], "module": "Safari Extensions", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 4 and later", "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 8 and later" ], "credit": "Andrew Goldberg of The McCombs School of Business, The University of Texas at Austin (linkedin.com/in/andrew-goldberg-/)", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2022-32870", "impact": "A user with physical access to a device may be able to use Siri to obtain some call history information", "links": [ "https://support.apple.com/en-us/HT213446", "https://support.apple.com/en-us/HT213486", "https://support.apple.com/en-us/HT213488" ], "module": "Siri", "rsr": "", "update": "" }, { "available": [ "iPhone 8 and later" ], "credit": "Amit Prajapat of Payatu Security Consulting Private Limited", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2022-32871", "impact": "A person with physical access to a device may be able to use Siri to access private calendar information", "links": [ "https://support.apple.com/en-us/HT213446" ], "module": "Siri", "rsr": "", "update": "March 16, 2023" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later" ], "credit": "Elite Tech Guru", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2022-32872", "impact": "A person with physical access to an iOS device may be able to access photos from the lock screen", "links": [ "https://support.apple.com/en-us/HT213445", "https://support.apple.com/en-us/HT213446" ], "module": "Shortcuts", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 4 and later", "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 8 and later", "macOS Big Sur", "macOS Monterey" ], "credit": "an anonymous researcher", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2022-32875", "impact": "An app may be able to read sensitive location information", "links": [ "https://support.apple.com/en-us/HT213443", "https://support.apple.com/en-us/HT213444", "https://support.apple.com/en-us/HT213446", "https://support.apple.com/en-us/HT213486", "https://support.apple.com/en-us/HT213488" ], "module": "Weather", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "an anonymous researcher", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2022-32876", "impact": "A shortcut may be able to view the hidden photos album without authentication", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "Shortcuts", "rsr": "", "update": "August 1, 2023" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 8 and later", "macOS Big Sur", "macOS Monterey" ], "credit": "Wojciech Regu\u0142a (@_r3ggi) of SecuRing", "description": "A configuration issue was addressed with additional restrictions.", "id": "CVE-2022-32877", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/HT213443", "https://support.apple.com/en-us/HT213444", "https://support.apple.com/en-us/HT213446", "https://support.apple.com/en-us/HT213488" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "March 16, 2023" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 4 and later", "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later" ], "credit": "Ubeydullah S\u00fcmer", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2022-32879", "impact": "A user with physical access to a device may be able to access contacts from the lock screen", "links": [ "https://support.apple.com/en-us/HT213445", "https://support.apple.com/en-us/HT213446", "https://support.apple.com/en-us/HT213486", "https://support.apple.com/en-us/HT213487", "https://support.apple.com/en-us/HT213488" ], "module": "Notifications", "rsr": "", "update": "" }, { "available": [ "macOS Monterey" ], "credit": "Wojciech Regu\u0142a (@_r3ggi) of SecuRing, Mickey Jin (@patch1t) of Trend Micro, Csaba Fitzl (@theevilbit) of Offensive Security", "description": "This issue was addressed by enabling hardened runtime.", "id": "CVE-2022-32880", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/HT213345" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "September 16, 2022" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 4 and later", "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 8 and later", "macOS Big Sur", "macOS Monterey" ], "credit": "Csaba Fitzl (@theevilbit) of Offensive Security", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2022-32881", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/HT213443", "https://support.apple.com/en-us/HT213444", "https://support.apple.com/en-us/HT213446", "https://support.apple.com/en-us/HT213486", "https://support.apple.com/en-us/HT213487", "https://support.apple.com/en-us/HT213488" ], "module": "Sandbox", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Monterey" ], "credit": "Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab", "description": "This issue was addressed with improved checks.", "id": "CVE-2022-32882", "impact": "An app may be able to bypass Privacy preferences", "links": [ "https://support.apple.com/en-us/HT213256", "https://support.apple.com/en-us/HT213257" ], "module": "Libinfo", "rsr": "", "update": "September 16, 2022" }, { "available": [ "Apple Watch Series 4 and later", "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later", "macOS Big Sur", "macOS Monterey" ], "credit": "Ron Masas of breakpointhq.com", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2022-32883", "impact": "An app may be able to read sensitive location information", "links": [ "https://support.apple.com/en-us/HT213443", "https://support.apple.com/en-us/HT213444", "https://support.apple.com/en-us/HT213445", "https://support.apple.com/en-us/HT213446", "https://support.apple.com/en-us/HT213486", "https://support.apple.com/en-us/HT213488" ], "module": "Maps", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur and macOS Catalina", "macOS Monterey" ], "bugzilla": "241526", "credit": "P1umer(@p1umer) and Q1IQ(@q1iqF)", "description": "A memory corruption issue was addressed with improved validation.", "id": "CVE-2022-32885", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213341", "https://support.apple.com/en-us/HT213345", "https://support.apple.com/en-us/HT213346" ], "module": "WebKit", "rsr": "", "update": "March 16, 2023" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 4 and later", "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later", "macOS Big Sur and macOS Monterey" ], "bugzilla": "241969", "credit": "P1umer (@p1umer), afang (@afang5472), xmzyshypnc (@xmzyshypnc1)", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2022-32886", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213442", "https://support.apple.com/en-us/HT213445", "https://support.apple.com/en-us/HT213446", "https://support.apple.com/en-us/HT213486", "https://support.apple.com/en-us/HT213487", "https://support.apple.com/en-us/HT213488" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 8 and later" ], "credit": "an anonymous researcher", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2022-32887", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213446" ], "module": "IOGPUFamily", "rsr": "", "update": "October 27, 2022" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 4 and later", "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later", "macOS Big Sur", "macOS Monterey" ], "bugzilla": "242047", "credit": "P1umer (@p1umer)", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2022-32888", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213443", "https://support.apple.com/en-us/HT213444", "https://support.apple.com/en-us/HT213445", "https://support.apple.com/en-us/HT213446", "https://support.apple.com/en-us/HT213486", "https://support.apple.com/en-us/HT213487", "https://support.apple.com/en-us/HT213488" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 4 and later", "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 8 and later" ], "credit": "Mohamed Ghannam (@_simo36)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2022-32889", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213446", "https://support.apple.com/en-us/HT213486", "https://support.apple.com/en-us/HT213488" ], "module": "Apple Neural Engine", "rsr": "", "update": "December 21, 2023" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "Mickey Jin (@patch1t)", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2022-32890", "impact": "A sandboxed process may be able to circumvent sandbox restrictions", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "ATS", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later", "macOS Big Sur and macOS Monterey" ], "bugzilla": "243236", "credit": "@real_as3617 and an anonymous researcher", "description": "The issue was addressed with improved UI handling.", "id": "CVE-2022-32891", "impact": "Visiting a website that frames malicious content may lead to UI spoofing", "links": [ "https://support.apple.com/en-us/HT213442", "https://support.apple.com/en-us/HT213446", "https://support.apple.com/en-us/HT213486", "https://support.apple.com/en-us/HT213487" ], "module": "WebKit", "rsr": "", "update": "October 27, 2022" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later", "macOS Big Sur and macOS Monterey" ], "bugzilla": "243181", "credit": "@18\u697c\u68a6\u60f3\u6539\u9020\u5bb6 and @jq0904 of DBAppSecurity's WeBin lab", "description": "An access issue was addressed with improvements to the sandbox.", "id": "CVE-2022-32892", "impact": "A sandboxed process may be able to circumvent sandbox restrictions", "links": [ "https://support.apple.com/en-us/HT213442", "https://support.apple.com/en-us/HT213445", "https://support.apple.com/en-us/HT213446", "https://support.apple.com/en-us/HT213488" ], "module": "WebKit Sandboxing", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 4 and later", "iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur and macOS Catalina", "macOS Monterey" ], "bugzilla": "243557", "credit": "an anonymous researcher", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2022-32893", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.", "links": [ "https://support.apple.com/en-us/HT213412", "https://support.apple.com/en-us/HT213413", "https://support.apple.com/en-us/HT213414", "https://support.apple.com/en-us/HT213428", "https://support.apple.com/en-us/HT213486" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 4 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur", "macOS Monterey" ], "credit": "an anonymous researcher", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2022-32894", "impact": "An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.", "links": [ "https://support.apple.com/en-us/HT213412", "https://support.apple.com/en-us/HT213413", "https://support.apple.com/en-us/HT213443", "https://support.apple.com/en-us/HT213486" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "Mickey Jin (@patch1t) of Trend Micro, Mickey Jin (@patch1t)", "description": "A race condition was addressed with improved state handling.", "id": "CVE-2022-32895", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "PackageKit", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Monterey" ], "credit": "Wojciech Regu\u0142a (@_r3ggi)", "description": "This issue was addressed by enabling hardened runtime.", "id": "CVE-2022-32896", "impact": "A user may be able to view sensitive user information", "links": [ "https://support.apple.com/en-us/HT213443", "https://support.apple.com/en-us/HT213444" ], "module": "iMovie", "rsr": "", "update": "" }, { "available": [ "macOS Monterey" ], "credit": "Mickey Jin (@patch1t) of Trend Micro", "description": "A memory corruption issue was addressed with improved validation.", "id": "CVE-2022-32897", "impact": "Processing a maliciously crafted tiff file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213345" ], "module": "ImageIO", "rsr": "", "update": "October 31, 2023" }, { "available": [ "Apple Watch Series 4 and later", "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later" ], "credit": "Mohamed Ghannam (@_simo36)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2022-32898", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213445", "https://support.apple.com/en-us/HT213446", "https://support.apple.com/en-us/HT213486", "https://support.apple.com/en-us/HT213488" ], "module": "Apple Neural Engine", "rsr": "", "update": "December 21, 2023" }, { "available": [ "Apple Watch Series 4 and later", "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later" ], "credit": "Mohamed Ghannam (@_simo36)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2022-32899", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213445", "https://support.apple.com/en-us/HT213446", "https://support.apple.com/en-us/HT213486", "https://support.apple.com/en-us/HT213488" ], "module": "Apple Neural Engine", "rsr": "", "update": "December 21, 2023" }, { "available": [ "macOS Big Sur", "macOS Monterey" ], "credit": "Mickey Jin (@patch1t)", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2022-32900", "impact": "An app may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT213443", "https://support.apple.com/en-us/HT213444" ], "module": "PackageKit", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "macOS Big Sur", "macOS Monterey" ], "credit": "Mickey Jin (@patch1t)", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2022-32902", "impact": "An app may be able to bypass Privacy preferences", "links": [ "https://support.apple.com/en-us/HT213443", "https://support.apple.com/en-us/HT213444", "https://support.apple.com/en-us/HT213488" ], "module": "ATS", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later" ], "credit": "an anonymous researcher", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2022-32903", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213446", "https://support.apple.com/en-us/HT213486", "https://support.apple.com/en-us/HT213487" ], "module": "GPU Drivers", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "macOS Big Sur", "macOS Monterey" ], "credit": "Mickey Jin (@patch1t)", "description": "An access issue was addressed with additional sandbox restrictions.", "id": "CVE-2022-32904", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/HT213443", "https://support.apple.com/en-us/HT213444", "https://support.apple.com/en-us/HT213488" ], "module": "ATS", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "Ron Masas (breakpoint.sh) of BreakPoint Technologies LTD", "description": "This issue was addressed with improved validation of symlinks.", "id": "CVE-2022-32905", "impact": "Processing a maliciously crafted DMG file may lead to arbitrary code execution with system privileges", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "Finder", "rsr": "", "update": "" }, { "available": [ "Android version 5.0 and later" ], "credit": "David Coomber of Info-Sec.CA", "description": "This issue was addressed with using HTTPS when sending information over the network.", "id": "CVE-2022-32906", "impact": "A user in a privileged network position may intercept SSL/TLS connections", "links": [ "https://support.apple.com/en-us/HT213473" ], "module": "Apple Music on Android", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 4 and later", "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 8 and later" ], "credit": "Yinyi Wu, ABC Research s.r.o, Natalie Silvanovich of Google Project Zero, Tommaso Bianco (@cutesmilee__), Antonio Zekic (@antoniozekic), and John Aakerblom (@jaakerblom)", "description": "This issue was addressed with improved checks.", "id": "CVE-2022-32907", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213446", "https://support.apple.com/en-us/HT213486", "https://support.apple.com/en-us/HT213487", "https://support.apple.com/en-us/HT213488" ], "module": "AppleAVD", "rsr": "", "update": "March 16, 2023" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 4 and later", "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later", "macOS Big Sur", "macOS Monterey" ], "credit": "an anonymous researcher", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2022-32908", "impact": "A user may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/HT213443", "https://support.apple.com/en-us/HT213444", "https://support.apple.com/en-us/HT213445", "https://support.apple.com/en-us/HT213446", "https://support.apple.com/en-us/HT213486", "https://support.apple.com/en-us/HT213487", "https://support.apple.com/en-us/HT213488" ], "module": "MediaLibrary", "rsr": "", "update": "" }, { "available": [ "iPhone 8 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later" ], "credit": "Csaba Fitzl (@theevilbit) of Offensive Security", "description": "The issue was addressed with improved handling of caches.", "id": "CVE-2022-32909", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/HT213446", "https://support.apple.com/en-us/HT213489" ], "module": "Apple TV", "rsr": "", "update": "December 21, 2023" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Ferdous Saljooki (@malwarezoo) of Jamf Software", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2022-32910", "impact": "An archive may be able to bypass Gatekeeper", "links": [ "https://support.apple.com/en-us/HT213343", "https://support.apple.com/en-us/HT213344", "https://support.apple.com/en-us/HT213345" ], "module": "Archive Utility", "rsr": "", "update": "October 4, 2022" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 4 and later", "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later", "macOS Big Sur", "macOS Monterey" ], "credit": "Zweig of Kunlun Lab", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2022-32911", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213443", "https://support.apple.com/en-us/HT213444", "https://support.apple.com/en-us/HT213445", "https://support.apple.com/en-us/HT213446", "https://support.apple.com/en-us/HT213486", "https://support.apple.com/en-us/HT213487", "https://support.apple.com/en-us/HT213488" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 4 and later", "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later", "macOS Big Sur and macOS Monterey" ], "bugzilla": "242762", "credit": "Jeonghoon Shin (@singi21a) at Theori working with Trend Micro Zero Day Initiative", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2022-32912", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213442", "https://support.apple.com/en-us/HT213445", "https://support.apple.com/en-us/HT213446", "https://support.apple.com/en-us/HT213486", "https://support.apple.com/en-us/HT213487", "https://support.apple.com/en-us/HT213488" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 4 and later", "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 8 and later", "macOS Big Sur", "macOS Monterey" ], "credit": "Yi\u011fit Can YILMAZ (@yilmazcanyigit)", "description": "The issue was addressed with additional restrictions on the observability of app states.", "id": "CVE-2022-32913", "impact": "A sandboxed app may be able to determine which app is currently using the camera", "links": [ "https://support.apple.com/en-us/HT213443", "https://support.apple.com/en-us/HT213444", "https://support.apple.com/en-us/HT213446", "https://support.apple.com/en-us/HT213486", "https://support.apple.com/en-us/HT213487", "https://support.apple.com/en-us/HT213488" ], "module": "Image Processing", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 4 and later", "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 8 and later", "macOS Big Sur", "macOS Monterey" ], "credit": "Zweig of Kunlun Lab", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2022-32914", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213443", "https://support.apple.com/en-us/HT213444", "https://support.apple.com/en-us/HT213446", "https://support.apple.com/en-us/HT213486", "https://support.apple.com/en-us/HT213487", "https://support.apple.com/en-us/HT213488" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "Tommy Muir (@Muirey03)", "description": "A type confusion issue was addressed with improved checks.", "id": "CVE-2022-32915", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "DriverKit", "rsr": "", "update": "" }, { "available": [ "iPhone 8 and later" ], "credit": "Pan ZhenPeng of STAR Labs SG Pte. Ltd.", "description": "An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation.", "id": "CVE-2022-32916", "impact": "An app may be able to disclose kernel memory", "links": [ "https://support.apple.com/en-us/HT213446" ], "module": "Kernel", "rsr": "", "update": "November 9, 2022" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later", "macOS Big Sur", "macOS Monterey" ], "credit": "an anonymous researcher", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2022-32917", "impact": "An application may be able to execute arbitrary code with kernel privileges.", "links": [ "https://support.apple.com/en-us/HT213443", "https://support.apple.com/en-us/HT213444", "https://support.apple.com/en-us/HT213445", "https://support.apple.com/en-us/HT213446" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 8 and later" ], "credit": "Ashwani Rajput of Nagarro Software Pvt. Ltd, Srijan Shivam Mishra of The Hack Report, Jugal Goradia of Aastha Technologies, Evan Ricafort (evanricafort.com) of Invalid Web Security, Shesha Sai C (linkedin.com/in/shesha-sai-c-18585b125), and Amod Raghunath Patwardhan of Pune, India", "description": "This issue was addressed with improved data protection.", "id": "CVE-2022-32918", "impact": "An app may be able to bypass Privacy preferences", "links": [ "https://support.apple.com/en-us/HT213446", "https://support.apple.com/en-us/HT213488" ], "module": "Photos", "rsr": "", "update": "March 16, 2023" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "bugzilla": "247461", "credit": "@real_as3617", "description": "The issue was addressed with improved UI handling.", "id": "CVE-2022-32919", "impact": "Visiting a website that frames malicious content may lead to UI spoofing", "links": [ "https://support.apple.com/en-us/HT213530", "https://support.apple.com/en-us/HT213532" ], "module": "WebKit", "rsr": "", "update": "October 31, 2023" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later", "macOS Big Sur and macOS Monterey" ], "bugzilla": "242781", "credit": "Yonghwi Jin (@jinmo123) at Theori working with Trend Micro Zero Day Initiative", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2022-32922", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213488", "https://support.apple.com/en-us/HT213489", "https://support.apple.com/en-us/HT213495" ], "module": "WebKit PDF", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 4 and later", "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later", "macOS Big Sur and macOS Monterey" ], "bugzilla": "242964", "credit": "Wonyoung Jung (@nonetype_pwn) of KAIST Hacking Lab", "description": "A correctness issue in the JIT was addressed with improved checks.", "id": "CVE-2022-32923", "impact": "Processing maliciously crafted web content may disclose internal states of the app", "links": [ "https://support.apple.com/en-us/HT213488", "https://support.apple.com/en-us/HT213489", "https://support.apple.com/en-us/HT213490", "https://support.apple.com/en-us/HT213491", "https://support.apple.com/en-us/HT213492", "https://support.apple.com/en-us/HT213495" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 4 and later", "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later", "macOS Big Sur", "macOS Monterey" ], "credit": "Ian Beer of Google Project Zero", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2022-32924", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213443", "https://support.apple.com/en-us/HT213444", "https://support.apple.com/en-us/HT213488", "https://support.apple.com/en-us/HT213489", "https://support.apple.com/en-us/HT213491", "https://support.apple.com/en-us/HT213492" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later" ], "credit": "Wang Yu of Cyberserval", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2022-32925", "impact": "An app may be able to cause unexpected system termination or write kernel memory", "links": [ "https://support.apple.com/en-us/HT213446", "https://support.apple.com/en-us/HT213486", "https://support.apple.com/en-us/HT213487" ], "module": "Wi-Fi", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 4 and later", "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later" ], "credit": "Tim Michaud (@TimGMichaud) of Moveworks.ai", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2022-32926", "impact": "An app with root privileges may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213488", "https://support.apple.com/en-us/HT213489", "https://support.apple.com/en-us/HT213490", "https://support.apple.com/en-us/HT213491", "https://support.apple.com/en-us/HT213492" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later" ], "credit": "Dr Hideaki Goto of Tohoku University, Japan", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2022-32927", "impact": "Joining a malicious Wi-Fi network may result in a denial-of-service of the Settings app", "links": [ "https://support.apple.com/en-us/HT213489", "https://support.apple.com/en-us/HT213490" ], "module": "Wi-Fi", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 4 and later", "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 8 and later" ], "credit": "Ji\u0159\u00ed Vinopal (@vinopaljiri) of Check Point Research", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2022-32928", "impact": "A user in a privileged network position may be able to intercept mail credentials", "links": [ "https://support.apple.com/en-us/HT213446", "https://support.apple.com/en-us/HT213486", "https://support.apple.com/en-us/HT213488" ], "module": "Exchange", "rsr": "", "update": "March 16, 2023" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later" ], "credit": "Csaba Fitzl (@theevilbit) of Offensive Security", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2022-32929", "impact": "An app may be able to access iOS backups", "links": [ "https://support.apple.com/en-us/HT213445", "https://support.apple.com/en-us/HT213489", "https://support.apple.com/en-us/HT213490" ], "module": "Backup", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "an anonymous researcher", "description": "This issue was addressed with improved data protection.", "id": "CVE-2022-32931", "impact": "An app with root privileges may be able to access private information", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "Sandbox", "rsr": "", "update": "March 16, 2023, updated December 21, 2023" }, { "available": [ "Apple Watch Series 4 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later" ], "credit": "Mohamed Ghannam (@_simo36)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2022-32932", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213489", "https://support.apple.com/en-us/HT213490", "https://support.apple.com/en-us/HT213491" ], "module": "Apple Neural Engine", "rsr": "", "update": "" }, { "available": [ "macOS Monterey" ], "bugzilla": "239547", "credit": "Binoy Chitale, MS student, Stony Brook University, Nick Nikiforakis, Associate Professor, Stony Brook University, Jason Polakis, Associate Professor, University of Illinois at Chicago, Mir Masood Ali, PhD student, University of Illinois at Chicago, Chris Kanich, Associate Professor, University of Illinois at Chicago, and Mohammad Ghasemisharif, PhD Candidate, University of Illinois at Chicago", "description": "An information disclosure issue was addressed by removing the vulnerable code.", "id": "CVE-2022-32933", "impact": "A website may be able to track the websites a user visited in Safari private browsing mode", "links": [ "https://support.apple.com/en-us/HT213345" ], "module": "WebKit", "rsr": "", "update": "October 31, 2023" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "macOS Big Sur", "macOS Monterey" ], "credit": "Felix Poulin-Belanger", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2022-32934", "impact": "A remote user may be able to cause kernel code execution", "links": [ "https://support.apple.com/en-us/HT213443", "https://support.apple.com/en-us/HT213444", "https://support.apple.com/en-us/HT213488" ], "module": "SMB", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later" ], "credit": "Bistrit Dahal", "description": "A lock screen issue was addressed with improved state management.", "id": "CVE-2022-32935", "impact": "A user may be able to view restricted content from the lock screen", "links": [ "https://support.apple.com/en-us/HT213488", "https://support.apple.com/en-us/HT213489", "https://support.apple.com/en-us/HT213490" ], "module": "FaceTime", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "Antonio Zekic (@antoniozekic)", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2022-32936", "impact": "An app may be able to disclose kernel memory", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later" ], "credit": "Cristian Dinca of Tudor Vianu National High School of Computer Science of. Romania", "description": "A parsing issue in the handling of directory paths was addressed with improved path validation.", "id": "CVE-2022-32938", "impact": "A shortcut may be able to check the existence of an arbitrary path on the file system", "links": [ "https://support.apple.com/en-us/HT213488", "https://support.apple.com/en-us/HT213489" ], "module": "Shortcuts", "rsr": "", "update": "" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later" ], "credit": "Willy R. Vasquez of The University of Texas at Austin", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2022-32939", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213489", "https://support.apple.com/en-us/HT213490" ], "module": "Graphics Driver", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 4 and later", "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later" ], "credit": "ABC Research s.r.o.", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2022-32940", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213488", "https://support.apple.com/en-us/HT213489", "https://support.apple.com/en-us/HT213491", "https://support.apple.com/en-us/HT213492" ], "module": "AVEVideoEncoder", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later", "macOS Big Sur", "macOS Monterey" ], "credit": "an anonymous researcher", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2022-32941", "impact": "A buffer overflow may result in arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213488", "https://support.apple.com/en-us/HT213489", "https://support.apple.com/en-us/HT213490", "https://support.apple.com/en-us/HT213493", "https://support.apple.com/en-us/HT213494" ], "module": "ppp", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "Linus Henze of Pinauten GmbH (pinauten.de)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2022-32942", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213532", "https://support.apple.com/en-us/HT213533", "https://support.apple.com/en-us/HT213534" ], "module": "DriverKit", "rsr": "", "update": "" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Jiwon Park, Mieszko Wawrzyniak, and an anonymous researcher", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2022-32943", "impact": "Shake-to-undo may allow a deleted photo to be re-surfaced without authentication", "links": [ "https://support.apple.com/en-us/HT213530", "https://support.apple.com/en-us/HT213532" ], "module": "Photos", "rsr": "", "update": "October 31, 2023" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 4 and later", "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later", "macOS Big Sur", "macOS Monterey" ], "credit": "Tim Michaud (@TimGMichaud) of Moveworks.ai", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2022-32944", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213488", "https://support.apple.com/en-us/HT213489", "https://support.apple.com/en-us/HT213490", "https://support.apple.com/en-us/HT213491", "https://support.apple.com/en-us/HT213492", "https://support.apple.com/en-us/HT213493", "https://support.apple.com/en-us/HT213494" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later" ], "credit": "Guilherme Rambo of Best Buddy Apps (rambo.codes)", "description": "An access issue was addressed with additional sandbox restrictions on third party apps.", "id": "CVE-2022-32945", "impact": "An app may be able to record audio with paired AirPods", "links": [ "https://support.apple.com/en-us/HT213488", "https://support.apple.com/en-us/HT213489" ], "module": "Core Bluetooth", "rsr": "", "update": "December 22, 2022" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later" ], "credit": "Guilherme Rambo of Best Buddy Apps (rambo.codes)", "description": "This issue was addressed with improved entitlements.", "id": "CVE-2022-32946", "impact": "An app may be able to record audio using a pair of connected AirPods", "links": [ "https://support.apple.com/en-us/HT213489" ], "module": "Core Bluetooth", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 4 and later", "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later" ], "credit": "Asahi Lina (@LinaAsahi)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2022-32947", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213488", "https://support.apple.com/en-us/HT213489", "https://support.apple.com/en-us/HT213491" ], "module": "GPU Drivers", "rsr": "", "update": "" }, { "available": [ "iPhone 8 and later, iPad Pro (3rd generation) and later, iPad Air (3rd generation) and later, and iPad mini (5th generation)", "macOS Monterey" ], "credit": "Mohamed Ghannam (@_simo36)", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2022-32948", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213345", "https://support.apple.com/en-us/HT213346" ], "module": "Apple Neural Engine", "rsr": "", "update": "November 9, 2022" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Tingting Yin of Tsinghua University", "description": "This issue was addressed with improved checks.", "id": "CVE-2022-32949", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213487", "https://support.apple.com/en-us/HT213490" ], "module": "Image Processing", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "Evgeny Legerov of Intevydis", "description": "This issue was addressed with improved checks.", "id": "CVE-2022-3437", "impact": "A user may be able to cause unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "Heimdal", "rsr": "", "update": "October 25, 2022" }, { "available": [ "macOS Ventura" ], "credit": "", "description": "Multiple issues were addressed by updating to curl version 7.85.0.", "id": "CVE-2022-35252", "impact": "Multiple issues in curl", "links": [ "https://support.apple.com/en-us/HT213532" ], "module": "curl", "rsr": "", "update": "October 31, 2023" }, { "available": [ "Apple Watch Series 4 and later", "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later", "macOS Big Sur", "macOS Monterey" ], "credit": "Evgeny Legerov", "description": "This issue was addressed with improved checks.", "id": "CVE-2022-37434", "impact": "A user may be able to cause unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213488", "https://support.apple.com/en-us/HT213489", "https://support.apple.com/en-us/HT213490", "https://support.apple.com/en-us/HT213491", "https://support.apple.com/en-us/HT213493", "https://support.apple.com/en-us/HT213494" ], "module": "zlib", "rsr": "", "update": "" }, { "available": [ "macOS Monterey 12.5 and later" ], "credit": "Cory Snider of Mirantis", "description": "This issue was addressed with improved checks.", "id": "CVE-2022-39253", "impact": "Cloning a malicious repository may result in the disclosure of sensitive information", "links": [ "https://support.apple.com/en-us/HT213496" ], "module": "Git", "rsr": "", "update": "" }, { "available": [ "macOS Monterey 12.5 and later" ], "credit": "Kevin Backhouse of the GitHub Security Lab", "description": "This issue was addressed with improved checks.", "id": "CVE-2022-39260", "impact": "A remote user may cause an unexpected app termination or arbitrary code execution if git shell is allowed as a login shell", "links": [ "https://support.apple.com/en-us/HT213496" ], "module": "Git", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "Maddie Stone of Google Project Zero", "description": "An integer overflow was addressed through improved input validation.", "id": "CVE-2022-40303", "impact": "A remote user may be able to cause unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213504", "https://support.apple.com/en-us/HT213505", "https://support.apple.com/en-us/HT213531", "https://support.apple.com/en-us/HT213533", "https://support.apple.com/en-us/HT213534", "https://support.apple.com/en-us/HT213535", "https://support.apple.com/en-us/HT213536" ], "module": "libxml2", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "Ned Williamson and Nathan Wachholz of Google Project Zero", "description": "This issue was addressed with improved checks.", "id": "CVE-2022-40304", "impact": "A remote user may be able to cause unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213504", "https://support.apple.com/en-us/HT213505", "https://support.apple.com/en-us/HT213531", "https://support.apple.com/en-us/HT213533", "https://support.apple.com/en-us/HT213534", "https://support.apple.com/en-us/HT213535", "https://support.apple.com/en-us/HT213536" ], "module": "libxml2", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "Csaba Fitzl (@theevilbit) of Offensive Security, Wojciech Regu\u0142a of SecuRing (wojciechregula.blog)", "description": "A permissions issue existed. This issue was addressed with improved permission validation.", "id": "CVE-2022-42788", "impact": "A malicious application may be able to read sensitive location information", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "Find My", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "macOS Big Sur", "macOS Monterey" ], "credit": "Koh M. Nakagawa of FFRI Security, Inc.", "description": "An issue in code signature validation was addressed with improved checks.", "id": "CVE-2022-42789", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/HT213443", "https://support.apple.com/en-us/HT213444", "https://support.apple.com/en-us/HT213488" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later", "macOS Big Sur", "macOS Monterey" ], "credit": "Om kothawade of Zaprico Digital", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2022-42790", "impact": "A user may be able to view restricted content from the lock screen", "links": [ "https://support.apple.com/en-us/HT213443", "https://support.apple.com/en-us/HT213444", "https://support.apple.com/en-us/HT213445", "https://support.apple.com/en-us/HT213446", "https://support.apple.com/en-us/HT213488" ], "module": "Sidecar", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 8 and later" ], "credit": "Mickey Jin (@patch1t) of Trend Micro", "description": "A race condition was addressed with improved state handling.", "id": "CVE-2022-42791", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213446", "https://support.apple.com/en-us/HT213488" ], "module": "Software Update", "rsr": "", "update": "" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later" ], "credit": "an anonymous researcher", "description": "This issue was addressed with improved data protection.", "id": "CVE-2022-42792", "impact": "An app may be able to read sensitive location information", "links": [ "https://support.apple.com/en-us/HT213489" ], "module": "Weather", "rsr": "", "update": "May 1, 2023" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later", "macOS Big Sur", "macOS Monterey" ], "credit": "Linus Henze of Pinauten GmbH (pinauten.de)", "description": "An issue in code signature validation was addressed with improved checks.", "id": "CVE-2022-42793", "impact": "An app may be able to bypass code signing checks", "links": [ "https://support.apple.com/en-us/HT213443", "https://support.apple.com/en-us/HT213444", "https://support.apple.com/en-us/HT213445", "https://support.apple.com/en-us/HT213446", "https://support.apple.com/en-us/HT213488" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 4 and later", "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 8 and later" ], "credit": "ryuzaki", "description": "A memory consumption issue was addressed with improved memory handling.", "id": "CVE-2022-42795", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213446", "https://support.apple.com/en-us/HT213486", "https://support.apple.com/en-us/HT213487", "https://support.apple.com/en-us/HT213488" ], "module": "Accelerate Framework", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed by removing the vulnerable code.", "id": "CVE-2022-42796", "impact": "An app may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT213445", "https://support.apple.com/en-us/HT213488" ], "module": "Audio", "rsr": "", "update": "March 16, 2023" }, { "available": [ "macOS Monterey 12.5 and later" ], "credit": "Tim Michaud (@TimGMichaud) of Moveworks.ai", "description": "An injection issue was addressed with improved input validation.", "id": "CVE-2022-42797", "impact": "An app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/HT213496" ], "module": "IDE Xcode Server", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 4 and later", "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later", "macOS Big Sur", "macOS Monterey" ], "credit": "Anonymous working with Trend Micro Zero Day Initiative", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2022-42798", "impact": "Parsing a maliciously crafted audio file may lead to disclosure of user information", "links": [ "https://support.apple.com/en-us/HT213488", "https://support.apple.com/en-us/HT213489", "https://support.apple.com/en-us/HT213490", "https://support.apple.com/en-us/HT213491", "https://support.apple.com/en-us/HT213492", "https://support.apple.com/en-us/HT213493", "https://support.apple.com/en-us/HT213494" ], "module": "Audio", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 4 and later", "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later", "macOS Big Sur and macOS Monterey" ], "bugzilla": "243693", "credit": "Jihwan Kim (@gPayl0ad), Dohyun Lee (@l33d0hyun)", "description": "The issue was addressed with improved UI handling.", "id": "CVE-2022-42799", "impact": "Visiting a malicious website may lead to user interface spoofing", "links": [ "https://support.apple.com/en-us/HT213488", "https://support.apple.com/en-us/HT213489", "https://support.apple.com/en-us/HT213491", "https://support.apple.com/en-us/HT213492", "https://support.apple.com/en-us/HT213495" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 4 and later", "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later", "macOS Big Sur", "macOS Monterey" ], "credit": "Evgeny Legerov", "description": "This issue was addressed with improved checks.", "id": "CVE-2022-42800", "impact": "A user may be able to cause unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213488", "https://support.apple.com/en-us/HT213489", "https://support.apple.com/en-us/HT213490", "https://support.apple.com/en-us/HT213491", "https://support.apple.com/en-us/HT213493", "https://support.apple.com/en-us/HT213494" ], "module": "zlib", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 4 and later", "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later", "macOS Monterey" ], "credit": "Ian Beer of Google Project Zero", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2022-42801", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213488", "https://support.apple.com/en-us/HT213489", "https://support.apple.com/en-us/HT213490", "https://support.apple.com/en-us/HT213491", "https://support.apple.com/en-us/HT213492", "https://support.apple.com/en-us/HT213494" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 4 and later", "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later", "macOS Monterey" ], "credit": "Xinru Chi of Pangu Lab, John Aakerblom (@jaakerblom)", "description": "A race condition was addressed with improved locking.", "id": "CVE-2022-42803", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213488", "https://support.apple.com/en-us/HT213489", "https://support.apple.com/en-us/HT213490", "https://support.apple.com/en-us/HT213491", "https://support.apple.com/en-us/HT213492", "https://support.apple.com/en-us/HT213494" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPhone 8 and later, iPad Pro (3rd generation) and later, iPad Air (3rd generation) and later, and iPad mini (5th generation)", "macOS Monterey" ], "credit": "Mohamed Ghannam (@_simo36)", "description": "An integer overflow was addressed with improved input validation.", "id": "CVE-2022-42805", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213345", "https://support.apple.com/en-us/HT213346" ], "module": "Apple Neural Engine", "rsr": "", "update": "November 9, 2022" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later" ], "credit": "Tingting Yin of Tsinghua University", "description": "A race condition was addressed with improved locking.", "id": "CVE-2022-42806", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213488", "https://support.apple.com/en-us/HT213489" ], "module": "IOKit", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "Ezekiel Elin", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2022-42807", "impact": "A user may accidentally add a participant to a Shared Album by pressing the Delete key", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "Photos", "rsr": "", "update": "May 1, 2023, updated August 1, 2023" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 4 and later", "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later" ], "credit": "Zweig of Kunlun Lab", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2022-42808", "impact": "A remote user may be able to cause kernel code execution", "links": [ "https://support.apple.com/en-us/HT213488", "https://support.apple.com/en-us/HT213489", "https://support.apple.com/en-us/HT213491", "https://support.apple.com/en-us/HT213492" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "Yutao Wang (@Jack) and Yu Zhou (@yuzhou6666)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2022-42809", "impact": "Processing a maliciously crafted gcx file may lead to unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "Grapher", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later" ], "credit": "Xingwei Lin (@xwlin_roy) and Yinyi Wu of Ant Security Light-Year Lab", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2022-42810", "impact": "Processing a maliciously crafted USD file may disclose memory contents", "links": [ "https://support.apple.com/en-us/HT213488", "https://support.apple.com/en-us/HT213489", "https://support.apple.com/en-us/HT213490", "https://support.apple.com/en-us/HT213492" ], "module": "Model I/O", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 4 and later", "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later" ], "credit": "Justin Bui (@slyd0g) of Snowflake", "description": "An access issue was addressed with additional sandbox restrictions.", "id": "CVE-2022-42811", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/HT213488", "https://support.apple.com/en-us/HT213489", "https://support.apple.com/en-us/HT213491", "https://support.apple.com/en-us/HT213492" ], "module": "Sandbox", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 4 and later", "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later" ], "credit": "Jonathan Zhang of Open Computing Facility (ocf.berkeley.edu)", "description": "A certificate validation issue existed in the handling of WKWebView. This issue was addressed with improved validation.", "id": "CVE-2022-42813", "impact": "Processing a maliciously crafted certificate may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213488", "https://support.apple.com/en-us/HT213489", "https://support.apple.com/en-us/HT213491", "https://support.apple.com/en-us/HT213492" ], "module": "CFNetwork", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "Sergii Kryvoblotskyi of MacPaw Inc.", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2022-42814", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "Directory Utility", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "Csaba Fitzl (@theevilbit) of Offensive Security", "description": "This issue was addressed with improved data protection.", "id": "CVE-2022-42815", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "Mail", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "Mickey Jin (@patch1t)", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2022-42816", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "Beta Access Utility", "rsr": "", "update": "December 21, 2023" }, { "available": [ "Apple Watch Series 4 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later" ], "credit": "Mir Masood Ali, PhD student, University of Illinois at Chicago; Binoy Chitale, MS student, Stony Brook University; Mohammad Ghasemisharif, PhD Candidate, University of Illinois at Chicago; Chris Kanich, Associate Professor, University of Illinois at Chicago", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2022-42817", "impact": "Visiting a maliciously crafted website may leak sensitive data", "links": [ "https://support.apple.com/en-us/HT213489", "https://support.apple.com/en-us/HT213490", "https://support.apple.com/en-us/HT213491" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "macOS Monterey" ], "credit": "Gustav Hansen from WithSecure", "description": "This issue was addressed with improved data protection.", "id": "CVE-2022-42818", "impact": "A user in a privileged network position may be able to track user activity", "links": [ "https://support.apple.com/en-us/HT213444", "https://support.apple.com/en-us/HT213488" ], "module": "Notes", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "macOS Big Sur", "macOS Monterey" ], "credit": "an anonymous researcher", "description": "An access issue was addressed with improved access restrictions.", "id": "CVE-2022-42819", "impact": "An app may be able to read sensitive location information", "links": [ "https://support.apple.com/en-us/HT213443", "https://support.apple.com/en-us/HT213444", "https://support.apple.com/en-us/HT213488" ], "module": "Calendar", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later" ], "credit": "Peter Pan ZhenPeng of STAR Labs", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2022-42820", "impact": "An app may cause unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213488", "https://support.apple.com/en-us/HT213489" ], "module": "IOHIDFamily", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "macOS Big Sur", "macOS Monterey" ], "credit": "Jonathan Bar Or of Microsoft", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2022-42821", "impact": "An app may bypass Gatekeeper checks", "links": [ "https://support.apple.com/en-us/HT213488", "https://support.apple.com/en-us/HT213533", "https://support.apple.com/en-us/HT213534" ], "module": "BOM", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 4 and later", "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later", "macOS Big Sur and macOS Monterey", "macOS Monterey" ], "bugzilla": "244622", "credit": "Dohyun Lee (@l33d0hyun) of SSD Labs", "description": "A type confusion issue was addressed with improved memory handling.", "id": "CVE-2022-42823", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213488", "https://support.apple.com/en-us/HT213489", "https://support.apple.com/en-us/HT213491", "https://support.apple.com/en-us/HT213492", "https://support.apple.com/en-us/HT213494", "https://support.apple.com/en-us/HT213495" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 4 and later", "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later", "macOS Big Sur and macOS Monterey" ], "bugzilla": "245058", "credit": "Abdulrahman Alqabandi of Microsoft Browser Vulnerability Research, Ryan Shin of IAAI SecLab at Korea University, Dohyun Lee (@l33d0hyun) of DNSLab at Korea University", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2022-42824", "impact": "Processing maliciously crafted web content may disclose sensitive user information", "links": [ "https://support.apple.com/en-us/HT213488", "https://support.apple.com/en-us/HT213489", "https://support.apple.com/en-us/HT213491", "https://support.apple.com/en-us/HT213492", "https://support.apple.com/en-us/HT213495" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 4 and later", "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later", "macOS Big Sur", "macOS Monterey" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed by removing additional entitlements.", "id": "CVE-2022-42825", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/HT213488", "https://support.apple.com/en-us/HT213489", "https://support.apple.com/en-us/HT213491", "https://support.apple.com/en-us/HT213492", "https://support.apple.com/en-us/HT213493", "https://support.apple.com/en-us/HT213494" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later", "macOS Big Sur and macOS Monterey" ], "bugzilla": "246669", "credit": "Francisco Alonso (@revskills)", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2022-42826", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213488", "https://support.apple.com/en-us/HT213489", "https://support.apple.com/en-us/HT213495" ], "module": "WebKit", "rsr": "", "update": "December 22, 2022" }, { "available": [ "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later" ], "credit": "an anonymous researcher", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2022-42827", "impact": "An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.", "links": [ "https://support.apple.com/en-us/HT213489", "https://support.apple.com/en-us/HT213490" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later" ], "credit": "an anonymous researcher", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2022-42828", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213488", "https://support.apple.com/en-us/HT213489" ], "module": "ppp", "rsr": "", "update": "October 31, 2023" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later" ], "credit": "an anonymous researcher", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2022-42829", "impact": "An app with root privileges may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213488", "https://support.apple.com/en-us/HT213489" ], "module": "ppp", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later" ], "credit": "an anonymous researcher", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2022-42830", "impact": "An app with root privileges may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213488", "https://support.apple.com/en-us/HT213489" ], "module": "ppp", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later" ], "credit": "an anonymous researcher", "description": "A race condition was addressed with improved locking.", "id": "CVE-2022-42831", "impact": "An app with root privileges may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213488", "https://support.apple.com/en-us/HT213489" ], "module": "ppp", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later" ], "credit": "an anonymous researcher", "description": "A race condition was addressed with improved locking.", "id": "CVE-2022-42832", "impact": "An app with root privileges may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213488", "https://support.apple.com/en-us/HT213489" ], "module": "ppp", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "Pan ZhenPeng (@Peterpan0927)", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2022-42833", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "GPU Drivers", "rsr": "", "update": "December 22, 2022" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "Wojciech Regu\u0142a (@_r3ggi) of SecuRing", "description": "An access issue was addressed with improved access restrictions.", "id": "CVE-2022-42834", "impact": "An app may be able to access mail folder attachments through a temporary directory used during compression", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "Mail", "rsr": "", "update": "May 1, 2023" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Weijia Dai (@dwj1210) of Momo Security", "description": "An issue existed in the parsing of URLs. This issue was addressed with improved input validation.", "id": "CVE-2022-42837", "impact": "A remote user may be able to cause unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213530", "https://support.apple.com/en-us/HT213531", "https://support.apple.com/en-us/HT213532", "https://support.apple.com/en-us/HT213535", "https://support.apple.com/en-us/HT213536" ], "module": "iTunes Store", "rsr": "", "update": "June 7, 2023" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "Halle Winkler (@hallewinkler) of Politepix", "description": "An issue with app access to camera data was addressed with improved logic.", "id": "CVE-2022-42838", "impact": "A camera extension may be able to continue receiving video after the app which activated was closed", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "CoreMedia", "rsr": "", "update": "December 22, 2022" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Adam M.", "description": "This issue was addressed with improved redaction of sensitive information.", "id": "CVE-2022-42839", "impact": "An app may be able to read sensitive location information", "links": [ "https://support.apple.com/en-us/HT213530", "https://support.apple.com/en-us/HT213532" ], "module": "Networking", "rsr": "", "update": "October 31, 2023, updated May 31, 2024" }, { "available": [ "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2022-42840", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213530", "https://support.apple.com/en-us/HT213531", "https://support.apple.com/en-us/HT213532", "https://support.apple.com/en-us/HT213533", "https://support.apple.com/en-us/HT213534" ], "module": "ppp", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "Thijs Alkemade (@xnyhps) of Computest Sector 7", "description": "A type confusion issue was addressed with improved checks.", "id": "CVE-2022-42841", "impact": "Processing a maliciously crafted package may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213532", "https://support.apple.com/en-us/HT213533", "https://support.apple.com/en-us/HT213534" ], "module": "xar", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "pattern-f (@pattern_F_) of Ant Security Light-Year Lab", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2022-42842", "impact": "A remote user may be able to cause kernel code execution", "links": [ "https://support.apple.com/en-us/HT213530", "https://support.apple.com/en-us/HT213532", "https://support.apple.com/en-us/HT213533", "https://support.apple.com/en-us/HT213534", "https://support.apple.com/en-us/HT213535", "https://support.apple.com/en-us/HT213536" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed with improved data protection.", "id": "CVE-2022-42843", "impact": "A user may be able to view sensitive user information", "links": [ "https://support.apple.com/en-us/HT213530", "https://support.apple.com/en-us/HT213532", "https://support.apple.com/en-us/HT213535", "https://support.apple.com/en-us/HT213536" ], "module": "Accounts", "rsr": "", "update": "" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later" ], "credit": "pattern-f (@pattern_F_) of Ant Security Light-Year Lab", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2022-42844", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/HT213530" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "Adam Doup\u00e9 of ASU SEFCOM", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2022-42845", "impact": "An app with root privileges may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213530", "https://support.apple.com/en-us/HT213532", "https://support.apple.com/en-us/HT213533", "https://support.apple.com/en-us/HT213534", "https://support.apple.com/en-us/HT213535", "https://support.apple.com/en-us/HT213536" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later" ], "credit": "Willy R. Vasquez of The University of Texas at Austin", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2022-42846", "impact": "Parsing a maliciously crafted video file may lead to unexpected system termination", "links": [ "https://support.apple.com/en-us/HT213530", "https://support.apple.com/en-us/HT213531" ], "module": "Graphics Driver", "rsr": "", "update": "" }, { "available": [ "macOS Ventura" ], "credit": "ABC Research s.r.o.", "description": "An out-of-bounds write issue was addressed with improved input validation.", "id": "CVE-2022-42847", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213532" ], "module": "AMD", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later" ], "credit": "ABC Research s.r.o", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2022-42848", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213530", "https://support.apple.com/en-us/HT213531", "https://support.apple.com/en-us/HT213535" ], "module": "AVEVideoEncoder", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later" ], "credit": "Mickey Jin (@patch1t)", "description": "An access issue existed with privileged API calls. This issue was addressed with additional restrictions.", "id": "CVE-2022-42849", "impact": "A user may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/HT213530", "https://support.apple.com/en-us/HT213535", "https://support.apple.com/en-us/HT213536" ], "module": "Software Update", "rsr": "", "update": "" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later" ], "credit": "Willy R. Vasquez of The University of Texas at Austin", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2022-42850", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213530" ], "module": "Graphics Driver", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later" ], "credit": "Mickey Jin (@patch1t)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2022-42851", "impact": "Parsing a maliciously crafted TIFF file may lead to disclosure of user information", "links": [ "https://support.apple.com/en-us/HT213530", "https://support.apple.com/en-us/HT213535" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur and macOS Monterey", "macOS Ventura" ], "bugzilla": "246721", "credit": "hazbinhotel working with Trend Micro Zero Day Initiative", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2022-42852", "impact": "Processing maliciously crafted web content may result in the disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT213530", "https://support.apple.com/en-us/HT213531", "https://support.apple.com/en-us/HT213532", "https://support.apple.com/en-us/HT213535", "https://support.apple.com/en-us/HT213536", "https://support.apple.com/en-us/HT213537" ], "module": "WebKit", "rsr": "", "update": "December 22, 2022" }, { "available": [ "macOS Monterey", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t) of Trend Micro", "description": "An access issue was addressed with improved access restrictions.", "id": "CVE-2022-42853", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/HT213532", "https://support.apple.com/en-us/HT213533" ], "module": "Boot Camp", "rsr": "", "update": "May 11, 2023" }, { "available": [ "macOS Monterey", "macOS Ventura" ], "credit": "Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte. Ltd. (@starlabs_sg)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2022-42854", "impact": "An app may be able to disclose kernel memory", "links": [ "https://support.apple.com/en-us/HT213532", "https://support.apple.com/en-us/HT213533" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Ventura" ], "credit": "Ivan Fratric of Google Project Zero", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2022-42855", "impact": "An app may be able to use arbitrary entitlements", "links": [ "https://support.apple.com/en-us/HT213530", "https://support.apple.com/en-us/HT213531", "https://support.apple.com/en-us/HT213532", "https://support.apple.com/en-us/HT213533", "https://support.apple.com/en-us/HT213535", "https://support.apple.com/en-us/HT213536" ], "module": "Preferences", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD", "iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later", "macOS Big Sur and macOS Monterey", "macOS Ventura" ], "bugzilla": "248266", "credit": "Cl\u00e9ment Lecigne of Google's Threat Analysis Group", "description": "A type confusion issue was addressed with improved state handling.", "id": "CVE-2022-42856", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.1.", "links": [ "https://support.apple.com/en-us/HT213516", "https://support.apple.com/en-us/HT213530", "https://support.apple.com/en-us/HT213531", "https://support.apple.com/en-us/HT213532", "https://support.apple.com/en-us/HT213535", "https://support.apple.com/en-us/HT213537" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Monterey" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed with improved validation of symlinks.", "id": "CVE-2022-42857", "impact": "An app may be able to create symlinks to protected regions of the disk", "links": [ "https://support.apple.com/en-us/HT213257" ], "module": "System Preferences", "rsr": "", "update": "October 31, 2023" }, { "available": [ "macOS Monterey", "macOS Ventura" ], "credit": "ABC Research s.r.o.", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2022-42858", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213345", "https://support.apple.com/en-us/HT213532" ], "module": "AMD", "rsr": "", "update": "March 16, 2023" }, { "available": [ "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t), Csaba Fitzl (@theevilbit) of Offensive Security", "description": "Multiple issues were addressed by removing the vulnerable code.", "id": "CVE-2022-42859", "impact": "An app may be able to bypass Privacy preferences", "links": [ "https://support.apple.com/en-us/HT213530", "https://support.apple.com/en-us/HT213532", "https://support.apple.com/en-us/HT213536" ], "module": "CoreServices", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "macOS Big Sur", "macOS Monterey" ], "credit": "Mickey Jin (@patch1t) of Trend Micro", "description": "This issue was addressed with improved checks to prevent unauthorized actions.", "id": "CVE-2022-42860", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/HT213488", "https://support.apple.com/en-us/HT213493", "https://support.apple.com/en-us/HT213494" ], "module": "Boot Camp", "rsr": "", "update": "May 11, 2023" }, { "available": [ "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Ventura" ], "credit": "pattern-f (@pattern_F_) of Ant Security Light-Year Lab", "description": "This issue was addressed with improved checks.", "id": "CVE-2022-42861", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/HT213530", "https://support.apple.com/en-us/HT213531", "https://support.apple.com/en-us/HT213532", "https://support.apple.com/en-us/HT213533" ], "module": "File System", "rsr": "", "update": "" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed by removing the vulnerable code.", "id": "CVE-2022-42862", "impact": "An app may be able to bypass Privacy preferences", "links": [ "https://support.apple.com/en-us/HT213530", "https://support.apple.com/en-us/HT213532" ], "module": "Printing", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur and macOS Monterey", "macOS Ventura" ], "bugzilla": "244622", "credit": "an anonymous researcher", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2022-42863", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213530", "https://support.apple.com/en-us/HT213532", "https://support.apple.com/en-us/HT213535", "https://support.apple.com/en-us/HT213536", "https://support.apple.com/en-us/HT213537" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "Tommy Muir (@Muirey03)", "description": "A race condition was addressed with improved state handling.", "id": "CVE-2022-42864", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213530", "https://support.apple.com/en-us/HT213531", "https://support.apple.com/en-us/HT213532", "https://support.apple.com/en-us/HT213533", "https://support.apple.com/en-us/HT213534", "https://support.apple.com/en-us/HT213535", "https://support.apple.com/en-us/HT213536" ], "module": "IOHIDFamily", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur", "macOS Ventura" ], "credit": "Wojciech Regu\u0142a (@_r3ggi) of SecuRing", "description": "This issue was addressed by enabling hardened runtime.", "id": "CVE-2022-42865", "impact": "An app may be able to bypass Privacy preferences", "links": [ "https://support.apple.com/en-us/HT213530", "https://support.apple.com/en-us/HT213532", "https://support.apple.com/en-us/HT213534", "https://support.apple.com/en-us/HT213535", "https://support.apple.com/en-us/HT213536" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "May 11, 2023" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Adam M.", "description": "The issue was addressed with improved handling of caches.", "id": "CVE-2022-42866", "impact": "An app may be able to read sensitive location information", "links": [ "https://support.apple.com/en-us/HT213530", "https://support.apple.com/en-us/HT213532", "https://support.apple.com/en-us/HT213535", "https://support.apple.com/en-us/HT213536" ], "module": "Weather", "rsr": "", "update": "August 16, 2024" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur and macOS Monterey", "macOS Ventura" ], "bugzilla": "245521", "credit": "Maddie Stone of Google Project Zero", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2022-42867", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213530", "https://support.apple.com/en-us/HT213532", "https://support.apple.com/en-us/HT213535", "https://support.apple.com/en-us/HT213536", "https://support.apple.com/en-us/HT213537" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Adam Doup\u00e9 of ASU SEFCOM", "description": "A double free issue was addressed with improved memory management.", "id": "CVE-2022-43454", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213530", "https://support.apple.com/en-us/HT213532", "https://support.apple.com/en-us/HT213535", "https://support.apple.com/en-us/HT213536" ], "module": "Kernel", "rsr": "", "update": "March 6, 2025" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "Ian Beer of Google Project Zero", "description": "A race condition was addressed with additional validation.", "id": "CVE-2022-46689", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213530", "https://support.apple.com/en-us/HT213531", "https://support.apple.com/en-us/HT213532", "https://support.apple.com/en-us/HT213533", "https://support.apple.com/en-us/HT213534", "https://support.apple.com/en-us/HT213535", "https://support.apple.com/en-us/HT213536" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "John Aakerblom (@jaakerblom)", "description": "An out-of-bounds write issue was addressed with improved input validation.", "id": "CVE-2022-46690", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213530", "https://support.apple.com/en-us/HT213532", "https://support.apple.com/en-us/HT213535", "https://support.apple.com/en-us/HT213536" ], "module": "IOMobileFrameBuffer", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur and macOS Monterey", "macOS Ventura" ], "bugzilla": "245466", "credit": "an anonymous researcher", "description": "A memory consumption issue was addressed with improved memory handling.", "id": "CVE-2022-46691", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213530", "https://support.apple.com/en-us/HT213531", "https://support.apple.com/en-us/HT213532", "https://support.apple.com/en-us/HT213535", "https://support.apple.com/en-us/HT213536", "https://support.apple.com/en-us/HT213537" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD", "Apple Watch Series 4 and later", "Windows 10 and later via the Microsoft Store", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur and macOS Monterey", "macOS Ventura" ], "bugzilla": "246783", "credit": "KirtiKumar Anandrao Ramchandani", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2022-46692", "impact": "Processing maliciously crafted web content may bypass Same Origin Policy", "links": [ "https://support.apple.com/en-us/HT213530", "https://support.apple.com/en-us/HT213531", "https://support.apple.com/en-us/HT213532", "https://support.apple.com/en-us/HT213535", "https://support.apple.com/en-us/HT213536", "https://support.apple.com/en-us/HT213537", "https://support.apple.com/en-us/HT213538" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD", "Apple Watch Series 4 and later", "Windows 10 and later via the Microsoft Store", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "An out-of-bounds write issue was addressed with improved input validation.", "id": "CVE-2022-46693", "impact": "Processing a maliciously crafted file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213530", "https://support.apple.com/en-us/HT213532", "https://support.apple.com/en-us/HT213535", "https://support.apple.com/en-us/HT213536", "https://support.apple.com/en-us/HT213538" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later" ], "credit": "Andrey Labunets and Nikita Tarakanov", "description": "An out-of-bounds write issue was addressed with improved input validation.", "id": "CVE-2022-46694", "impact": "Parsing a maliciously crafted video file may lead to kernel code execution", "links": [ "https://support.apple.com/en-us/HT213530", "https://support.apple.com/en-us/HT213531", "https://support.apple.com/en-us/HT213535", "https://support.apple.com/en-us/HT213536" ], "module": "AppleAVD", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "KirtiKumar Anandrao Ramchandani", "description": "A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation.", "id": "CVE-2022-46695", "impact": "Visiting a website that frames malicious content may lead to UI spoofing", "links": [ "https://support.apple.com/en-us/HT213530", "https://support.apple.com/en-us/HT213531", "https://support.apple.com/en-us/HT213532", "https://support.apple.com/en-us/HT213535", "https://support.apple.com/en-us/HT213536" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur and macOS Monterey", "macOS Ventura" ], "bugzilla": "246942", "credit": "Samuel Gro\u00df of Google V8 Security", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2022-46696", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213530", "https://support.apple.com/en-us/HT213532", "https://support.apple.com/en-us/HT213535", "https://support.apple.com/en-us/HT213536", "https://support.apple.com/en-us/HT213537" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Ventura" ], "credit": "John Aakerblom (@jaakerblom) and Antonio Zekic (@antoniozekic)", "description": "An out-of-bounds access issue was addressed with improved bounds checking.", "id": "CVE-2022-46697", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213532" ], "module": "IOMobileFrameBuffer", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD", "Apple Watch Series 4 and later", "Windows 10 and later via the Microsoft Store", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur and macOS Monterey", "macOS Ventura" ], "credit": "Dohyun Lee (@l33d0hyun) of SSD Secure Disclosure Labs & DNSLab, Korea Univ.", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2022-46698", "impact": "Processing maliciously crafted web content may disclose sensitive user information", "links": [ "https://support.apple.com/en-us/HT213530", "https://support.apple.com/en-us/HT213532", "https://support.apple.com/en-us/HT213535", "https://support.apple.com/en-us/HT213536", "https://support.apple.com/en-us/HT213537", "https://support.apple.com/en-us/HT213538" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur and macOS Monterey", "macOS Ventura" ], "bugzilla": "247420", "credit": "Samuel Gro\u00df of Google V8 Security", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2022-46699", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213530", "https://support.apple.com/en-us/HT213532", "https://support.apple.com/en-us/HT213535", "https://support.apple.com/en-us/HT213536", "https://support.apple.com/en-us/HT213537" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur and macOS Monterey", "macOS Ventura" ], "bugzilla": "247562", "credit": "Samuel Gro\u00df of Google V8 Security", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2022-46700", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213530", "https://support.apple.com/en-us/HT213531", "https://support.apple.com/en-us/HT213532", "https://support.apple.com/en-us/HT213535", "https://support.apple.com/en-us/HT213536", "https://support.apple.com/en-us/HT213537" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "Felix Poulin-Belanger", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2022-46701", "impact": "Connecting to a malicious NFS server may lead to arbitrary code execution with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213443", "https://support.apple.com/en-us/HT213444", "https://support.apple.com/en-us/HT213530", "https://support.apple.com/en-us/HT213532", "https://support.apple.com/en-us/HT213535" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later" ], "credit": "Xia0o0o0o of W4terDr0p, Sun Yat-sen University", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2022-46702", "impact": "An app may be able to disclose kernel memory", "links": [ "https://support.apple.com/en-us/HT213530" ], "module": "GPU Drivers", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Ventura" ], "credit": "Wojciech Regu\u0142a (@_r3ggi) of SecuRing and Adam M.", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2022-46703", "impact": "An app may be able to read sensitive location information", "links": [ "https://support.apple.com/en-us/HT213530", "https://support.apple.com/en-us/HT213531", "https://support.apple.com/en-us/HT213532", "https://support.apple.com/en-us/HT213533", "https://support.apple.com/en-us/HT213536" ], "module": "Weather", "rsr": "", "update": "May 11, 2023, updated May 31, 2024" }, { "available": [ "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t), Csaba Fitzl (@theevilbit) of Offensive Security", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2022-46704", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/HT213532", "https://support.apple.com/en-us/HT213533", "https://support.apple.com/en-us/HT213534" ], "module": "PackageKit", "rsr": "", "update": "December 22, 2022" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur and macOS Monterey", "macOS Ventura" ], "credit": "Hyeon Park (@tree_segment) of Team ApplePIE", "description": "A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation.", "id": "CVE-2022-46705", "impact": "Visiting a malicious website may lead to address bar spoofing", "links": [ "https://support.apple.com/en-us/HT213530", "https://support.apple.com/en-us/HT213531", "https://support.apple.com/en-us/HT213532", "https://support.apple.com/en-us/HT213535", "https://support.apple.com/en-us/HT213536", "https://support.apple.com/en-us/HT213537" ], "module": "WebKit", "rsr": "", "update": "December 22, 2022, updated March 16, 2023" }, { "available": [ "macOS Big Sur", "macOS Catalina", "macOS Monterey" ], "credit": "Wang Yu of cyberserval, and Pan ZhenPeng (@Peterpan0927) of Alibaba Security Pandora Lab", "description": "A type confusion issue was addressed with improved state handling.", "id": "CVE-2022-46706", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213183", "https://support.apple.com/en-us/HT213184", "https://support.apple.com/en-us/HT213185" ], "module": "Intel Graphics Driver", "rsr": "", "update": "June 8, 2023" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "Csaba Fitzl (@theevilbit) of Offensive Security", "description": "This issue was addressed with improved restrictions around sensitive information.", "id": "CVE-2022-46707", "impact": "An app may be able to read sensitive location information", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "Maps", "rsr": "", "update": "August 1, 2023" }, { "available": [ "macOS Monterey" ], "credit": "an anonymous researcher", "description": "A brute force issue was addressed with improved state management.", "id": "CVE-2022-46708", "impact": "Processing web content may disclose sensitive information", "links": [ "https://support.apple.com/en-us/HT213345" ], "module": "Safari", "rsr": "", "update": "October 31, 2023" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 4 and later", "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 8 and later" ], "credit": "Wang Yu of Cyberserval", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2022-46709", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213446", "https://support.apple.com/en-us/HT213486", "https://support.apple.com/en-us/HT213487", "https://support.apple.com/en-us/HT213488" ], "module": "Wi-Fi", "rsr": "", "update": "March 16, 2023" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "John Balestrieri of Tinrocket", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2022-46710", "impact": "Location data may be shared via iCloud links even if Location metadata is disabled via the Share Sheet", "links": [ "https://support.apple.com/en-us/HT213530", "https://support.apple.com/en-us/HT213532" ], "module": "iCloud Photo Library", "rsr": "", "update": "October 31, 2023" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 4 and later", "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later" ], "credit": "Tommy Muir (@Muirey03)", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2022-46712", "impact": "An app may be able to cause unexpected system termination or potentially execute code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213488", "https://support.apple.com/en-us/HT213489", "https://support.apple.com/en-us/HT213491", "https://support.apple.com/en-us/HT213492" ], "module": "Kernel", "rsr": "", "update": "May 1, 2023" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)", "macOS Big Sur", "macOS Monterey" ], "credit": "Mickey Jin (@patch1t) of Trend Micro", "description": "A race condition was addressed with additional validation.", "id": "CVE-2022-46713", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/HT213488", "https://support.apple.com/en-us/HT213493", "https://support.apple.com/en-us/HT213494" ], "module": "PackageKit", "rsr": "", "update": "February 20, 2023" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later" ], "credit": "IES Red Team of ByteDance", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2022-46715", "impact": "An app may be able to bypass certain Privacy preferences", "links": [ "https://support.apple.com/en-us/HT213489" ], "module": "NetworkExtension", "rsr": "", "update": "May 1, 2023" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2022-46716", "impact": "Private Relay functionality did not match system settings", "links": [ "https://support.apple.com/en-us/HT213530", "https://support.apple.com/en-us/HT213532" ], "module": "Networking", "rsr": "", "update": "March 16, 2023" }, { "available": [ "Apple Watch Series 4 and later", "iPhone 8 and later, iPadPro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later" ], "credit": "Zitong Wu(\u5434\u6893\u6850) from Zhuhai No.1 Middle School(\u73e0\u6d77\u5e02\u7b2c\u4e00\u4e2d\u5b66)", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2022-46717", "impact": "A user with physical access to a locked Apple Watch may be able to view user photos via accessibility features", "links": [ "https://support.apple.com/en-us/HT213530", "https://support.apple.com/en-us/HT213536" ], "module": "Accessibility", "rsr": "", "update": "June 6, 2023" }, { "available": [ "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "Michael (Biscuit) Thomas", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2022-46718", "impact": "An app may be able to read sensitive location information", "links": [ "https://support.apple.com/en-us/HT213530", "https://support.apple.com/en-us/HT213531", "https://support.apple.com/en-us/HT213532", "https://support.apple.com/en-us/HT213533", "https://support.apple.com/en-us/HT213534" ], "module": "TCC", "rsr": "", "update": "May 11, 2023" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Yonghwi Jin (@jinmo123) of Theori", "description": "An integer overflow was addressed with improved input validation.", "id": "CVE-2022-46720", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/HT213530", "https://support.apple.com/en-us/HT213532" ], "module": "dyld", "rsr": "", "update": "March 16, 2023" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "Mohamed Ghannam (@_simo36)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2022-46721", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "Apple Neural Engine", "rsr": "", "update": "December 21, 2023" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "Mickey Jin (@patch1t)", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2022-46722", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "Assets", "rsr": "", "update": "August 1, 2023" }, { "available": [ "macOS Big Sur", "macOS Monterey" ], "credit": "Mikko Kentt\u00e4l\u00e4 (@Turmio_) of SensorFu", "description": "This issue was addressed with improved checks.", "id": "CVE-2022-46723", "impact": "A remote user may be able to write arbitrary files", "links": [ "https://support.apple.com/en-us/HT213493", "https://support.apple.com/en-us/HT213494" ], "module": "Calendar", "rsr": "", "update": "February 20, 2023" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "bugzilla": "247289", "credit": "Hyeon Park (@tree_segment) of Team ApplePIE", "description": "A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation.", "id": "CVE-2022-46725", "impact": "Visiting a malicious website may lead to address bar spoofing", "links": [ "https://support.apple.com/en-us/HT213530", "https://support.apple.com/en-us/HT213532" ], "module": "WebKit", "rsr": "", "update": "December 22, 2022, updated October 31, 2023" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "Mohamed Ghannam (@_simo36)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2022-47915", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "Apple Neural Engine", "rsr": "", "update": "December 21, 2023" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "Mohamed Ghannam (@_simo36)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2022-47965", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "Apple Neural Engine", "rsr": "", "update": "December 21, 2023" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD", "Apple Watch Series 3 and later", "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)", "macOS Big Sur and macOS Catalina", "macOS Monterey" ], "bugzilla": "241931", "credit": "Dongzhuo Zhao working with ADLab of Venustech, and ZhaoHai of Cyberpeace Tech Co., Ltd.", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2022-48503", "impact": "Processing web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213340", "https://support.apple.com/en-us/HT213341", "https://support.apple.com/en-us/HT213342", "https://support.apple.com/en-us/HT213345", "https://support.apple.com/en-us/HT213346" ], "module": "JavaScriptCore", "rsr": "", "update": "June 21, 2023" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "Csaba Fitzl (@theevilbit) of Offensive Security", "description": "The issue was addressed with improved handling of caches.", "id": "CVE-2022-48504", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "Find My", "rsr": "", "update": "December 21, 2023" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "Adam Chester from TrustedSec and Thijs Alkemade (@xnyhps) of Computest Sector 7", "description": "This issue was addressed with improved data protection.", "id": "CVE-2022-48505", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "System Settings", "rsr": "", "update": "June 26, 2023" }, { "available": [ "macOS Monterey" ], "credit": "Paul Walker of Bury and Nathaniel Ekoniak of Ennate Technologies", "description": "A consistency issue was addressed with improved state handling.", "id": "CVE-2022-48575", "impact": "A person with access to a Mac may be able to bypass Login Window", "links": [ "https://support.apple.com/en-us/HT213257" ], "module": "Login Window", "rsr": "", "update": "October 31, 2023" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "Csaba Fitzl (@theevilbit) of Offensive Security", "description": "An access issue was addressed with improved access restrictions.", "id": "CVE-2022-48577", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "APFS", "rsr": "", "update": "December 21, 2023" }, { "available": [ "macOS Monterey" ], "credit": "Mickey Jin (@patch1t)", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2022-48578", "impact": "Processing an AppleScript may result in unexpected termination or disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT213345" ], "module": "AppleScript", "rsr": "", "update": "October 31, 2023" }, { "available": [ "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Adam M.", "description": "This issue was addressed through improved state management.", "id": "CVE-2022-48610", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/HT213530", "https://support.apple.com/en-us/HT213532", "https://support.apple.com/en-us/HT213536" ], "module": "Maps", "rsr": "", "update": "March 6, 2025" }, { "available": [ "Windows 10 and later" ], "credit": "Lockheed Martin Red Team", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2022-48611", "impact": "A local attacker may be able to elevate their privileges", "links": [ "https://support.apple.com/en-us/HT213259" ], "module": "iTunes", "rsr": "", "update": "April 24, 2024" }, { "available": [ "Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Apple", "description": "The issue was addressed with improved checks.", "id": "CVE-2022-48618", "impact": "An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple is aware of a report that this issue may have been exploited against versions of iOS released before iOS 15.7.1.", "links": [ "https://support.apple.com/en-us/HT213530", "https://support.apple.com/en-us/HT213532", "https://support.apple.com/en-us/HT213535", "https://support.apple.com/en-us/HT213536" ], "module": "Kernel", "rsr": "", "update": "January 9, 2024" }, { "available": [ "Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)" ], "credit": "Thijs Alkemade of Computest Sector 7, Wojciech Regu\u0142a (@_r3ggi) of SecuRing, and Arsenii Kostromin", "description": "An access issue was addressed with additional sandbox restrictions.", "id": "CVE-2022-48683", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/HT213488" ], "module": "CoreServices", "rsr": "", "update": "May 29, 2024" }, { "available": [ "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)" ], "bugzilla": "245464", "credit": "ChengGang Wu, Yan Kang, YuHao Hu, Yue Sun, Jiming Wang, JiKai Ren and Hang Shu of Institute of Computing Technology, Chinese Academy of Sciences", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-23496", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213531" ], "module": "WebKit", "rsr": "", "update": "March 16, 2023" } ] ================================================ FILE: 2022/README.md ================================================ # Apple CVE 2022 * data source: https://support.apple.com/en-us/HT201222 * [2022.json](2022.json) ## ITW | Index | CVE ID | Module | |:-----:|:------:|:------------------ | | 1 | CVE-2022-22587 | IOMobileFrameBuffer | | 2 | CVE-2022-22620 | WebKit | | 3 | CVE-2022-22675 | AppleAVD | | 4 | CVE-2022-32893 | WebKit | | 5 | CVE-2022-32894 | Kernel | | 6 | CVE-2022-42827 | Kernel | | 7 | CVE-2022-42856 | WebKit | | 8 | CVE-2022-48618 | Kernel | ## Modules | Index | Module Name | CVE Count | |:-----:|:------------------ |:---------:| | 1 | Vim | 50 | | 2 | WebKit | 46 | | 3 | Kernel | 41 | | 4 | PackageKit | 15 | | 5 | ImageIO | 13 | | 6 | AppleScript | 13 | | 7 | Apple Neural Engine | 13 | | 8 | Wi-Fi | 12 | | 9 | Intel Graphics Driver | 11 | | 10 | AMD | 11 | | 11 | AVEVideoEncoder | 10 | | 12 | SMB | 10 | | 13 | curl | 8 | | 14 | otool | 8 | | 15 | AppleAVD | 8 | | 16 | GPU Drivers | 8 | | 17 | AppleMobileFileIntegrity | 7 | | 18 | ppp | 7 | | 19 | Sandbox | 6 | | 20 | Audio | 5 | | 21 | TCC | 5 | | 22 | apache | 5 | | 23 | Safari | 5 | | 24 | subversion | 4 | | 25 | IOMobileFrameBuffer | 4 | | 26 | FaceTime | 4 | | 27 | libxml2 | 4 | | 28 | Git | 4 | | 29 | Shortcuts | 4 | | 30 | libresolv | 4 | | 31 | DriverKit | 4 | | 32 | Weather | 4 | | 33 | zlib | 3 | | 34 | LaunchServices | 3 | | 35 | CoreMedia | 3 | | 36 | Siri | 3 | | 37 | iTunes | 3 | | 38 | Mail | 3 | | 39 | Ruby | 3 | | 40 | Calendar | 3 | | 41 | Apple Music on Android | 3 | | 42 | Software Update | 3 | | 43 | Maps | 3 | | 44 | ATS | 3 | | 45 | Photos | 3 | | 46 | Graphics Driver | 3 | | 47 | iTMSTransporter | 2 | | 48 | VoiceOver | 2 | | 49 | Graphics Drivers | 2 | | 50 | ncurses | 2 | | 51 | Crash Reporter | 2 | | 52 | Model I/O | 2 | | 53 | xar | 2 | | 54 | ColorSync | 2 | | 55 | WebKit Storage | 2 | | 56 | Preferences | 2 | | 57 | BOM | 2 | | 58 | AppleGraphicsControl | 2 | | 59 | Accelerate Framework | 2 | | 60 | SoftwareUpdate | 2 | | 61 | IOGPUFamily | 2 | | 62 | Login Window | 2 | | 63 | MIDI | 2 | | 64 | NetworkExtension | 2 | | 65 | System Preferences | 2 | | 66 | Notes | 2 | | 67 | WebRTC | 2 | | 68 | Contacts | 2 | | 69 | IOKit | 2 | | 70 | Spotlight | 2 | | 71 | CVMS | 2 | | 72 | Printing | 2 | | 73 | Security | 2 | | 74 | Bluetooth | 2 | | 75 | Safari Extensions | 2 | | 76 | APFS | 2 | | 77 | iCloud Photo Library | 2 | | 78 | Image Processing | 2 | | 79 | Core Bluetooth | 2 | | 80 | Find My | 2 | | 81 | IOHIDFamily | 2 | | 82 | Networking | 2 | | 83 | Boot Camp | 2 | | 84 | CoreServices | 2 | | 85 | SQLite | 1 | | 86 | libarchive | 1 | | 87 | zsh | 1 | | 88 | zip | 1 | | 89 | LibreSSL | 1 | | 90 | LLVM | 1 | | 91 | iCloud | 1 | | 92 | AMD Kernel | 1 | | 93 | HomeKit | 1 | | 94 | Phone | 1 | | 95 | UIKit | 1 | | 96 | Markup | 1 | | 97 | AppleEvents | 1 | | 98 | NSSpellChecker | 1 | | 99 | QuickTime Player | 1 | | 100 | Cellular | 1 | | 101 | LoginWindow | 1 | | 102 | CoreTypes | 1 | | 103 | AppKit | 1 | | 104 | MediaRemote | 1 | | 105 | MobileAccessoryUpdater | 1 | | 106 | CUPS | 1 | | 107 | Preview | 1 | | 108 | Terminal | 1 | | 109 | AuthKit | 1 | | 110 | Safari Private Browsing | 1 | | 111 | IDE | 1 | | 112 | Tcl | 1 | | 113 | IOSurfaceAccelerator | 1 | | 114 | Mobile Device Service | 1 | | 115 | Liblouis | 1 | | 116 | Photo Booth | 1 | | 117 | ICU | 1 | | 118 | Automation | 1 | | 119 | Spindump | 1 | | 120 | Multi-Touch | 1 | | 121 | File System Events | 1 | | 122 | Watch app | 1 | | 123 | PluginKit | 1 | | 124 | CoreText | 1 | | 125 | PS Normalizer | 1 | | 126 | Windows Server | 1 | | 127 | Home | 1 | | 128 | Time Zone | 1 | | 129 | Notifications | 1 | | 130 | Libinfo | 1 | | 131 | WebKit Sandboxing | 1 | | 132 | iMovie | 1 | | 133 | Finder | 1 | | 134 | MediaLibrary | 1 | | 135 | Apple TV | 1 | | 136 | Archive Utility | 1 | | 137 | WebKit PDF | 1 | | 138 | Exchange | 1 | | 139 | Backup | 1 | | 140 | Heimdal | 1 | | 141 | Sidecar | 1 | | 142 | IDE Xcode Server | 1 | | 143 | Grapher | 1 | | 144 | CFNetwork | 1 | | 145 | Directory Utility | 1 | | 146 | Beta Access Utility | 1 | | 147 | iTunes Store | 1 | | 148 | Accounts | 1 | | 149 | File System | 1 | | 150 | Accessibility | 1 | | 151 | dyld | 1 | | 152 | Assets | 1 | | 153 | JavaScriptCore | 1 | | 154 | System Settings | 1 | ================================================ FILE: 2023/2023.json ================================================ [ { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur and macOS Monterey", "macOS Ventura" ], "bugzilla": "249434", "credit": "an anonymous researcher", "description": "The issue was addressed with improved checks.", "id": "CVE-2014-1745", "impact": "Processing a file may lead to a denial-of-service or potentially disclose memory contents", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213671", "https://support.apple.com/en-us/HT213676" ], "module": "WebKit", "rsr": "", "update": "December 21, 2023" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "", "description": "This issue was addressed with improved checks.", "id": "CVE-2020-19185", "impact": "A remote user may be able to cause unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT214036", "https://support.apple.com/en-us/HT214037", "https://support.apple.com/en-us/HT214038" ], "module": "ncurses", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "", "description": "This issue was addressed with improved checks.", "id": "CVE-2020-19186", "impact": "A remote user may be able to cause unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT214036", "https://support.apple.com/en-us/HT214037", "https://support.apple.com/en-us/HT214038" ], "module": "ncurses", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "", "description": "This issue was addressed with improved checks.", "id": "CVE-2020-19187", "impact": "A remote user may be able to cause unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT214036", "https://support.apple.com/en-us/HT214037", "https://support.apple.com/en-us/HT214038" ], "module": "ncurses", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "", "description": "This issue was addressed with improved checks.", "id": "CVE-2020-19188", "impact": "A remote user may be able to cause unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT214036", "https://support.apple.com/en-us/HT214037", "https://support.apple.com/en-us/HT214038" ], "module": "ncurses", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "", "description": "This issue was addressed with improved checks.", "id": "CVE-2020-19189", "impact": "A remote user may be able to cause unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT214036", "https://support.apple.com/en-us/HT214037", "https://support.apple.com/en-us/HT214038" ], "module": "ncurses", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "", "description": "This issue was addressed with improved checks.", "id": "CVE-2020-19190", "impact": "A remote user may be able to cause unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT214036", "https://support.apple.com/en-us/HT214037", "https://support.apple.com/en-us/HT214038" ], "module": "ncurses", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur and macOS Monterey", "macOS Ventura" ], "bugzilla": "241753", "credit": "", "description": "This issue was addressed with improved iframe sandbox enforcement.", "id": "CVE-2022-0108", "impact": "An HTML document may be able to render iframes with sensitive user information", "links": [ "https://support.apple.com/en-us/HT213599", "https://support.apple.com/en-us/HT213601", "https://support.apple.com/en-us/HT213605", "https://support.apple.com/en-us/HT213606", "https://support.apple.com/en-us/HT213638" ], "module": "WebKit", "rsr": "", "update": "March 16, 2023" }, { "available": [ "macOS Big Sur" ], "credit": "an anonymous researcher, Antonio Zekic (@antoniozekic), and John Aakerblom (@jaakerblom)", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2022-26702", "impact": "An application may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213675" ], "module": "AppleAVD", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Ventura" ], "credit": "", "description": "Multiple issues were addressed by updating to curl version 7.86.0.", "id": "CVE-2022-32221", "impact": "Multiple issues in curl", "links": [ "https://support.apple.com/en-us/HT213604", "https://support.apple.com/en-us/HT213605" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "macOS Monterey" ], "credit": "Tommy Muir (@Muirey03)", "description": "A type confusion issue was addressed with improved checks.", "id": "CVE-2022-32915", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213604" ], "module": "DriverKit", "rsr": "", "update": "" }, { "available": [ "macOS Monterey 12.5 and later" ], "credit": "hjy79425575", "description": "The issue was addressed with improved checks.", "id": "CVE-2022-32920", "impact": "Parsing a file may lead to disclosure of user information", "links": [ "https://support.apple.com/en-us/HT213883" ], "module": "otool", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Monterey" ], "credit": "", "description": "Multiple issues were addressed by updating to curl version 7.85.0.", "id": "CVE-2022-35252", "impact": "Multiple issues in curl", "links": [ "https://support.apple.com/en-us/HT213603", "https://support.apple.com/en-us/HT213604" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Ventura" ], "credit": "", "description": "Multiple issues were addressed by updating to curl version 7.86.0.", "id": "CVE-2022-35260", "impact": "Multiple issues in curl", "links": [ "https://support.apple.com/en-us/HT213604", "https://support.apple.com/en-us/HT213605" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "macOS Ventura" ], "credit": "", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2022-3705", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213605" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "found by OSS-Fuzz", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2022-3970", "impact": "Processing a maliciously crafted image may lead to a denial of service", "links": [ "https://support.apple.com/en-us/HT213841", "https://support.apple.com/en-us/HT213843" ], "module": "ImageIO", "rsr": "", "update": "October 31, 2023" }, { "available": [ "macOS Big Sur", "macOS Monterey" ], "credit": "Wojciech Regu\u0142a (@_r3ggi) of SecuRing", "description": "An access issue was addressed with improved access restrictions.", "id": "CVE-2022-42834", "impact": "An app may be able to access mail folder attachments through a temporary directory used during compression", "links": [ "https://support.apple.com/en-us/HT213603", "https://support.apple.com/en-us/HT213604" ], "module": "Mail", "rsr": "", "update": "May 11, 2023" }, { "available": [ "iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation)" ], "bugzilla": "248266", "credit": "Cl\u00e9ment Lecigne of Google's Threat Analysis Group", "description": "A type confusion issue was addressed with improved state handling.", "id": "CVE-2022-42856", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.1.", "links": [ "https://support.apple.com/en-us/HT213597" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Ventura" ], "credit": "", "description": "Multiple issues were addressed by updating to curl version 7.86.0.", "id": "CVE-2022-42915", "impact": "Multiple issues in curl", "links": [ "https://support.apple.com/en-us/HT213604", "https://support.apple.com/en-us/HT213605" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Ventura" ], "credit": "", "description": "Multiple issues were addressed by updating to curl version 7.86.0.", "id": "CVE-2022-42916", "impact": "Multiple issues in curl", "links": [ "https://support.apple.com/en-us/HT213604", "https://support.apple.com/en-us/HT213605" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "macOS Ventura" ], "credit": "", "description": "Multiple issues were addressed by updating curl.", "id": "CVE-2022-43551", "impact": "Multiple issues in curl", "links": [ "https://support.apple.com/en-us/HT213670" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "macOS Ventura" ], "credit": "", "description": "Multiple issues were addressed by updating curl.", "id": "CVE-2022-43552", "impact": "Multiple issues in curl", "links": [ "https://support.apple.com/en-us/HT213670" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later" ], "bugzilla": "247287", "credit": "Hyeon Park (@tree_segment) of Team ApplePIE", "description": "A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation.", "id": "CVE-2022-46705", "impact": "Visiting a malicious website may lead to address bar spoofing", "links": [ "https://support.apple.com/en-us/HT213676" ], "module": "WebKit", "rsr": "", "update": "May 1, 2023, updated December 21, 2023" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later" ], "credit": "Abhay Kailasia (@abhay_kailasia) of Lakshmi Narain College Of Technology Bhopal", "description": "This issue was addressed by restricting options offered on a locked device.", "id": "CVE-2022-46724", "impact": "A person with physical access to an iOS device may be able to view the last image used in Magnifier from the lock screen", "links": [ "https://support.apple.com/en-us/HT213676" ], "module": "Magnifier", "rsr": "", "update": "August 1, 2023" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later" ], "bugzilla": "247289", "credit": "Hyeon Park (@tree_segment) of Team ApplePIE", "description": "A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation.", "id": "CVE-2022-46725", "impact": "Visiting a malicious website may lead to address bar spoofing", "links": [ "https://support.apple.com/en-us/HT213676" ], "module": "WebKit", "rsr": "", "update": "August 1, 2023, updated December 21, 2023" }, { "available": [ "macOS Ventura" ], "credit": "", "description": "Multiple issues were addressed by updating to Vim version 9.0.1191.", "id": "CVE-2023-0049", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213670" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "macOS Ventura" ], "credit": "", "description": "Multiple issues were addressed by updating to Vim version 9.0.1191.", "id": "CVE-2023-0051", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213670" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "macOS Ventura" ], "credit": "", "description": "Multiple issues were addressed by updating to Vim version 9.0.1191.", "id": "CVE-2023-0054", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213670" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "macOS Ventura" ], "credit": "", "description": "Multiple issues were addressed by updating to Vim version 9.0.1191.", "id": "CVE-2023-0288", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213670" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Ventura" ], "credit": "", "description": "Multiple issues were addressed by updating to Vim version 9.0.1191.", "id": "CVE-2023-0433", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213675" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Ventura" ], "credit": "", "description": "Multiple issues were addressed by updating to Vim version 9.0.1191.", "id": "CVE-2023-0512", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213675" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "", "description": "An out-of-bounds write issue was addressed with improved input validation.", "id": "CVE-2023-1801", "impact": "An attacker in a privileged network position may be able to execute arbitrary code", "links": [ "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213844", "https://support.apple.com/en-us/HT213845" ], "module": "tcpdump", "rsr": "", "update": "December 21, 2023" }, { "available": [ "macOS Monterey", "macOS Ventura" ], "credit": "", "description": "This issue was addressed with improved checks.", "id": "CVE-2023-1916", "impact": "Processing an image may result in disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213844" ], "module": "Model I/O", "rsr": "", "update": "December 21, 2023" }, { "available": [ "macOS Ventura" ], "credit": "", "description": "This issue was addressed by updating sudo.", "id": "CVE-2023-22809", "impact": "An app may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/HT213758" ], "module": "sudo", "rsr": "", "update": "September 5, 2023" }, { "available": [ "macOS Monterey", "macOS Ventura" ], "credit": "Oliver Norpoth (@norpoth) of KLIXX GmbH (klixx.com)", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2023-23493", "impact": "An encrypted volume may be unmounted and remounted by a different user without prompting for the password", "links": [ "https://support.apple.com/en-us/HT213604", "https://support.apple.com/en-us/HT213605" ], "module": "DiskArbitration", "rsr": "", "update": "" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later" ], "credit": "Itay Iellin of General Motors Product Cyber Security, Etienne Charron and Khadim Dieng of Renault", "description": "A buffer overflow was addressed with improved bounds checking.", "id": "CVE-2023-23494", "impact": "A user in a privileged network position may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/HT213676" ], "module": "CarPlay", "rsr": "", "update": "March 20, 2025" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)" ], "credit": "Csaba Fitzl (@theevilbit) of Offensive Security", "description": "A permissions issue was addressed with improved redaction of sensitive information.", "id": "CVE-2023-23495", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/HT213940" ], "module": "iCloud", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur and macOS Monterey", "macOS Ventura" ], "bugzilla": "245464", "credit": "ChengGang Wu, Yan Kang, YuHao Hu, Yue Sun, Jiming Wang, JiKai Ren, and Hang Shu of Institute of Computing Technology, Chinese Academy of Sciences", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-23496", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213599", "https://support.apple.com/en-us/HT213600", "https://support.apple.com/en-us/HT213601", "https://support.apple.com/en-us/HT213605", "https://support.apple.com/en-us/HT213606", "https://support.apple.com/en-us/HT213638" ], "module": "WebKit", "rsr": "", "update": "March 16, 2023" }, { "available": [ "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2023-23497", "impact": "An app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/HT213603", "https://support.apple.com/en-us/HT213604", "https://support.apple.com/en-us/HT213605" ], "module": "PackageKit", "rsr": "", "update": "" }, { "available": [ "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Jose Lizandro Luevano", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2023-23498", "impact": "The quoted original message may be selected from the wrong email when forwarding an email from an Exchange account", "links": [ "https://support.apple.com/en-us/HT213598", "https://support.apple.com/en-us/HT213605", "https://support.apple.com/en-us/HT213606" ], "module": "Mail Exchange", "rsr": "", "update": "March 16, 2023" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "Wojciech Regu\u0142a (@_r3ggi) of SecuRing (wojciechregula.blog)", "description": "This issue was addressed by enabling hardened runtime.", "id": "CVE-2023-23499", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/HT213599", "https://support.apple.com/en-us/HT213601", "https://support.apple.com/en-us/HT213603", "https://support.apple.com/en-us/HT213604", "https://support.apple.com/en-us/HT213605", "https://support.apple.com/en-us/HT213606" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte. Ltd. (@starlabs_sg)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-23500", "impact": "An app may be able to leak sensitive kernel state", "links": [ "https://support.apple.com/en-us/HT213598", "https://support.apple.com/en-us/HT213599", "https://support.apple.com/en-us/HT213601", "https://support.apple.com/en-us/HT213605", "https://support.apple.com/en-us/HT213606" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Ventura" ], "credit": "Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte. Ltd. (@starlabs_sg)", "description": "The issue was addressed with improved memory handling", "id": "CVE-2023-23501", "impact": "An app may be able to disclose kernel memory.", "links": [ "https://support.apple.com/en-us/HT213605" ], "module": "Wi-Fi", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Ventura" ], "credit": "Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte. Ltd. (@starlabs_sg)", "description": "An information disclosure issue was addressed by removing the vulnerable code.", "id": "CVE-2023-23502", "impact": "An app may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/HT213599", "https://support.apple.com/en-us/HT213601", "https://support.apple.com/en-us/HT213604", "https://support.apple.com/en-us/HT213605", "https://support.apple.com/en-us/HT213606" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2023-23503", "impact": "An app may be able to bypass Privacy preferences", "links": [ "https://support.apple.com/en-us/HT213598", "https://support.apple.com/en-us/HT213599", "https://support.apple.com/en-us/HT213601", "https://support.apple.com/en-us/HT213605", "https://support.apple.com/en-us/HT213606" ], "module": "Maps", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Ventura" ], "credit": "Adam Doup\u00e9 of ASU SEFCOM", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-23504", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213598", "https://support.apple.com/en-us/HT213599", "https://support.apple.com/en-us/HT213601", "https://support.apple.com/en-us/HT213604", "https://support.apple.com/en-us/HT213605", "https://support.apple.com/en-us/HT213606" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "Wojciech Regula of SecuRing (wojciechregula.blog) and Csaba Fitzl (@theevilbit) of Offensive Security", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2023-23505", "impact": "An app may be able to access information about a user\u2019s contacts", "links": [ "https://support.apple.com/en-us/HT213598", "https://support.apple.com/en-us/HT213599", "https://support.apple.com/en-us/HT213603", "https://support.apple.com/en-us/HT213604", "https://support.apple.com/en-us/HT213605", "https://support.apple.com/en-us/HT213606" ], "module": "Screen Time", "rsr": "", "update": "May 11, 2023" }, { "available": [ "macOS Ventura" ], "credit": "Guilherme Rambo of Best Buddy Apps (rambo.codes)", "description": "A permissions issue was addressed with improved validation.", "id": "CVE-2023-23506", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/HT213605" ], "module": "libxpc", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2023-23507", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213604", "https://support.apple.com/en-us/HT213605" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-23508", "impact": "An app may be able to bypass Privacy preferences", "links": [ "https://support.apple.com/en-us/HT213603", "https://support.apple.com/en-us/HT213604", "https://support.apple.com/en-us/HT213605" ], "module": "Windows Installer", "rsr": "", "update": "" }, { "available": [ "macOS Ventura" ], "credit": "Guilherme Rambo of Best Buddy Apps (rambo.codes)", "description": "A permissions issue was addressed with improved validation.", "id": "CVE-2023-23510", "impact": "An app may be able to access a user\u2019s Safari history", "links": [ "https://support.apple.com/en-us/HT213605" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Ventura" ], "credit": "Wojciech Regula of SecuRing (wojciechregula.blog), an anonymous researcher", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-23511", "impact": "An app may be able to bypass Privacy preferences", "links": [ "https://support.apple.com/en-us/HT213599", "https://support.apple.com/en-us/HT213601", "https://support.apple.com/en-us/HT213604", "https://support.apple.com/en-us/HT213605", "https://support.apple.com/en-us/HT213606" ], "module": "Weather", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Adriatik Raci", "description": "The issue was addressed with improved handling of caches.", "id": "CVE-2023-23512", "impact": "Visiting a website may lead to an app denial-of-service", "links": [ "https://support.apple.com/en-us/HT213599", "https://support.apple.com/en-us/HT213601", "https://support.apple.com/en-us/HT213605", "https://support.apple.com/en-us/HT213606" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "Dimitrios Tatsis and Aleksandar Nikolic of Cisco Talos", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2023-23513", "impact": "Mounting a maliciously crafted Samba network share may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213603", "https://support.apple.com/en-us/HT213604", "https://support.apple.com/en-us/HT213605" ], "module": "dcerpc", "rsr": "", "update": "" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur", "macOS Ventura" ], "credit": "Xinru Chi of Pangu Lab and Ned Williamson of Google Project Zero", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2023-23514", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213633", "https://support.apple.com/en-us/HT213635", "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213675" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "Jordy Zomer (@pwningsystems)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-23516", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213603", "https://support.apple.com/en-us/HT213604", "https://support.apple.com/en-us/HT213605" ], "module": "Kernel", "rsr": "", "update": "May 11, 2023" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur", "macOS Big Sur and macOS Monterey", "macOS Monterey", "macOS Ventura" ], "bugzilla": "248268", "credit": "YeongHyeon Choi (@hyeon101010), Hyeon Park (@tree_segment), SeOk JEON (@_seokjeon), YoungSung Ahn (@_ZeroSung), JunSeo Bae (@snakebjs0107), and Dohyun Lee (@l33d0hyun) of Team ApplePIE", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-23517", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213599", "https://support.apple.com/en-us/HT213600", "https://support.apple.com/en-us/HT213601", "https://support.apple.com/en-us/HT213603", "https://support.apple.com/en-us/HT213604", "https://support.apple.com/en-us/HT213605", "https://support.apple.com/en-us/HT213606", "https://support.apple.com/en-us/HT213638" ], "module": "WebKit", "rsr": "", "update": "March 16, 2023" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur", "macOS Big Sur and macOS Monterey", "macOS Monterey", "macOS Ventura" ], "bugzilla": "248268", "credit": "YeongHyeon Choi (@hyeon101010), Hyeon Park (@tree_segment), SeOk JEON (@_seokjeon), YoungSung Ahn (@_ZeroSung), JunSeo Bae (@snakebjs0107), and Dohyun Lee (@l33d0hyun) of Team ApplePIE", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-23518", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213599", "https://support.apple.com/en-us/HT213600", "https://support.apple.com/en-us/HT213601", "https://support.apple.com/en-us/HT213603", "https://support.apple.com/en-us/HT213604", "https://support.apple.com/en-us/HT213605", "https://support.apple.com/en-us/HT213606", "https://support.apple.com/en-us/HT213638" ], "module": "WebKit", "rsr": "", "update": "March 16, 2023" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Meysam Firouzi @R00tkitSMM of Mbition Mercedes-Benz Innovation Lab, Yi\u011fit Can YILMAZ (@yilmazcanyigit), and jzhu working with Trend Micro Zero Day Initiative", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2023-23519", "impact": "Processing an image may lead to a denial-of-service", "links": [ "https://support.apple.com/en-us/HT213599", "https://support.apple.com/en-us/HT213601", "https://support.apple.com/en-us/HT213605", "https://support.apple.com/en-us/HT213606" ], "module": "ImageIO", "rsr": "", "update": "September 5, 2023" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Cees Elzinga", "description": "A race condition was addressed with additional validation.", "id": "CVE-2023-23520", "impact": "A user may be able to read arbitrary files as root", "links": [ "https://support.apple.com/en-us/HT213599", "https://support.apple.com/en-us/HT213601", "https://support.apple.com/en-us/HT213605", "https://support.apple.com/en-us/HT213606" ], "module": "Crash Reporter", "rsr": "", "update": "June 7, 2023" }, { "available": [ "macOS Ventura" ], "credit": "Wenchao Li and Xiaolong Bai of Alibaba Group", "description": "A privacy issue was addressed with improved handling of temporary files.", "id": "CVE-2023-23522", "impact": "An app may be able to observe unprotected user data.", "links": [ "https://support.apple.com/en-us/HT213633" ], "module": "Shortcuts", "rsr": "", "update": "" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "developStorm", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2023-23523", "impact": "Photos belonging to the Hidden Photos Album could be viewed without authentication through Visual Lookup", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213676" ], "module": "Photos", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later", "macOS Ventura" ], "credit": "David Benjamin of Google Chrome", "description": "A denial-of-service issue was addressed with improved input validation.", "id": "CVE-2023-23524", "impact": "Processing a maliciously crafted certificate may lead to a denial-of-service", "links": [ "https://support.apple.com/en-us/HT213632", "https://support.apple.com/en-us/HT213633", "https://support.apple.com/en-us/HT213634", "https://support.apple.com/en-us/HT213635" ], "module": "Security", "rsr": "", "update": "February 20, 2023" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed with improved checks.", "id": "CVE-2023-23525", "impact": "An app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213675", "https://support.apple.com/en-us/HT213676" ], "module": "LaunchServices", "rsr": "", "update": "" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Jubaer Alnazi of TRS Group of Companies", "description": "This was addressed with additional checks by Gatekeeper on files downloaded from an iCloud shared-by-me folder.", "id": "CVE-2023-23526", "impact": "A file from an iCloud shared-by-me folder may be able to bypass Gatekeeper", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213676" ], "module": "iCloud", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-23527", "impact": "A user may gain access to protected parts of the file system", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213674", "https://support.apple.com/en-us/HT213675", "https://support.apple.com/en-us/HT213676", "https://support.apple.com/en-us/HT213678" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later" ], "credit": "Jianjun Dai and Guang Gong of 360 Vulnerability Research Institute", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2023-23528", "impact": "Processing a maliciously crafted Bluetooth packet may result in disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT213674", "https://support.apple.com/en-us/HT213676" ], "module": "Core Bluetooth", "rsr": "", "update": "" }, { "available": [ "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later", "macOS Big Sur and macOS Monterey", "macOS Ventura" ], "bugzilla": "251944", "credit": "an anonymous researcher", "description": "A type confusion issue was addressed with improved checks.", "id": "CVE-2023-23529", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.", "links": [ "https://support.apple.com/en-us/HT213633", "https://support.apple.com/en-us/HT213635", "https://support.apple.com/en-us/HT213638", "https://support.apple.com/en-us/HT213673" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Austin Emmitt (@alkalinesec), Senior Security Researcher at Trellix Advanced Research Center", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-23530", "impact": "An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges", "links": [ "https://support.apple.com/en-us/HT213605", "https://support.apple.com/en-us/HT213606" ], "module": "Foundation", "rsr": "", "update": "February 20, 2023, updated May 1, 2023" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Austin Emmitt (@alkalinesec), Senior Security Researcher at Trellix Advanced Research Center", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-23531", "impact": "An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges", "links": [ "https://support.apple.com/en-us/HT213605", "https://support.apple.com/en-us/HT213606" ], "module": "Foundation", "rsr": "", "update": "February 20, 2023, updated May 1, 2023" }, { "available": [ "iPhone 8 and later, iPad Pro (3rd generation) and later, iPad Air (3rd generation) and later, and iPad mini (5th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Mohamed Ghannam (@_simo36)", "description": "This issue was addressed with improved checks.", "id": "CVE-2023-23532", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213676", "https://support.apple.com/en-us/HT213765" ], "module": "Apple Neural Engine", "rsr": "", "update": "" }, { "available": [ "macOS Ventura" ], "credit": "Mickey Jin (@patch1t), Koh M. Nakagawa of FFRI Security, Inc., and Csaba Fitzl (@theevilbit) of Offensive Security", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2023-23533", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/HT213670" ], "module": "Sandbox", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-23534", "impact": "Processing a maliciously crafted image may result in disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213675" ], "module": "Carbon Core", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur", "macOS Ventura" ], "credit": "ryuzaki", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-23535", "impact": "Processing a maliciously crafted image may result in disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213673", "https://support.apple.com/en-us/HT213674", "https://support.apple.com/en-us/HT213675", "https://support.apple.com/en-us/HT213676", "https://support.apple.com/en-us/HT213678" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur", "macOS Ventura" ], "credit": "F\u00e9lix Poulin-B\u00e9langer and David Pan Ogea", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2023-23536", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213673", "https://support.apple.com/en-us/HT213674", "https://support.apple.com/en-us/HT213675", "https://support.apple.com/en-us/HT213676", "https://support.apple.com/en-us/HT213678" ], "module": "Kernel", "rsr": "", "update": "May 1, 2023, updated December 21, 2023" }, { "available": [ "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur", "macOS Ventura" ], "credit": "Adam M.", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2023-23537", "impact": "An app may be able to read sensitive location information", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213673", "https://support.apple.com/en-us/HT213675", "https://support.apple.com/en-us/HT213676", "https://support.apple.com/en-us/HT213678" ], "module": "Find My", "rsr": "", "update": "December 21, 2023" }, { "available": [ "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2023-23538", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/HT213670" ], "module": "PackageKit", "rsr": "", "update": "" }, { "available": [ "macOS Ventura" ], "credit": "Aleksandar Nikolic and Dimitrios Tatsis of Cisco Talos", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2023-23539", "impact": "Mounting a maliciously crafted Samba network share may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213605" ], "module": "dcerpc", "rsr": "", "update": "May 1, 2023" }, { "available": [ "iPhone 8 and later, iPad Pro (3rd generation) and later, iPad Air (3rd generation) and later, and iPad mini (5th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur" ], "credit": "Mohamed GHANNAM (@_simo36)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-23540", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213675", "https://support.apple.com/en-us/HT213676", "https://support.apple.com/en-us/HT213842" ], "module": "Apple Neural Engine", "rsr": "", "update": "" }, { "available": [ "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later" ], "credit": "Csaba Fitzl (@theevilbit) of Offensive Security", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2023-23541", "impact": "An app may be able to access information about a user\u2019s contacts", "links": [ "https://support.apple.com/en-us/HT213673", "https://support.apple.com/en-us/HT213676" ], "module": "Accessibility", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Ventura" ], "credit": "Adam M.", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2023-23542", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213675" ], "module": "System Settings", "rsr": "", "update": "December 21, 2023" }, { "available": [ "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Yi\u011fit Can YILMAZ (@yilmazcanyigit)", "description": "The issue was addressed with additional restrictions on the observability of app states.", "id": "CVE-2023-23543", "impact": "A sandboxed app may be able to determine which app is currently using the camera", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213673", "https://support.apple.com/en-us/HT213676", "https://support.apple.com/en-us/HT213678" ], "module": "Camera", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "", "description": "Multiple issues were addressed by updating Vim.", "id": "CVE-2023-2426", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213844", "https://support.apple.com/en-us/HT213845" ], "module": "Vim", "rsr": "", "update": "December 21, 2023" }, { "available": [ "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "", "description": "Multiple issues were addressed by updating Vim.", "id": "CVE-2023-2609", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213844", "https://support.apple.com/en-us/HT213845" ], "module": "Vim", "rsr": "", "update": "December 21, 2023" }, { "available": [ "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "", "description": "Multiple issues were addressed by updating Vim.", "id": "CVE-2023-2610", "impact": "Multiple issues in Vim", "links": [ "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213844", "https://support.apple.com/en-us/HT213845" ], "module": "Vim", "rsr": "", "update": "December 21, 2023" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur", "macOS Ventura" ], "credit": "Csaba Fitzl (@theevilbit) of Offensive Security", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2023-27928", "impact": "An app may be able to access information about a user\u2019s contacts", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213673", "https://support.apple.com/en-us/HT213674", "https://support.apple.com/en-us/HT213675", "https://support.apple.com/en-us/HT213676", "https://support.apple.com/en-us/HT213678" ], "module": "Identity Services", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Meysam Firouzi (@R00tkitSMM) of Mbition Mercedes-Benz Innovation Lab and jzhu working with Trend Micro Zero Day Initiative", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2023-27929", "impact": "Processing a maliciously crafted image may result in disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213674", "https://support.apple.com/en-us/HT213676", "https://support.apple.com/en-us/HT213678" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "08Tc3wBB of Jamf", "description": "A type confusion issue was addressed with improved checks.", "id": "CVE-2023-27930", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213757", "https://support.apple.com/en-us/HT213758", "https://support.apple.com/en-us/HT213761", "https://support.apple.com/en-us/HT213764" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed by removing the vulnerable code.", "id": "CVE-2023-27931", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/HT213603", "https://support.apple.com/en-us/HT213604", "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213674", "https://support.apple.com/en-us/HT213676", "https://support.apple.com/en-us/HT213678" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur and macOS Monterey", "macOS Ventura" ], "bugzilla": "248615", "credit": "an anonymous researcher", "description": "This issue was addressed with improved state management.", "id": "CVE-2023-27932", "impact": "Processing maliciously crafted web content may bypass Same Origin Policy", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213671", "https://support.apple.com/en-us/HT213674", "https://support.apple.com/en-us/HT213676", "https://support.apple.com/en-us/HT213678" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "sqrtpwn", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-27933", "impact": "An app with root privileges may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213674", "https://support.apple.com/en-us/HT213676", "https://support.apple.com/en-us/HT213678" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Ventura" ], "credit": "Aleksandar Nikolic of Cisco Talos", "description": "A memory initialization issue was addressed.", "id": "CVE-2023-27934", "impact": "A remote attacker may be able to cause unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213670" ], "module": "dcerpc", "rsr": "", "update": "June 8, 2023" }, { "available": [ "macOS Big Sur", "macOS Ventura" ], "credit": "Aleksandar Nikolic of Cisco Talos", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2023-27935", "impact": "A remote user may be able to cause unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213675" ], "module": "dcerpc", "rsr": "", "update": "" }, { "available": [ "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "macOS Big Sur", "macOS Ventura" ], "credit": "Tingting Yin of Tsinghua University", "description": "An out-of-bounds write issue was addressed with improved input validation.", "id": "CVE-2023-27936", "impact": "An app may be able to cause unexpected system termination or write kernel memory", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213673", "https://support.apple.com/en-us/HT213675" ], "module": "CommCenter", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "An integer overflow was addressed with improved input validation.", "id": "CVE-2023-27937", "impact": "Parsing a maliciously crafted plist may lead to an unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213674", "https://support.apple.com/en-us/HT213675", "https://support.apple.com/en-us/HT213676", "https://support.apple.com/en-us/HT213678" ], "module": "Foundation", "rsr": "", "update": "" }, { "available": [ "macOS Monterey 12.3 and later" ], "credit": "Mickey Jin (@patch1t) of Trend Micro", "description": "An out-of-bounds read issue was addressed with improved input validation.", "id": "CVE-2023-27938", "impact": "Parsing a maliciously crafted MIDI file may lead to an unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213650" ], "module": "GarageBand", "rsr": "", "update": "March 9, 2023" }, { "available": [ "macOS Ventura" ], "credit": "jzhu working with Trend Micro Zero Day Initiative", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2023-27939", "impact": "Processing an image may result in disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT213670" ], "module": "ImageIO", "rsr": "", "update": "August 1, 2023, updated December 21, 2023" }, { "available": [ "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "macOS Ventura" ], "credit": "James Duffy (mangoSecure)", "description": "The issue was addressed with additional permissions checks.", "id": "CVE-2023-27940", "impact": "A sandboxed app may be able to observe system-wide network connections", "links": [ "https://support.apple.com/en-us/HT213758", "https://support.apple.com/en-us/HT213765" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "macOS Big Sur", "macOS Ventura" ], "credit": "Arsenii Kostromin (0x3c3e)", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2023-27941", "impact": "An app may be able to disclose kernel memory", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213673", "https://support.apple.com/en-us/HT213675" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-27942", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213674", "https://support.apple.com/en-us/HT213675", "https://support.apple.com/en-us/HT213676", "https://support.apple.com/en-us/HT213678" ], "module": "Podcasts", "rsr": "", "update": "" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "an anonymous researcher, Brandon Dalton (@partyD0lphin) of Red Canary, Milan Tenk, and Arthur Valiev of F-Secure Corporation", "description": "This issue was addressed with improved checks.", "id": "CVE-2023-27943", "impact": "Files downloaded from the internet may not have the quarantine flag applied", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213676" ], "module": "LaunchServices", "rsr": "", "update": "October 31, 2023" }, { "available": [ "macOS Big Sur", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed with a new entitlement.", "id": "CVE-2023-27944", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213675" ], "module": "XPC", "rsr": "", "update": "" }, { "available": [ "macOS Ventura 13.0 and later" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed with improved entitlements.", "id": "CVE-2023-27945", "impact": "A sandboxed app may be able to collect system logs", "links": [ "https://support.apple.com/en-us/HT213679" ], "module": "Dev Tools", "rsr": "", "update": "" }, { "available": [ "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "macOS Big Sur", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2023-27946", "impact": "Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213673", "https://support.apple.com/en-us/HT213675" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "macOS Ventura" ], "credit": "Meysam Firouzi @R00tkitSMM of Mbition Mercedes-Benz Innovation Lab", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2023-27947", "impact": "Processing an image may result in disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT213670" ], "module": "ImageIO", "rsr": "", "update": "August 1, 2023, updated December 21, 2023" }, { "available": [ "macOS Ventura" ], "credit": "Meysam Firouzi (@R00tkitSMM) of Mbition Mercedes-Benz Innovation Lab", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2023-27948", "impact": "Processing an image may result in disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT213670" ], "module": "ImageIO", "rsr": "", "update": "August 1, 2023, updated December 21, 2023" }, { "available": [ "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2023-27949", "impact": "Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213673" ], "module": "Model I/O", "rsr": "", "update": "" }, { "available": [ "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2023-27950", "impact": "Processing an image may result in disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213673" ], "module": "Model I/O", "rsr": "", "update": "December 21, 2023" }, { "available": [ "macOS Big Sur", "macOS Ventura" ], "credit": "Brandon Dalton (@partyD0lphin) of Red Canary and Csaba Fitzl (@theevilbit) of Offensive Security", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-27951", "impact": "An archive may be able to bypass Gatekeeper", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213675" ], "module": "Archive Utility", "rsr": "", "update": "May 11, 2023" }, { "available": [ "macOS Ventura" ], "credit": "Csaba Fitzl (@theevilbit) of Offensive Security", "description": "A race condition was addressed with improved locking.", "id": "CVE-2023-27952", "impact": "An app may bypass Gatekeeper checks", "links": [ "https://support.apple.com/en-us/HT213670" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Ventura" ], "credit": "Aleksandar Nikolic of Cisco Talos", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-27953", "impact": "A remote user may be able to cause unexpected system termination or corrupt kernel memory", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213675" ], "module": "dcerpc", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur and macOS Monterey", "macOS Ventura" ], "bugzilla": "250837", "credit": "an anonymous researcher", "description": "The issue was addressed by removing origin information.", "id": "CVE-2023-27954", "impact": "A website may be able to track sensitive user information", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213671", "https://support.apple.com/en-us/HT213673", "https://support.apple.com/en-us/HT213674", "https://support.apple.com/en-us/HT213676", "https://support.apple.com/en-us/HT213678" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur", "macOS Ventura" ], "credit": "JeongOhKyea", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-27955", "impact": "An app may be able to read arbitrary files", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213674", "https://support.apple.com/en-us/HT213675", "https://support.apple.com/en-us/HT213676" ], "module": "ColorSync", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Ye Zhang of Baidu Security", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-27956", "impact": "Processing a maliciously crafted image may result in disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213673", "https://support.apple.com/en-us/HT213674", "https://support.apple.com/en-us/HT213676", "https://support.apple.com/en-us/HT213678" ], "module": "FontParser", "rsr": "", "update": "" }, { "available": [ "macOS Ventura" ], "credit": "Yi\u011fit Can YILMAZ (@yilmazcanyigit)", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2023-27957", "impact": "Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213670" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Ventura" ], "credit": "Aleksandar Nikolic of Cisco Talos", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-27958", "impact": "A remote user may be able to cause unexpected system termination or corrupt kernel memory", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213675" ], "module": "dcerpc", "rsr": "", "update": "" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later" ], "credit": "Mohamed GHANNAM (@_simo36)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-27959", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213676" ], "module": "Apple Neural Engine", "rsr": "", "update": "" }, { "available": [ "macOS Monterey 12.3 and later" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed by removing the vulnerable code.", "id": "CVE-2023-27960", "impact": "An app may be able to gain elevated privileges during the installation of GarageBand", "links": [ "https://support.apple.com/en-us/HT213650" ], "module": "GarageBand", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur", "macOS Ventura" ], "credit": "R\u0131za Sabuncu (@rizasabuncu)", "description": "Multiple validation issues were addressed with improved input sanitization.", "id": "CVE-2023-27961", "impact": "Importing a maliciously crafted calendar invitation may exfiltrate user information", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213673", "https://support.apple.com/en-us/HT213675", "https://support.apple.com/en-us/HT213676", "https://support.apple.com/en-us/HT213678" ], "module": "Calendar", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2023-27962", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213675" ], "module": "PackageKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Jubaer Alnazi Jabin of TRS Group Of Companies, and Wenchao Li and Xiaolong Bai of Alibaba Group", "description": "The issue was addressed with additional permissions checks.", "id": "CVE-2023-27963", "impact": "A shortcut may be able to use sensitive data with certain actions without prompting the user", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213673", "https://support.apple.com/en-us/HT213674", "https://support.apple.com/en-us/HT213676", "https://support.apple.com/en-us/HT213678" ], "module": "Shortcuts", "rsr": "", "update": "" }, { "available": [ "AirPods (2nd generation and later), AirPods Pro (all models), AirPods Max", "Powerbeats Pro, Beats Fit Pro" ], "credit": "Yun-hao Chung and Archie Pusaka of Google ChromeOS", "description": "An authentication issue was addressed with improved state management.", "id": "CVE-2023-27964", "impact": "When your headphones are seeking a connection request to one of your previously paired devices, an attacker in Bluetooth range might be able to spoof the intended source device and gain access to your headphones.", "links": [ "https://support.apple.com/102783" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "macOS Ventura 13.3 and later" ], "credit": "Proteas of Pangu Lab", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2023-27965", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213672" ], "module": "Display", "rsr": "", "update": "" }, { "available": [ "macOS Ventura" ], "credit": "Masahiro Kawada (@kawakatz) of GMO Cybersecurity by Ierae", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-27966", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/HT213670" ], "module": "SharedFileList", "rsr": "", "update": "May 1, 2023, updated August 1, 2023" }, { "available": [ "macOS Ventura 13.0 and later" ], "credit": "Austin Emmitt, Senior Security Researcher at Trellix ARC", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-27967", "impact": "An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges", "links": [ "https://support.apple.com/en-us/HT213679" ], "module": "Dev Tools", "rsr": "", "update": "" }, { "available": [ "macOS Ventura" ], "credit": "ABC Research s.r.o.", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2023-27968", "impact": "An app may be able to cause unexpected system termination or write kernel memory", "links": [ "https://support.apple.com/en-us/HT213670" ], "module": "AMD", "rsr": "", "update": "September 5, 2023" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Adam Doup\u00e9 of ASU SEFCOM", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2023-27969", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213673", "https://support.apple.com/en-us/HT213674", "https://support.apple.com/en-us/HT213676", "https://support.apple.com/en-us/HT213678" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later" ], "credit": "Mohamed GHANNAM", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2023-27970", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213676" ], "module": "Apple Neural Engine", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Yi\u011fit Can YILMAZ (@yilmazcanyigit)", "description": "A logic issue was addressed with improved validation.", "id": "CVE-2023-28178", "impact": "An app may be able to bypass Privacy preferences", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213674", "https://support.apple.com/en-us/HT213676", "https://support.apple.com/en-us/HT213678" ], "module": "Sandbox", "rsr": "", "update": "" }, { "available": [ "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-28179", "impact": "Processing a maliciously crafted AppleScript binary may result in unexpected app termination or disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT213670" ], "module": "AppleScript", "rsr": "", "update": "August 1, 2023" }, { "available": [ "macOS Ventura" ], "credit": "Aleksandar Nikolic of Cisco Talos", "description": "A denial-of-service issue was addressed with improved memory handling.", "id": "CVE-2023-28180", "impact": "A user in a privileged network position may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/HT213670" ], "module": "dcerpc", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Tingting Yin of Tsinghua University", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-28181", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213674", "https://support.apple.com/en-us/HT213676", "https://support.apple.com/en-us/HT213678", "https://support.apple.com/en-us/HT213765" ], "module": "CoreCapture", "rsr": "", "update": "" }, { "available": [ "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur", "macOS Ventura" ], "credit": "Zhuowei Zhang", "description": "The issue was addressed with improved authentication.", "id": "CVE-2023-28182", "impact": "A user in a privileged network position may be able to spoof a VPN server that is configured with EAP-only authentication on a device", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213673", "https://support.apple.com/en-us/HT213675", "https://support.apple.com/en-us/HT213676" ], "module": "NetworkExtension", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur" ], "credit": "Pan ZhenPeng of STAR Labs SG Pte. Ltd.", "description": "An integer overflow was addressed through improved input validation.", "id": "CVE-2023-28185", "impact": "An app may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/HT213673", "https://support.apple.com/en-us/HT213674", "https://support.apple.com/en-us/HT213675", "https://support.apple.com/en-us/HT213676", "https://support.apple.com/en-us/HT213678" ], "module": "Kernel", "rsr": "", "update": "December 21, 2023" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte. Ltd.", "description": "This issue was addressed with improved state management.", "id": "CVE-2023-28187", "impact": "A user may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213676" ], "module": "Kernel", "rsr": "", "update": "October 31, 2023" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Xin Huang (@11iaxH)", "description": "A denial-of-service issue was addressed with improved input validation.", "id": "CVE-2023-28188", "impact": "A remote user may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213676" ], "module": "TextKit", "rsr": "", "update": "October 31, 2023" }, { "available": [ "macOS Big Sur", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-28189", "impact": "An app may be able to view sensitive information", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213675" ], "module": "Mail", "rsr": "", "update": "May 11, 2023" }, { "available": [ "macOS Ventura" ], "credit": "Joshua Jones", "description": "A privacy issue was addressed by moving sensitive data to a more secure location.", "id": "CVE-2023-28190", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/HT213670" ], "module": "FaceTime", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed with improved redaction of sensitive information.", "id": "CVE-2023-28191", "impact": "An app may be able to bypass Privacy preferences", "links": [ "https://support.apple.com/en-us/HT213757", "https://support.apple.com/en-us/HT213758", "https://support.apple.com/en-us/HT213761", "https://support.apple.com/en-us/HT213764" ], "module": "CoreServices", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Ventura" ], "credit": "Guilherme Rambo of Best Buddy Apps (rambo.codes)", "description": "A permissions issue was addressed with improved validation.", "id": "CVE-2023-28192", "impact": "An app may be able to read sensitive location information", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213675" ], "module": "System Settings", "rsr": "", "update": "" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later" ], "credit": "Anton Spivak", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-28194", "impact": "An app may be able to unexpectedly create a bookmark on the Home Screen", "links": [ "https://support.apple.com/en-us/HT213676" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Adam M.", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2023-28195", "impact": "An app may be able to read sensitive location information", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213676", "https://support.apple.com/en-us/HT213678" ], "module": "Find My", "rsr": "", "update": "December 21, 2023" }, { "available": [ "macOS Big Sur", "macOS Ventura" ], "credit": "Joshua Jones", "description": "An access issue was addressed with additional sandbox restrictions.", "id": "CVE-2023-28197", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213675" ], "module": "Messages", "rsr": "", "update": "December 21, 2023" }, { "available": [ "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur and macOS Monterey", "macOS Ventura" ], "bugzilla": "250429", "credit": "hazbinhotel working with Trend Micro Zero Day Initiative", "description": "A use-after-free issue was addressed with improved memory management.", "id": "CVE-2023-28198", "impact": "Processing web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213671", "https://support.apple.com/en-us/HT213673", "https://support.apple.com/en-us/HT213676" ], "module": "WebKit", "rsr": "", "update": "December 21, 2023" }, { "available": [ "macOS Big Sur", "macOS Ventura" ], "credit": "Arsenii Kostromin (0x3c3e)", "description": "An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation.", "id": "CVE-2023-28199", "impact": "An app may be able to disclose kernel memory", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213675" ], "module": "Kernel", "rsr": "", "update": "May 11, 2023, updated December 21, 2023" }, { "available": [ "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "macOS Big Sur", "macOS Ventura" ], "credit": "Arsenii Kostromin (0x3c3e)", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2023-28200", "impact": "An app may be able to disclose kernel memory", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213673", "https://support.apple.com/en-us/HT213675", "https://support.apple.com/en-us/HT213843" ], "module": "Kernel", "rsr": "", "update": "September 6, 2023" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur and macOS Monterey", "macOS Ventura" ], "credit": "Dohyun Lee (@l33d0hyun), crixer (@pwning_me) of SSD Labs", "description": "This issue was addressed with improved state management.", "id": "CVE-2023-28201", "impact": "A remote attacker may be able to cause unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213671", "https://support.apple.com/en-us/HT213673", "https://support.apple.com/en-us/HT213674", "https://support.apple.com/en-us/HT213676" ], "module": "WebKit Web Inspector", "rsr": "", "update": "May 1, 2023" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Satish Panduranga and an anonymous researcher", "description": "This issue was addressed with improved state management.", "id": "CVE-2023-28202", "impact": "An app firewall setting may not take effect after exiting the Settings app", "links": [ "https://support.apple.com/en-us/HT213757", "https://support.apple.com/en-us/HT213758", "https://support.apple.com/en-us/HT213761", "https://support.apple.com/en-us/HT213764" ], "module": "System Settings", "rsr": "", "update": "" }, { "available": [ "Android version 5.0 and later" ], "credit": "ZiMing Zeng(@hluwa) of iJiami Technology Co. Ltd (ijiami.cn)", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-28203", "impact": "An app may be able to access contacts", "links": [ "https://support.apple.com/en-us/HT213833" ], "module": "Apple Music on Android", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur and macOS Monterey", "macOS Ventura" ], "bugzilla": "254930", "credit": "an anonymous researcher", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2023-28204", "impact": "Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been actively exploited.", "links": [ "https://support.apple.com/en-us/HT213757", "https://support.apple.com/en-us/HT213758", "https://support.apple.com/en-us/HT213761", "https://support.apple.com/en-us/HT213762", "https://support.apple.com/en-us/HT213764", "https://support.apple.com/en-us/HT213765" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur and macOS Monterey", "macOS Ventura" ], "bugzilla": "254797", "credit": "Cl\u00e9ment Lecigne of Google's Threat Analysis Group and Donncha \u00d3 Cearbhaill of Amnesty International\u2019s Security Lab", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2023-28205", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.", "links": [ "https://support.apple.com/en-us/HT213720", "https://support.apple.com/en-us/HT213721", "https://support.apple.com/en-us/HT213722", "https://support.apple.com/en-us/HT213723" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "Cl\u00e9ment Lecigne of Google's Threat Analysis Group and Donncha \u00d3 Cearbhaill of Amnesty International\u2019s Security Lab", "description": "An out-of-bounds write issue was addressed with improved input validation.", "id": "CVE-2023-28206", "impact": "An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.", "links": [ "https://support.apple.com/en-us/HT213720", "https://support.apple.com/en-us/HT213721", "https://support.apple.com/en-us/HT213723", "https://support.apple.com/en-us/HT213724", "https://support.apple.com/en-us/HT213725" ], "module": "IOSurfaceAccelerator", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Ventura" ], "credit": "Wojciech Regu\u0142a (@_r3ggi) of SecuRing", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-28207", "impact": "A plug-in may be able to inherit app permissions and access user data", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213675" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "March 20, 2025" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "freshman", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2023-28208", "impact": "A user may send a text from a secondary eSIM despite configuring a contact to use a primary eSIM", "links": [ "https://support.apple.com/en-us/HT213605", "https://support.apple.com/en-us/HT213606" ], "module": "Messages", "rsr": "", "update": "September 5, 2023" }, { "available": [ "macOS Ventura" ], "credit": "ABC Research s.r.o.", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2023-28209", "impact": "An app may be able to cause unexpected system termination or write kernel memory", "links": [ "https://support.apple.com/en-us/HT213670" ], "module": "AMD", "rsr": "", "update": "September 5, 2023" }, { "available": [ "macOS Ventura" ], "credit": "ABC Research s.r.o.", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2023-28210", "impact": "An app may be able to cause unexpected system termination or write kernel memory", "links": [ "https://support.apple.com/en-us/HT213670" ], "module": "AMD", "rsr": "", "update": "September 5, 2023" }, { "available": [ "macOS Ventura" ], "credit": "ABC Research s.r.o.", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2023-28211", "impact": "An app may be able to cause unexpected system termination or write kernel memory", "links": [ "https://support.apple.com/en-us/HT213670" ], "module": "AMD", "rsr": "", "update": "September 5, 2023" }, { "available": [ "macOS Ventura" ], "credit": "ABC Research s.r.o.", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2023-28212", "impact": "An app may be able to cause unexpected system termination or write kernel memory", "links": [ "https://support.apple.com/en-us/HT213670" ], "module": "AMD", "rsr": "", "update": "September 5, 2023" }, { "available": [ "macOS Ventura" ], "credit": "ABC Research s.r.o.", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2023-28213", "impact": "An app may be able to cause unexpected system termination or write kernel memory", "links": [ "https://support.apple.com/en-us/HT213670" ], "module": "AMD", "rsr": "", "update": "September 5, 2023" }, { "available": [ "macOS Ventura" ], "credit": "ABC Research s.r.o.", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2023-28214", "impact": "An app may be able to cause unexpected system termination or write kernel memory", "links": [ "https://support.apple.com/en-us/HT213670" ], "module": "AMD", "rsr": "", "update": "September 5, 2023" }, { "available": [ "macOS Ventura" ], "credit": "ABC Research s.r.o.", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2023-28215", "impact": "An app may be able to cause unexpected system termination or write kernel memory", "links": [ "https://support.apple.com/en-us/HT213670" ], "module": "AMD", "rsr": "", "update": "September 5, 2023" }, { "available": [ "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "", "description": "Multiple issues were addressed by updating curl.", "id": "CVE-2023-28319", "impact": "Multiple issues in curl", "links": [ "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213844", "https://support.apple.com/en-us/HT213845" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "", "description": "Multiple issues were addressed by updating curl.", "id": "CVE-2023-28320", "impact": "Multiple issues in curl", "links": [ "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213844", "https://support.apple.com/en-us/HT213845" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "", "description": "Multiple issues were addressed by updating curl.", "id": "CVE-2023-28321", "impact": "Multiple issues in curl", "links": [ "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213844", "https://support.apple.com/en-us/HT213845" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "", "description": "Multiple issues were addressed by updating curl.", "id": "CVE-2023-28322", "impact": "Multiple issues in curl", "links": [ "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213844", "https://support.apple.com/en-us/HT213845" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "Meng Zhang (\u9cb8\u843d) of NorthSea", "description": "This issue was addressed with improved redaction of sensitive information.", "id": "CVE-2023-28826", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/HT213984" ], "module": "MediaRemote", "rsr": "", "update": "March 7, 2024" }, { "available": [ "macOS 10.14.5 and later" ], "credit": "Koh M. Nakagawa (@tsunek0h)", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2023-29166", "impact": "A user may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/HT213882" ], "module": "Pro Video Formats", "rsr": "", "update": "" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "OSS-Fuzz, and Ned Williamson of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved input validation.", "id": "CVE-2023-29469", "impact": "Multiple issues in libxml2", "links": [ "https://support.apple.com/en-us/HT213757", "https://support.apple.com/en-us/HT213758" ], "module": "libxml2", "rsr": "", "update": "December 21, 2023" }, { "available": [ "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "Jonathan Bar Or of Microsoft, Emanuele Cozzi of Microsoft, and Michael Pearse of Microsoft", "description": "A memory corruption issue was addressed with improved validation.", "id": "CVE-2023-29491", "impact": "An app may cause unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213844", "https://support.apple.com/en-us/HT213845" ], "module": "ncurses", "rsr": "", "update": "September 6, 2023" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)" ], "credit": "Kirin (@Pwnrin) and Yishu Wang", "description": "A privacy issue was addressed with improved handling of temporary files.", "id": "CVE-2023-29497", "impact": "An app may be able to access calendar data saved to a temporary directory", "links": [ "https://support.apple.com/en-us/HT213940" ], "module": "Calendar", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "Sandipan Roy", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-2953", "impact": "A remote user may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213844", "https://support.apple.com/en-us/HT213845" ], "module": "OpenLDAP", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "", "description": "This issue was addressed by removing the vulnerable code.", "id": "CVE-2023-30774", "impact": "Parsing a file may lead to an unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213984" ], "module": "App Support", "rsr": "", "update": "" }, { "available": [ "Windows 10 and later" ], "credit": "ycdxsb of VARAS@IIE", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2023-32351", "impact": "An app may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT213763" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Wojciech Regu\u0142a (@_r3ggi) of SecuRing (wojciechregula.blog)", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2023-32352", "impact": "An app may bypass Gatekeeper checks", "links": [ "https://support.apple.com/en-us/HT213757", "https://support.apple.com/en-us/HT213758", "https://support.apple.com/en-us/HT213761", "https://support.apple.com/en-us/HT213764" ], "module": "LaunchServices", "rsr": "", "update": "" }, { "available": [ "Windows 10 and later" ], "credit": "Zeeshan Shaikh (@bugzzzhunter) \u2013 Synopsys Cybersecurity Research Center (CyRC)", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2023-32353", "impact": "An app may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/HT213763" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later" ], "credit": "Linus Henze of Pinauten GmbH (pinauten.de)", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2023-32354", "impact": "An app may be able to disclose kernel memory", "links": [ "https://support.apple.com/en-us/HT213757", "https://support.apple.com/en-us/HT213761", "https://support.apple.com/en-us/HT213764" ], "module": "IOSurfaceAccelerator", "rsr": "", "update": "" }, { "available": [ "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2023-32355", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/HT213758" ], "module": "PackageKit", "rsr": "", "update": "" }, { "available": [ "macOS Ventura" ], "credit": "ABC Research s.r.o.", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2023-32356", "impact": "An app may be able to cause unexpected system termination or write kernel memory", "links": [ "https://support.apple.com/en-us/HT213670" ], "module": "AMD", "rsr": "", "update": "September 5, 2023" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Yi\u011fit Can YILMAZ (@yilmazcanyigit), Koh M. Nakagawa of FFRI Security, Inc., Kirin (@Pwnrin), Jeff Johnson (underpassapp.com), and Csaba Fitzl (@theevilbit) of Offensive Security", "description": "An authorization issue was addressed with improved state management.", "id": "CVE-2023-32357", "impact": "An app may be able to retain access to system configuration files even after its permission is revoked", "links": [ "https://support.apple.com/en-us/HT213757", "https://support.apple.com/en-us/HT213758", "https://support.apple.com/en-us/HT213761", "https://support.apple.com/en-us/HT213764" ], "module": "Sandbox", "rsr": "", "update": "" }, { "available": [ "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "bugzilla": "249169", "credit": "Anonymous working with Trend Micro Zero Day Initiative", "description": "A type confusion issue was addressed with improved checks.", "id": "CVE-2023-32358", "impact": "Processing web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213673", "https://support.apple.com/en-us/HT213676" ], "module": "WebKit PDF", "rsr": "", "update": "December 21, 2023" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "bugzilla": "248717", "credit": "Claire Houston", "description": "This issue was addressed with improved redaction of sensitive information.", "id": "CVE-2023-32359", "impact": "A user's password may be read aloud by VoiceOver", "links": [ "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940", "https://support.apple.com/en-us/HT213981" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Ventura" ], "credit": "Gerhard Muth", "description": "An authentication issue was addressed with improved state management.", "id": "CVE-2023-32360", "impact": "An unauthenticated user may be able to access recently printed documents", "links": [ "https://support.apple.com/en-us/HT213758" ], "module": "CUPS", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Csaba Fitzl (@theevilbit) of Offensive Security", "description": "The issue was addressed with improved handling of caches.", "id": "CVE-2023-32361", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/HT213936", "https://support.apple.com/en-us/HT213937", "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940" ], "module": "AuthKit", "rsr": "", "update": "" }, { "available": [ "macOS Ventura" ], "credit": "Khiem Tran", "description": "Error handling was changed to not reveal sensitive information.", "id": "CVE-2023-32362", "impact": "A website may be able to track sensitive user information", "links": [ "https://support.apple.com/en-us/HT213670" ], "module": "Quick Look", "rsr": "", "update": "September 5, 2023" }, { "available": [ "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "A permissions issue was addressed by removing vulnerable code and adding additional checks.", "id": "CVE-2023-32363", "impact": "An app may be able to bypass Privacy preferences", "links": [ "https://support.apple.com/en-us/HT213758" ], "module": "Screen Saver", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "Gergely Kalman (@gergely_kalman)", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2023-32364", "impact": "A sandboxed process may be able to circumvent sandbox restrictions", "links": [ "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213844", "https://support.apple.com/en-us/HT213845" ], "module": "AppSandbox", "rsr": "", "update": "" }, { "available": [ "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later" ], "credit": "Jiwon Park", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-32365", "impact": "Shake-to-undo may allow a deleted photo to be re-surfaced without authentication", "links": [ "https://support.apple.com/en-us/HT213757", "https://support.apple.com/en-us/HT213765" ], "module": "Photos", "rsr": "", "update": "" }, { "available": [ "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur", "macOS Ventura" ], "credit": "Ye Zhang (@VAR10CK) of Baidu Security", "description": "An out-of-bounds write issue was addressed with improved input validation.", "id": "CVE-2023-32366", "impact": "Processing a font file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213673", "https://support.apple.com/en-us/HT213675", "https://support.apple.com/en-us/HT213676" ], "module": "FontParser", "rsr": "", "update": "December 21, 2023" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "James Duffy (mangoSecure)", "description": "This issue was addressed with improved entitlements.", "id": "CVE-2023-32367", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/HT213757", "https://support.apple.com/en-us/HT213758" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2023-32368", "impact": "Processing a 3D model may result in disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT213757", "https://support.apple.com/en-us/HT213758", "https://support.apple.com/en-us/HT213761", "https://support.apple.com/en-us/HT213764" ], "module": "Model I/O", "rsr": "", "update": "" }, { "available": [ "macOS Ventura" ], "credit": "Jonathan Bar Or of Microsoft, Anurag Bohra of Microsoft, and Michael Pearse of Microsoft", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2023-32369", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/HT213758" ], "module": "libxpc", "rsr": "", "update": "" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur and macOS Monterey", "macOS Ventura" ], "bugzilla": "250709", "credit": "Gertjan Franken of imec-DistriNet, KU Leuven", "description": "A logic issue was addressed with improved validation.", "id": "CVE-2023-32370", "impact": "Content Security Policy to block domains with wildcards may fail", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213671", "https://support.apple.com/en-us/HT213676" ], "module": "WebKit", "rsr": "", "update": "December 21, 2023" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "James Duffy (mangoSecure)", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-32371", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/HT213757", "https://support.apple.com/en-us/HT213758" ], "module": "Associated Domains", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Meysam Firouzi @R00tkitSMM of Mbition Mercedes-Benz Innovation Lab working with Trend Micro Zero Day Initiative", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2023-32372", "impact": "Processing an image may result in disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT213757", "https://support.apple.com/en-us/HT213758", "https://support.apple.com/en-us/HT213761", "https://support.apple.com/en-us/HT213764" ], "module": "ImageIO", "rsr": "", "update": "September 5, 2023" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur and macOS Monterey", "macOS Ventura" ], "bugzilla": "254840", "credit": "an anonymous researcher", "description": "A use-after-free issue was addressed with improved memory management.", "id": "CVE-2023-32373", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.", "links": [ "https://support.apple.com/en-us/HT213757", "https://support.apple.com/en-us/HT213758", "https://support.apple.com/en-us/HT213761", "https://support.apple.com/en-us/HT213762", "https://support.apple.com/en-us/HT213764", "https://support.apple.com/en-us/HT213765" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Ventura" ], "credit": "Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2023-32375", "impact": "Processing a 3D model may result in disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT213758" ], "module": "Model I/O", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Yi\u011fit Can YILMAZ (@yilmazcanyigit)", "description": "This issue was addressed with improved entitlements.", "id": "CVE-2023-32376", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/HT213757", "https://support.apple.com/en-us/HT213758", "https://support.apple.com/en-us/HT213761", "https://support.apple.com/en-us/HT213764" ], "module": "StorageKit", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)" ], "credit": "ABC Research s.r.o.", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2023-32377", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213940" ], "module": "AMD", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Ventura" ], "credit": "Murray Mike", "description": "A use-after-free issue was addressed with improved memory management.", "id": "CVE-2023-32378", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213675" ], "module": "IOAcceleratorFamily", "rsr": "", "update": "December 21, 2023" }, { "available": [ "macOS Ventura" ], "credit": "ABC Research s.r.o.", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2023-32379", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213758" ], "module": "AMD", "rsr": "", "update": "September 5, 2023" }, { "available": [ "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2023-32380", "impact": "Processing a 3D model may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213758" ], "module": "Model I/O", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "A use-after-free issue was addressed with improved memory management.", "id": "CVE-2023-32381", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213841", "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213844", "https://support.apple.com/en-us/HT213845", "https://support.apple.com/en-us/HT213846", "https://support.apple.com/en-us/HT213848" ], "module": "Kernel", "rsr": "", "update": "October 31, 2023" }, { "available": [ "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2023-32382", "impact": "Processing a 3D model may result in disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT213758" ], "module": "Model I/O", "rsr": "", "update": "" }, { "available": [ "macOS Ventura" ], "credit": "James Duffy (mangoSecure)", "description": "This issue was addressed by forcing hardened runtime on the affected binaries at the system level.", "id": "CVE-2023-32383", "impact": "An app may be able to inject code into sensitive binaries bundled with Xcode", "links": [ "https://support.apple.com/en-us/HT213758" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "December 21, 2023" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Meysam Firouzi @R00tkitsmm working with Trend Micro Zero Day Initiative", "description": "A buffer overflow was addressed with improved bounds checking.", "id": "CVE-2023-32384", "impact": "Processing an image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213757", "https://support.apple.com/en-us/HT213758", "https://support.apple.com/en-us/HT213761", "https://support.apple.com/en-us/HT213764", "https://support.apple.com/en-us/HT213765" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Jonathan Fritz", "description": "A denial-of-service issue was addressed with improved memory handling.", "id": "CVE-2023-32385", "impact": "Opening a PDF file may lead to unexpected app termination", "links": [ "https://support.apple.com/en-us/HT213757", "https://support.apple.com/en-us/HT213758" ], "module": "PDFKit", "rsr": "", "update": "" }, { "available": [ "macOS Ventura" ], "credit": "Kirin (@Pwnrin)", "description": "A privacy issue was addressed with improved handling of temporary files.", "id": "CVE-2023-32386", "impact": "An app may be able to observe unprotected user data", "links": [ "https://support.apple.com/en-us/HT213758" ], "module": "Contacts", "rsr": "", "update": "" }, { "available": [ "macOS Ventura" ], "credit": "Dimitrios Tatsis of Cisco Talos", "description": "A use-after-free issue was addressed with improved memory management.", "id": "CVE-2023-32387", "impact": "A remote attacker may be able to cause unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213758" ], "module": "dcerpc", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Kirin (@Pwnrin)", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2023-32388", "impact": "An app may be able to bypass Privacy preferences", "links": [ "https://support.apple.com/en-us/HT213757", "https://support.apple.com/en-us/HT213758", "https://support.apple.com/en-us/HT213764", "https://support.apple.com/en-us/HT213765" ], "module": "Accessibility", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte. Ltd.", "description": "This issue was addressed with improved redaction of sensitive information.", "id": "CVE-2023-32389", "impact": "An app may be able to disclose kernel memory", "links": [ "https://support.apple.com/en-us/HT213757", "https://support.apple.com/en-us/HT213758", "https://support.apple.com/en-us/HT213761", "https://support.apple.com/en-us/HT213764" ], "module": "Wi-Fi", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Julian Szulc", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-32390", "impact": "Photos belonging to the Hidden Photos Album could be viewed without authentication through Visual Lookup", "links": [ "https://support.apple.com/en-us/HT213757", "https://support.apple.com/en-us/HT213758", "https://support.apple.com/en-us/HT213761", "https://support.apple.com/en-us/HT213764" ], "module": "Photos", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Wenchao Li and Xiaolong Bai of Alibaba Group", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-32391", "impact": "A shortcut may be able to use sensitive data with certain actions without prompting the user", "links": [ "https://support.apple.com/en-us/HT213757", "https://support.apple.com/en-us/HT213758", "https://support.apple.com/en-us/HT213761", "https://support.apple.com/en-us/HT213764", "https://support.apple.com/en-us/HT213765" ], "module": "Shortcuts", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Adam M.", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2023-32392", "impact": "An app may be able to read sensitive location information", "links": [ "https://support.apple.com/en-us/HT213757", "https://support.apple.com/en-us/HT213758", "https://support.apple.com/en-us/HT213761", "https://support.apple.com/en-us/HT213764" ], "module": "GeoServices", "rsr": "", "update": "September 5, 2023" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "bugzilla": "248885", "credit": "Francisco Alonso (@revskills)", "description": "The issue was addressed with improved memory handling", "id": "CVE-2023-32393", "impact": "Processing web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213599", "https://support.apple.com/en-us/HT213601", "https://support.apple.com/en-us/HT213605", "https://support.apple.com/en-us/HT213606" ], "module": "WebKit", "rsr": "", "update": "June 28, 2023" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Khiem Tran", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-32394", "impact": "A person with physical access to a device may be able to view contact information from the lock screen", "links": [ "https://support.apple.com/en-us/HT213757", "https://support.apple.com/en-us/HT213758", "https://support.apple.com/en-us/HT213761", "https://support.apple.com/en-us/HT213764" ], "module": "Siri", "rsr": "", "update": "" }, { "available": [ "macOS Ventura" ], "credit": "Arsenii Kostromin (0x3c3e)", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2023-32395", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/HT213758" ], "module": "Perl", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Ventura 13.5 and later" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed with improved checks.", "id": "CVE-2023-32396", "impact": "An app may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT213936", "https://support.apple.com/en-us/HT213937", "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213939", "https://support.apple.com/en-us/HT213940" ], "module": "Dev Tools", "rsr": "", "update": "December 22, 2023" }, { "available": [ "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "macOS Ventura" ], "credit": "Arsenii Kostromin (0x3c3e)", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2023-32397", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/HT213758", "https://support.apple.com/en-us/HT213765" ], "module": "Shell", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Adam Doup\u00e9 of ASU SEFCOM", "description": "A use-after-free issue was addressed with improved memory management.", "id": "CVE-2023-32398", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213757", "https://support.apple.com/en-us/HT213758", "https://support.apple.com/en-us/HT213761", "https://support.apple.com/en-us/HT213764", "https://support.apple.com/en-us/HT213765" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Adam M.", "description": "The issue was addressed with improved handling of caches.", "id": "CVE-2023-32399", "impact": "An app may be able to read sensitive location information", "links": [ "https://support.apple.com/en-us/HT213757", "https://support.apple.com/en-us/HT213758", "https://support.apple.com/en-us/HT213761", "https://support.apple.com/en-us/HT213764" ], "module": "Core Location", "rsr": "", "update": "September 5, 2023" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed with improved checks.", "id": "CVE-2023-32400", "impact": "Entitlements and privacy permissions granted to this app may be used by a malicious app", "links": [ "https://support.apple.com/en-us/HT213757", "https://support.apple.com/en-us/HT213758", "https://support.apple.com/en-us/HT213761", "https://support.apple.com/en-us/HT213764" ], "module": "Accessibility", "rsr": "", "update": "" }, { "available": [ "macOS Ventura" ], "credit": "Holger Fuhrmannek of Deutsche Telekom Security GmbH on behalf of BSI (German Federal Office for Information Security)", "description": "A buffer overflow was addressed with improved bounds checking.", "id": "CVE-2023-32401", "impact": "Parsing an office document may lead to an unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213758" ], "module": "Quick Look", "rsr": "", "update": "December 21, 2023" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur and macOS Monterey", "macOS Ventura" ], "bugzilla": "255075", "credit": "Ignacio Sanmillan (@ulexec)", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2023-32402", "impact": "Processing web content may disclose sensitive information", "links": [ "https://support.apple.com/en-us/HT213757", "https://support.apple.com/en-us/HT213758", "https://support.apple.com/en-us/HT213761", "https://support.apple.com/en-us/HT213762", "https://support.apple.com/en-us/HT213764" ], "module": "WebKit", "rsr": "", "update": "December 21, 2023" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Adam M.", "description": "This issue was addressed with improved redaction of sensitive information.", "id": "CVE-2023-32403", "impact": "An app may be able to read sensitive location information", "links": [ "https://support.apple.com/en-us/HT213757", "https://support.apple.com/en-us/HT213758", "https://support.apple.com/en-us/HT213761", "https://support.apple.com/en-us/HT213764", "https://support.apple.com/en-us/HT213765" ], "module": "NetworkExtension", "rsr": "", "update": "September 5, 2023" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t), Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab (xlab.tencent.com), and an anonymous researcher", "description": "This issue was addressed with improved entitlements.", "id": "CVE-2023-32404", "impact": "An app may be able to bypass Privacy preferences", "links": [ "https://support.apple.com/en-us/HT213757", "https://support.apple.com/en-us/HT213758", "https://support.apple.com/en-us/HT213761", "https://support.apple.com/en-us/HT213764" ], "module": "Shortcuts", "rsr": "", "update": "" }, { "available": [ "macOS Ventura" ], "credit": "Thijs Alkemade (@xnyhps) from Computest Sector 7", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2023-32405", "impact": "An app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/HT213758" ], "module": "libxpc", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Gergely Kalman (@gergely_kalman)", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2023-32407", "impact": "An app may be able to bypass Privacy preferences", "links": [ "https://support.apple.com/en-us/HT213757", "https://support.apple.com/en-us/HT213758", "https://support.apple.com/en-us/HT213761", "https://support.apple.com/en-us/HT213764", "https://support.apple.com/en-us/HT213765" ], "module": "Metal", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Adam M.", "description": "The issue was addressed with improved handling of caches.", "id": "CVE-2023-32408", "impact": "An app may be able to read sensitive location information", "links": [ "https://support.apple.com/en-us/HT213757", "https://support.apple.com/en-us/HT213758", "https://support.apple.com/en-us/HT213761", "https://support.apple.com/en-us/HT213764", "https://support.apple.com/en-us/HT213765" ], "module": "TV App", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur and macOS Monterey", "macOS Ventura" ], "bugzilla": "255350", "credit": "Cl\u00e9ment Lecigne of Google's Threat Analysis Group and Donncha \u00d3 Cearbhaill of Amnesty International\u2019s Security Lab", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2023-32409", "impact": "A remote attacker may be able to break out of Web Content sandbox. Apple is aware of a report that this issue may have been actively exploited.", "links": [ "https://support.apple.com/en-us/HT213757", "https://support.apple.com/en-us/HT213758", "https://support.apple.com/en-us/HT213761", "https://support.apple.com/en-us/HT213762", "https://support.apple.com/en-us/HT213764", "https://support.apple.com/en-us/HT213842" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "macOS Ventura" ], "credit": "hou xuewei (@p1ay8y3ar) vmk msu", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2023-32410", "impact": "An app may be able to leak sensitive kernel state", "links": [ "https://support.apple.com/en-us/HT213758", "https://support.apple.com/en-us/HT213765" ], "module": "IOSurface", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed with improved entitlements.", "id": "CVE-2023-32411", "impact": "An app may be able to bypass Privacy preferences", "links": [ "https://support.apple.com/en-us/HT213757", "https://support.apple.com/en-us/HT213758", "https://support.apple.com/en-us/HT213761" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Ivan Fratric of Google Project Zero", "description": "A use-after-free issue was addressed with improved memory management.", "id": "CVE-2023-32412", "impact": "A remote attacker may be able to cause unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213757", "https://support.apple.com/en-us/HT213758", "https://support.apple.com/en-us/HT213761", "https://support.apple.com/en-us/HT213764", "https://support.apple.com/en-us/HT213765" ], "module": "Telephony", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Eloi Benoist-Vanderbeken (@elvanderb) from Synacktiv (@Synacktiv) working with Trend Micro Zero Day Initiative", "description": "A race condition was addressed with improved state handling.", "id": "CVE-2023-32413", "impact": "An app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/HT213757", "https://support.apple.com/en-us/HT213758", "https://support.apple.com/en-us/HT213761", "https://support.apple.com/en-us/HT213764", "https://support.apple.com/en-us/HT213765" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-32414", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/HT213758" ], "module": "DesktopServices", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Wojciech Regula of SecuRing (wojciechregula.blog) and Adam M.", "description": "This issue was addressed with improved redaction of sensitive information.", "id": "CVE-2023-32415", "impact": "An app may be able to read sensitive location information", "links": [ "https://support.apple.com/en-us/HT213757", "https://support.apple.com/en-us/HT213758", "https://support.apple.com/en-us/HT213761" ], "module": "Weather", "rsr": "", "update": "July 16, 2024" }, { "available": [ "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Ventura" ], "credit": "Wojciech Regula of SecuRing (wojciechregula.blog)", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2023-32416", "impact": "An app may be able to read sensitive location information", "links": [ "https://support.apple.com/en-us/HT213841", "https://support.apple.com/en-us/HT213842", "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213844", "https://support.apple.com/en-us/HT213848" ], "module": "Find My", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 4 and later", "macOS Ventura" ], "credit": "Zitong Wu (\u5434\u6893\u6850) from Zhuhai No.1 High School (\u73e0\u6d77\u5e02\u7b2c\u4e00\u4e2d\u5b66)", "description": "This issue was addressed by restricting options offered on a locked device.", "id": "CVE-2023-32417", "impact": "An attacker with physical access to a locked Apple Watch may be able to view user photos or contacts via accessibility features", "links": [ "https://support.apple.com/en-us/HT213758", "https://support.apple.com/en-us/HT213764" ], "module": "Face Gallery", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "Bool of YunShangHuaAn(\u4e91\u4e0a\u534e\u5b89)", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-32418", "impact": "Processing a file may lead to unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213844", "https://support.apple.com/en-us/HT213845" ], "module": "Grapher", "rsr": "", "update": "" }, { "available": [ "iPhone 8 and iPhone X" ], "credit": "Amat Cama of Vigilant Labs", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2023-32419", "impact": "A remote attacker may be able to cause arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213757" ], "module": "Cellular", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "CertiK SkyFall Team and Linus Henze of Pinauten GmbH (pinauten.de)", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2023-32420", "impact": "An app may be able to cause unexpected system termination or read kernel memory", "links": [ "https://support.apple.com/en-us/HT213757", "https://support.apple.com/en-us/HT213758", "https://support.apple.com/en-us/HT213761", "https://support.apple.com/en-us/HT213764" ], "module": "IOSurfaceAccelerator", "rsr": "", "update": "September 5, 2023" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)" ], "credit": "Meng Zhang (\u9cb8\u843d) of NorthSea, Ron Masas of BreakPoint Security Research, Brian McNulty, and Kishan Bagaria of Texts.com", "description": "A privacy issue was addressed with improved handling of temporary files.", "id": "CVE-2023-32421", "impact": "An app may be able to observe unprotected user data", "links": [ "https://support.apple.com/en-us/HT213940" ], "module": "Messages", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "Gergely Kalman (@gergely_kalman), and Wojciech Regula of SecuRing (wojciechregula.blog)", "description": "This issue was addressed by adding additional SQLite logging restrictions.", "id": "CVE-2023-32422", "impact": "An app may be able to bypass Privacy preferences", "links": [ "https://support.apple.com/en-us/HT213757", "https://support.apple.com/en-us/HT213758", "https://support.apple.com/en-us/HT213761", "https://support.apple.com/en-us/HT213764", "https://support.apple.com/en-us/HT213844", "https://support.apple.com/en-us/HT213845" ], "module": "SQLite", "rsr": "", "update": "September 8, 2023" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur and macOS Monterey", "macOS Ventura" ], "bugzilla": "254781", "credit": "Ignacio Sanmillan (@ulexec)", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2023-32423", "impact": "Processing web content may disclose sensitive information", "links": [ "https://support.apple.com/en-us/HT213757", "https://support.apple.com/en-us/HT213758", "https://support.apple.com/en-us/HT213761", "https://support.apple.com/en-us/HT213762", "https://support.apple.com/en-us/HT213764" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later" ], "credit": "Zechao Cai (@Zech4o) from Zhejiang University", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-32424", "impact": "An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations", "links": [ "https://support.apple.com/en-us/HT213676", "https://support.apple.com/en-us/HT213678" ], "module": "Kernel", "rsr": "", "update": "October 31, 2023" }, { "available": [ "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (3rd generation) and later, iPad Air (3rd generation) and later, and iPad mini (5th generation)" ], "credit": "Mohamed GHANNAM (@_simo36)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-32425", "impact": "An app may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT213757", "https://support.apple.com/en-us/HT213764", "https://support.apple.com/en-us/HT213765" ], "module": "Apple Neural Engine", "rsr": "", "update": "September 5, 2023" }, { "available": [ "macOS Ventura" ], "credit": "Junoh Lee at Theori", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2023-32426", "impact": "An app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/HT213670" ], "module": "Crash Reporter", "rsr": "", "update": "September 5, 2023" }, { "available": [ "Android version 5.0 and later" ], "credit": "David Coomber of Info-Sec.CA", "description": "This issue was addressed by using HTTPS when sending information over the network.", "id": "CVE-2023-32427", "impact": "An attacker in a privileged network position may be able to intercept network traffic", "links": [ "https://support.apple.com/en-us/HT213833" ], "module": "Apple Music on Android", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Gergely Kalman (@gergely_kalman)", "description": "This issue was addressed with improved file handling.", "id": "CVE-2023-32428", "impact": "An app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/HT213757", "https://support.apple.com/en-us/HT213758", "https://support.apple.com/en-us/HT213761", "https://support.apple.com/en-us/HT213764" ], "module": "MallocStackLogging", "rsr": "", "update": "September 5, 2023" }, { "available": [ "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "Wenchao Li and Xiaolong Bai of Hangzhou Orange Shield Information Technology Co., Ltd.", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-32429", "impact": "An app may be able to bypass Privacy preferences", "links": [ "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213844", "https://support.apple.com/en-us/HT213845" ], "module": "SystemMigration", "rsr": "", "update": "" }, { "available": [ "Windows 10 and later" ], "bugzilla": "241430", "credit": "James Tsz Ko Yeung (@5cript1diot)", "description": "A dynamic library loading issue was addressed with improved path searching.", "id": "CVE-2023-32430", "impact": "An app may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT213763" ], "module": "WebKit", "rsr": "", "update": "October 31, 2023" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Kirin (@Pwnrin)", "description": "A privacy issue was addressed with improved handling of temporary files.", "id": "CVE-2023-32432", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/HT213757", "https://support.apple.com/en-us/HT213758", "https://support.apple.com/en-us/HT213761", "https://support.apple.com/en-us/HT213764" ], "module": "Share Sheet", "rsr": "", "update": "September 5, 2023" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "Zweig of Kunlun Lab", "description": "A use-after-free issue was addressed with improved memory management.", "id": "CVE-2023-32433", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213841", "https://support.apple.com/en-us/HT213842", "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213844", "https://support.apple.com/en-us/HT213845", "https://support.apple.com/en-us/HT213846", "https://support.apple.com/en-us/HT213848" ], "module": "Kernel", "rsr": "", "update": "October 31, 2023" }, { "available": [ "Apple Watch Series 3, Series 4, Series 5, Series 6, Series 7, and SE", "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later", "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "Georgy Kucherin (@kucher1n), Leonid Bezvershenko (@bzvr_), Boris Larin (@oct0xor), and Valentin Pashkov of Kaspersky", "description": "An integer overflow was addressed with improved input validation.", "id": "CVE-2023-32434", "impact": "An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.", "links": [ "https://support.apple.com/en-us/HT213808", "https://support.apple.com/en-us/HT213809", "https://support.apple.com/en-us/HT213810", "https://support.apple.com/en-us/HT213811", "https://support.apple.com/en-us/HT213812", "https://support.apple.com/en-us/HT213813", "https://support.apple.com/en-us/HT213814", "https://support.apple.com/en-us/HT213990" ], "module": "Kernel", "rsr": "", "update": "October 25, 2023" }, { "available": [ "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur and macOS Monterey", "macOS Ventura" ], "bugzilla": "251890", "credit": "Georgy Kucherin (@kucher1n), Leonid Bezvershenko (@bzvr_), Boris Larin (@oct0xor), and Valentin Pashkov of Kaspersky", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2023-32435", "impact": "Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213671", "https://support.apple.com/en-us/HT213676", "https://support.apple.com/en-us/HT213811" ], "module": "WebKit", "rsr": "", "update": "August 1, 2023" }, { "available": [ "macOS Ventura" ], "credit": "ABC Research s.r.o.", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2023-32436", "impact": "An app may be able to cause unexpected system termination or write kernel memory", "links": [ "https://support.apple.com/en-us/HT213670" ], "module": "AMD", "rsr": "", "update": "October 31, 2023" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Thijs Alkemade from Computest Sector 7", "description": "The issue was addressed with improvements to the file handling protocol.", "id": "CVE-2023-32437", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/HT213757", "https://support.apple.com/en-us/HT213758", "https://support.apple.com/en-us/HT213761", "https://support.apple.com/en-us/HT213764", "https://support.apple.com/en-us/HT213841" ], "module": "NSURLSession", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Csaba Fitzl (@theevilbit) of Offensive Security and Mickey Jin (@patch1t)", "description": "This issue was addressed with improved checks to prevent unauthorized actions.", "id": "CVE-2023-32438", "impact": "An app may be able to bypass Privacy preferences", "links": [ "https://support.apple.com/en-us/HT213599", "https://support.apple.com/en-us/HT213601", "https://support.apple.com/en-us/HT213605", "https://support.apple.com/en-us/HT213606" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "September 5, 2023" }, { "available": [ "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later", "macOS Monterey", "macOS Ventura" ], "bugzilla": "256567", "credit": "an anonymous researcher", "description": "A type confusion issue was addressed with improved checks.", "id": "CVE-2023-32439", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.", "links": [ "https://support.apple.com/en-us/HT213811", "https://support.apple.com/en-us/HT213813", "https://support.apple.com/en-us/HT213814", "https://support.apple.com/en-us/HT213816" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "Peter Nguy\u1ec5n V\u0169 Ho\u00e0ng (@peternguyen14) of STAR Labs SG Pte. Ltd.", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-32441", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213841", "https://support.apple.com/en-us/HT213842", "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213844", "https://support.apple.com/en-us/HT213845", "https://support.apple.com/en-us/HT213846", "https://support.apple.com/en-us/HT213848" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "An access issue was addressed with improved access restrictions.", "id": "CVE-2023-32442", "impact": "A shortcut may be able to modify sensitive Shortcuts app settings", "links": [ "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213844" ], "module": "Shortcuts", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "David Hoyt of Hoyt LLC", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2023-32443", "impact": "Processing a file may lead to a denial-of-service or potentially disclose memory contents", "links": [ "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213844", "https://support.apple.com/en-us/HT213845" ], "module": "sips", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "A logic issue was addressed with improved validation.", "id": "CVE-2023-32444", "impact": "A sandboxed process may be able to circumvent sandbox restrictions", "links": [ "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213844", "https://support.apple.com/en-us/HT213845" ], "module": "NSSpellChecker", "rsr": "", "update": "July 27, 2023" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur and macOS Monterey", "macOS Ventura" ], "bugzilla": "257299", "credit": "Johan Carlsson (joaxcar)", "description": "This issue was addressed with improved checks.", "id": "CVE-2023-32445", "impact": "Processing a document may lead to a cross site scripting attack", "links": [ "https://support.apple.com/en-us/HT213841", "https://support.apple.com/en-us/HT213842", "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213846", "https://support.apple.com/en-us/HT213847", "https://support.apple.com/en-us/HT213848" ], "module": "WebKit", "rsr": "", "update": "July 27, 2023" }, { "available": [ "macOS Ventura" ], "credit": "Matthew Loewen", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2023-32654", "impact": "A user may be able to read information belonging to another user", "links": [ "https://support.apple.com/en-us/HT213843" ], "module": "Time Zone", "rsr": "", "update": "July 27, 2023" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte. Ltd.", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-32734", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213841", "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213846", "https://support.apple.com/en-us/HT213848" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "Sei K.", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2023-34241", "impact": "A user in a privileged network position may be able to leak sensitive information", "links": [ "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213844", "https://support.apple.com/en-us/HT213845" ], "module": "CUPS", "rsr": "", "update": "July 27, 2023" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Sergii Kryvoblotskyi of MacPaw Inc.", "description": "A permissions issue was addressed with improved redaction of sensitive information.", "id": "CVE-2023-34352", "impact": "An attacker may be able to leak user account emails", "links": [ "https://support.apple.com/en-us/HT213757", "https://support.apple.com/en-us/HT213758", "https://support.apple.com/en-us/HT213761", "https://support.apple.com/en-us/HT213764" ], "module": "Accounts", "rsr": "", "update": "September 5, 2023" }, { "available": [ "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (3rd generation) and later, iPad Air (3rd generation) and later, and iPad mini (5th generation)", "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "pattern-f (@pattern_F_) of Ant Security Light-Year Lab", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-34425", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213841", "https://support.apple.com/en-us/HT213842", "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213844", "https://support.apple.com/en-us/HT213845", "https://support.apple.com/en-us/HT213848" ], "module": "Apple Neural Engine", "rsr": "", "update": "October 31, 2023" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey and macOS Ventura" ], "bugzilla": "239758", "credit": "Dong Jun Kim (@smlijun) and Jong Seong Kim (@nevul37) of AbyssLab, and zhunki", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-35074", "impact": "Processing web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213936", "https://support.apple.com/en-us/HT213937", "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940", "https://support.apple.com/en-us/HT213941" ], "module": "WebKit", "rsr": "", "update": "April 7, 2025" }, { "available": [ "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed with improved data protection.", "id": "CVE-2023-35983", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213844", "https://support.apple.com/en-us/HT213845" ], "module": "Assets", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "zer0k", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-35984", "impact": "An attacker in physical proximity can cause a limited out of bounds write", "links": [ "https://support.apple.com/en-us/HT213936", "https://support.apple.com/en-us/HT213937", "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 4 and later", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Adriatik Raci of Sentry Cybersecurity", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-35990", "impact": "An app may be able to identify what other apps a user has installed", "links": [ "https://support.apple.com/en-us/HT213927", "https://support.apple.com/en-us/HT213937", "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "Kaitao Xie and Xiaolong Bai of Alibaba Group", "description": "A use-after-free issue was addressed with improved memory management.", "id": "CVE-2023-35993", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213841", "https://support.apple.com/en-us/HT213842", "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213844", "https://support.apple.com/en-us/HT213845", "https://support.apple.com/en-us/HT213846", "https://support.apple.com/en-us/HT213848" ], "module": "Kernel", "rsr": "", "update": "October 31, 2023" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "", "description": "This issue was addressed by removing the vulnerable code.", "id": "CVE-2023-3618", "impact": "Processing an image may lead to a denial-of-service", "links": [ "https://support.apple.com/en-us/HT214036", "https://support.apple.com/en-us/HT214037", "https://support.apple.com/en-us/HT214038" ], "module": "Model I/O", "rsr": "", "update": "March 22, 2024" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "", "description": "This issue was addressed with improved checks.", "id": "CVE-2023-36191", "impact": "A remote user may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/HT213983", "https://support.apple.com/en-us/HT213984", "https://support.apple.com/en-us/HT213985" ], "module": "SQLite", "rsr": "", "update": "February 16, 2024" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Ventura" ], "credit": "\u9999\u519c\u7684\u4e09\u8e66\u5b50 of Pangu Lab", "description": "An integer overflow was addressed with improved input validation.", "id": "CVE-2023-36495", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213841", "https://support.apple.com/en-us/HT213842", "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213844", "https://support.apple.com/en-us/HT213846", "https://support.apple.com/en-us/HT213848" ], "module": "Kernel", "rsr": "", "update": "July 27, 2023" }, { "available": [ "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "Bool of YunShangHuaAn(\u4e91\u4e0a\u534e\u5b89)", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-36854", "impact": "Processing a file may lead to unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213844", "https://support.apple.com/en-us/HT213845" ], "module": "Grapher", "rsr": "", "update": "" }, { "available": [ "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions.", "id": "CVE-2023-36862", "impact": "An app may be able to determine a user\u2019s current location", "links": [ "https://support.apple.com/en-us/HT213843" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "Arsenii Kostromin (0x3c3e)", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2023-37285", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213842", "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213844", "https://support.apple.com/en-us/HT213845" ], "module": "Kernel", "rsr": "", "update": "July 27, 2023" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)" ], "credit": "Serkan Erayabakan, David Kotval, Akincibor, Sina Ahmadi of George Mason University, and Billy Tabrizi", "description": "A lock screen issue was addressed with improved state management.", "id": "CVE-2023-37448", "impact": "A user may be able to view restricted content from the lock screen", "links": [ "https://support.apple.com/en-us/HT213940" ], "module": "Power Management", "rsr": "", "update": "December 22, 2023" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur and macOS Monterey", "macOS Ventura" ], "bugzilla": "259231", "credit": "an anonymous researcher", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-37450", "impact": "Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.", "links": [ "https://support.apple.com/en-us/HT213826", "https://support.apple.com/en-us/HT213841", "https://support.apple.com/en-us/HT213842", "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213846", "https://support.apple.com/en-us/HT213848" ], "module": "WebKit", "rsr": "This issue was first addressed in Rapid Security Response iOS 16.5.1 (c) and iPadOS 16.5.1 (c).", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "", "description": "Multiple issues were addressed by updating to curl version 8.4.0.", "id": "CVE-2023-38039", "impact": "Multiple issues in curl", "links": [ "https://support.apple.com/en-us/HT214036" ], "module": "curl", "rsr": "", "update": "January 22, 2024, updated February 13, 2024" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur and macOS Monterey", "macOS Ventura" ], "bugzilla": "256932", "credit": "YeongHyeon Choi (@hyeon101010)", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-38133", "impact": "Processing web content may disclose sensitive information", "links": [ "https://support.apple.com/en-us/HT213841", "https://support.apple.com/en-us/HT213842", "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213846", "https://support.apple.com/en-us/HT213847", "https://support.apple.com/en-us/HT213848" ], "module": "WebKit Web Inspector", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (3rd generation) and later, iPad Air (3rd generation) and later, and iPad mini (5th generation)" ], "credit": "Mohamed GHANNAM (@_simo36)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-38136", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213841", "https://support.apple.com/en-us/HT213848" ], "module": "Apple Neural Engine", "rsr": "", "update": "October 31, 2023" }, { "available": [ "macOS Monterey", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-38258", "impact": "Processing a 3D model may result in disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213844" ], "module": "Model I/O", "rsr": "", "update": "July 27, 2023" }, { "available": [ "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2023-38259", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213844", "https://support.apple.com/en-us/HT213845" ], "module": "PackageKit", "rsr": "", "update": "" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-38261", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213841", "https://support.apple.com/en-us/HT213843" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma", "macOS Ventura" ], "credit": "", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-38403", "impact": "A remote user may be able to cause unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213984", "https://support.apple.com/en-us/HT213985" ], "module": "iperf3", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)" ], "credit": "baba yaga, an anonymous researcher", "description": "This issue was addressed by updating OpenSSH to 9.3p2", "id": "CVE-2023-38408", "impact": "A vulnerability was discovered in OpenSSHs remote forwarding", "links": [ "https://support.apple.com/en-us/HT213940" ], "module": "OpenSSH", "rsr": "", "update": "December 22, 2023" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-38410", "impact": "A user may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/HT213841", "https://support.apple.com/en-us/HT213843" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t), and Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-38421", "impact": "Processing a 3D model may result in disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213844" ], "module": "Model I/O", "rsr": "", "update": "July 27, 2023" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Certik Skyfall Team", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-38424", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213841", "https://support.apple.com/en-us/HT213843" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Certik Skyfall Team", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-38425", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213841", "https://support.apple.com/en-us/HT213843" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "", "description": "Multiple issues were addressed by updating to curl version 8.4.0.", "id": "CVE-2023-38545", "impact": "Multiple issues in curl", "links": [ "https://support.apple.com/en-us/HT214036" ], "module": "curl", "rsr": "", "update": "January 22, 2024, updated February 13, 2024" }, { "available": [ "macOS Sonoma" ], "credit": "", "description": "Multiple issues were addressed by updating to curl version 8.4.0.", "id": "CVE-2023-38546", "impact": "Multiple issues in curl", "links": [ "https://support.apple.com/en-us/HT214036" ], "module": "curl", "rsr": "", "update": "January 22, 2024, updated February 13, 2024" }, { "available": [ "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-38564", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/HT213843" ], "module": "PackageKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab (xlab.tencent.com)", "description": "A path handling issue was addressed with improved validation.", "id": "CVE-2023-38565", "impact": "An app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/HT213841", "https://support.apple.com/en-us/HT213842", "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213844", "https://support.apple.com/en-us/HT213845", "https://support.apple.com/en-us/HT213846", "https://support.apple.com/en-us/HT213848" ], "module": "libxpc", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "Gergely Kalman (@gergely_kalman)", "description": "This issue was addressed with improved validation of symlinks.", "id": "CVE-2023-38571", "impact": "An app may be able to bypass Privacy preferences", "links": [ "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213844", "https://support.apple.com/en-us/HT213845" ], "module": "Music", "rsr": "", "update": "July 27, 2023" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur and macOS Monterey", "macOS Ventura" ], "bugzilla": "256549", "credit": "Narendra Bhati (twitter.com/imnarendrabhati) of Suma Soft Pvt. Ltd, Pune - India", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-38572", "impact": "A website may be able to bypass Same Origin Policy", "links": [ "https://support.apple.com/en-us/HT213841", "https://support.apple.com/en-us/HT213842", "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213846", "https://support.apple.com/en-us/HT213847", "https://support.apple.com/en-us/HT213848" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (3rd generation) and later, iPad Air (3rd generation) and later, and iPad mini (5th generation)", "macOS Ventura" ], "credit": "Mohamed GHANNAM (@_simo36)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-38580", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213841", "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213848" ], "module": "Apple Neural Engine", "rsr": "", "update": "October 31, 2023" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)" ], "credit": "Yi\u011fit Can YILMAZ (@yilmazcanyigit)", "description": "An access issue was addressed with additional sandbox restrictions.", "id": "CVE-2023-38586", "impact": "A sandboxed process may be able to circumvent sandbox restrictions", "links": [ "https://support.apple.com/en-us/HT213940" ], "module": "Image Capture", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "Zweig of Kunlun Lab", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2023-38590", "impact": "A remote user may be able to cause unexpected system termination or corrupt kernel memory", "links": [ "https://support.apple.com/en-us/HT213841", "https://support.apple.com/en-us/HT213842", "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213844", "https://support.apple.com/en-us/HT213845", "https://support.apple.com/en-us/HT213846", "https://support.apple.com/en-us/HT213848" ], "module": "Kernel", "rsr": "", "update": "July 27, 2023" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur and macOS Monterey", "macOS Ventura" ], "bugzilla": "257331", "credit": "Narendra Bhati (twitter.com/imnarendrabhati) of Suma Soft Pvt. Ltd, Pune - India, Valentino Dalla Valle, Pedro Bernardo, Marco Squarcina, and Lorenzo Veronese of TU Wien", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2023-38592", "impact": "Processing web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213841", "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213846", "https://support.apple.com/en-us/HT213847", "https://support.apple.com/en-us/HT213848" ], "module": "WebKit", "rsr": "", "update": "July 27, 2023" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "Noah Roskin-Frazee", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2023-38593", "impact": "An app may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/HT213841", "https://support.apple.com/en-us/HT213842", "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213844", "https://support.apple.com/en-us/HT213845", "https://support.apple.com/en-us/HT213846", "https://support.apple.com/en-us/HT213848" ], "module": "libxpc", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur and macOS Monterey", "macOS Ventura" ], "bugzilla": "256865", "credit": "Yuhao Hu", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-38594", "impact": "Processing web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213841", "https://support.apple.com/en-us/HT213842", "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213846", "https://support.apple.com/en-us/HT213847", "https://support.apple.com/en-us/HT213848" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur and macOS Monterey", "macOS Ventura" ], "bugzilla": "256573", "credit": "an anonymous researcher, Jiming Wang, and Jikai Ren", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-38595", "impact": "Processing web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213841", "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213846", "https://support.apple.com/en-us/HT213847", "https://support.apple.com/en-us/HT213848" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Will Brattain at Trail of Bits", "description": "The issue was addressed with improved handling of protocols.", "id": "CVE-2023-38596", "impact": "An app may fail to enforce App Transport Security", "links": [ "https://support.apple.com/en-us/HT213936", "https://support.apple.com/en-us/HT213937", "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940" ], "module": "CFNetwork", "rsr": "", "update": "" }, { "available": [ "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur and macOS Monterey", "macOS Ventura" ], "bugzilla": "258100", "credit": "\uc774\uc900\uc131(Junsung Lee) of Cross Republic", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-38597", "impact": "Processing web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213841", "https://support.apple.com/en-us/HT213842", "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213847" ], "module": "WebKit Process Model", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "Mohamed GHANNAM (@_simo36)", "description": "A use-after-free issue was addressed with improved memory management.", "id": "CVE-2023-38598", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213841", "https://support.apple.com/en-us/HT213842", "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213844", "https://support.apple.com/en-us/HT213845", "https://support.apple.com/en-us/HT213846", "https://support.apple.com/en-us/HT213848" ], "module": "Kernel", "rsr": "", "update": "July 27, 2023" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur and macOS Monterey", "macOS Ventura" ], "bugzilla": "257822", "credit": "Hritvik Taneja, Jason Kim, Jie Jeff Xu, Stephan van Schaik, Daniel Genkin, and Yuval Yarom", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2023-38599", "impact": "A website may be able to track sensitive user information", "links": [ "https://support.apple.com/en-us/HT213841", "https://support.apple.com/en-us/HT213842", "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213846", "https://support.apple.com/en-us/HT213847", "https://support.apple.com/en-us/HT213848" ], "module": "WebKit", "rsr": "", "update": "July 27, 2023" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur and macOS Monterey", "macOS Ventura" ], "bugzilla": "257387", "credit": "Anonymous working with Trend Micro Zero Day Initiative", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-38600", "impact": "Processing web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213841", "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213846", "https://support.apple.com/en-us/HT213847", "https://support.apple.com/en-us/HT213848" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "Csaba Fitzl (@theevilbit) of Offensive Security", "description": "This issue was addressed by removing the vulnerable code.", "id": "CVE-2023-38601", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213844", "https://support.apple.com/en-us/HT213845" ], "module": "Net-SNMP", "rsr": "", "update": "July 27, 2023" }, { "available": [ "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "Arsenii Kostromin (0x3c3e)", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2023-38602", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213844", "https://support.apple.com/en-us/HT213845" ], "module": "PackageKit", "rsr": "", "update": "" }, { "available": [ "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "Zweig of Kunlun Lab", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-38603", "impact": "A remote user may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/HT213841", "https://support.apple.com/en-us/HT213842", "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213844", "https://support.apple.com/en-us/HT213845" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "An out-of-bounds write issue was addressed with improved input validation.", "id": "CVE-2023-38604", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213841", "https://support.apple.com/en-us/HT213842", "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213844", "https://support.apple.com/en-us/HT213845", "https://support.apple.com/en-us/HT213846", "https://support.apple.com/en-us/HT213848" ], "module": "Kernel", "rsr": "", "update": "July 27, 2023" }, { "available": [ "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Ventura" ], "credit": "Adam M.", "description": "This issue was addressed with improved redaction of sensitive information.", "id": "CVE-2023-38605", "impact": "An app may be able to determine a user\u2019s current location", "links": [ "https://support.apple.com/en-us/HT213841", "https://support.apple.com/en-us/HT213842", "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213844" ], "module": "Weather", "rsr": "", "update": "October 31, 2023" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "Valentin Pashkov, Mikhail Vinogradov, Georgy Kucherin (@kucher1n), Leonid Bezvershenko (@bzvr_), and Boris Larin (@oct0xor) of Kaspersky", "description": "This issue was addressed with improved state management.", "id": "CVE-2023-38606", "impact": "An app may be able to modify sensitive kernel state. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.1.", "links": [ "https://support.apple.com/en-us/HT213841", "https://support.apple.com/en-us/HT213842", "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213844", "https://support.apple.com/en-us/HT213845", "https://support.apple.com/en-us/HT213846", "https://support.apple.com/en-us/HT213848" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)" ], "credit": "Yi\u011fit Can YILMAZ (@yilmazcanyigit)", "description": "The issue was addressed with improved handling of caches.", "id": "CVE-2023-38607", "impact": "An app may be able to modify Printer settings", "links": [ "https://support.apple.com/en-us/HT213940" ], "module": "Printing", "rsr": "", "update": "December 22, 2023" }, { "available": [ "macOS Ventura" ], "credit": "Yi\u011fit Can YILMAZ (@yilmazcanyigit), Noah Roskin-Frazee and Prof. J. (ZeroClicks.ai Lab), Kirin (@Pwnrin), and Yishu Wang", "description": "The issue was addressed with additional permissions checks.", "id": "CVE-2023-38608", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/HT213843" ], "module": "Voice Memos", "rsr": "", "update": "December 21, 2023" }, { "available": [ "macOS Ventura" ], "credit": "Michael Cowell", "description": "An injection issue was addressed with improved input validation.", "id": "CVE-2023-38609", "impact": "An app may be able to bypass certain Privacy preferences", "links": [ "https://support.apple.com/en-us/HT213843" ], "module": "PackageKit", "rsr": "", "update": "July 27, 2023" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Wang Yu of Cyberserval", "description": "A memory corruption issue was addressed by removing the vulnerable code.", "id": "CVE-2023-38610", "impact": "An app may be able to cause unexpected system termination or write kernel memory", "links": [ "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940" ], "module": "Wi-Fi", "rsr": "", "update": "December 22, 2023" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur and macOS Monterey", "macOS Ventura" ], "bugzilla": "258058", "credit": "Francisco Alonso (@revskills)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-38611", "impact": "Processing web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213841", "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213846", "https://support.apple.com/en-us/HT213847", "https://support.apple.com/en-us/HT213848" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Ventura" ], "credit": "Chris Ross (Zoom)", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-38612", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/HT213927", "https://support.apple.com/en-us/HT213931", "https://support.apple.com/en-us/HT213932", "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940" ], "module": "Ask to Buy", "rsr": "", "update": "December 22, 2023" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Brian McNulty, Csaba Fitzl (@theevilbit) of Offensive Security", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2023-38614", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940" ], "module": "TCC", "rsr": "", "update": "April 7, 2025" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)" ], "credit": "ABC Research s.r.o.", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-38615", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213940" ], "module": "AMD", "rsr": "", "update": "" }, { "available": [ "macOS Ventura" ], "credit": "ABC Research s.r.o.", "description": "A race condition was addressed with improved state handling.", "id": "CVE-2023-38616", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213843" ], "module": "AMD", "rsr": "", "update": "September 6, 2023" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)" ], "credit": "Luan Herrera (@lbherrera_)", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-39233", "impact": "Processing web content may disclose sensitive information", "links": [ "https://support.apple.com/en-us/HT213940" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey and macOS Ventura" ], "bugzilla": "249451", "credit": "Francisco Alonso (@revskills), and Dohyun Lee (@l33d0hyun) of PK Security", "description": "A use-after-free issue was addressed with improved memory management.", "id": "CVE-2023-39434", "impact": "Processing web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213936", "https://support.apple.com/en-us/HT213937", "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940", "https://support.apple.com/en-us/HT213941" ], "module": "WebKit", "rsr": "", "update": "January 2, 2024, updated April 7, 2025" }, { "available": [ "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "A path handling issue was addressed with improved validation.", "id": "CVE-2023-40383", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/HT213670" ], "module": "libc", "rsr": "", "update": "October 31, 2023" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Adam M.", "description": "A permissions issue was addressed with improved redaction of sensitive information.", "id": "CVE-2023-40384", "impact": "An app may be able to read sensitive location information", "links": [ "https://support.apple.com/en-us/HT213936", "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940" ], "module": "Airport", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey and macOS Ventura" ], "bugzilla": "257303", "credit": "Anonymous", "description": "This issue was addressed by removing the vulnerable code.", "id": "CVE-2023-40385", "impact": "A remote attacker may be able to view leaked DNS queries with Private Relay turned on", "links": [ "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940", "https://support.apple.com/en-us/HT213941" ], "module": "WebKit", "rsr": "", "update": "January 2, 2024" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)" ], "credit": "Kirin (@Pwnrin)", "description": "A privacy issue was addressed with improved handling of temporary files.", "id": "CVE-2023-40386", "impact": "An app may be able to access Notes attachments", "links": [ "https://support.apple.com/en-us/HT213940" ], "module": "Notes", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)" ], "credit": "Kirin (@Pwnrin)", "description": "A privacy issue was addressed with improved handling of temporary files.", "id": "CVE-2023-40388", "impact": "Safari may save photos to an unprotected location", "links": [ "https://support.apple.com/en-us/HT213940" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "Csaba Fitzl (@theevilbit) of Offensive Security and Joshua Jewett (@JoshJewett33)", "description": "The issue was addressed with improved restriction of data container access.", "id": "CVE-2023-40389", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/HT214035", "https://support.apple.com/en-us/HT214036", "https://support.apple.com/en-us/HT214040", "https://support.apple.com/en-us/HT214041" ], "module": "Transparency", "rsr": "", "update": "July 16, 2024" }, { "available": [ "macOS Sonoma" ], "credit": "Csaba Fitzl (@theevilbit) of Offensive Security and Mickey Jin (@patch1t)", "description": "A privacy issue was addressed by moving sensitive data to a protected location.", "id": "CVE-2023-40390", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/HT214036" ], "module": "Share Sheet", "rsr": "", "update": "March 22, 2024" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Ventura 13.5 and later" ], "credit": "Antonio Zekic (@antoniozekic) of Dataflow Security", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-40391", "impact": "An app may be able to disclose kernel memory", "links": [ "https://support.apple.com/en-us/HT213936", "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213939", "https://support.apple.com/en-us/HT213940" ], "module": "GPU Drivers", "rsr": "", "update": "" }, { "available": [ "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "Wojciech Regula of SecuRing (wojciechregula.blog)", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2023-40392", "impact": "An app may be able to read sensitive location information", "links": [ "https://support.apple.com/en-us/HT213841", "https://support.apple.com/en-us/HT213842", "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213844", "https://support.apple.com/en-us/HT213845" ], "module": "CFNetwork", "rsr": "", "update": "October 31, 2023" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "an anonymous researcher, Berke K\u0131rba\u015f, and Harsh Jaiswal", "description": "An authentication issue was addressed with improved state management.", "id": "CVE-2023-40393", "impact": "Photos in the Hidden Photos Album may be viewed without authentication", "links": [ "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940" ], "module": "Photos", "rsr": "", "update": "December 22, 2023" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later" ], "credit": "Wojciech Regula of SecuRing (wojciechregula.blog)", "description": "The issue was addressed with improved validation of environment variables.", "id": "CVE-2023-40394", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/HT213841" ], "module": "Logging", "rsr": "", "update": "October 31, 2023" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey" ], "credit": "Csaba Fitzl (@theevilbit) of Offensive Security", "description": "The issue was addressed with improved handling of caches.", "id": "CVE-2023-40395", "impact": "An app may be able to access contacts", "links": [ "https://support.apple.com/en-us/HT213927", "https://support.apple.com/en-us/HT213932", "https://support.apple.com/en-us/HT213936", "https://support.apple.com/en-us/HT213937", "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940" ], "module": "Game Center", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Certik Skyfall Team", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-40396", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213936", "https://support.apple.com/en-us/HT213937", "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940" ], "module": "IOUserEthernet", "rsr": "", "update": "July 16, 2024" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "bugzilla": "257824", "credit": "Johan Carlsson (joaxcar)", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-40397", "impact": "A remote attacker may be able to cause arbitrary javascript code execution", "links": [ "https://support.apple.com/en-us/HT213841", "https://support.apple.com/en-us/HT213843" ], "module": "WebKit", "rsr": "", "update": "October 31, 2023" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed with improved checks.", "id": "CVE-2023-40398", "impact": "A sandboxed process may be able to circumvent sandbox restrictions", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213675", "https://support.apple.com/en-us/HT213676" ], "module": "CoreServices", "rsr": "", "update": "July 16, 2024" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 9 and Apple Watch Ultra 2", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone XS and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later" ], "credit": "Mohamed GHANNAM (@_simo36)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-40399", "impact": "An app may be able to disclose kernel memory", "links": [ "https://support.apple.com/en-us/HT213936", "https://support.apple.com/en-us/HT213937", "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940" ], "module": "Apple Neural Engine", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Sei K.", "description": "This issue was addressed with improved checks.", "id": "CVE-2023-40400", "impact": "A remote user may cause an unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213841", "https://support.apple.com/en-us/HT213936", "https://support.apple.com/en-us/HT213937", "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940" ], "module": "libpcap", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "an anonymous researcher and weize she", "description": "The issue was addressed with additional permissions checks.", "id": "CVE-2023-40401", "impact": "An attacker may be able to access passkeys without authentication", "links": [ "https://support.apple.com/en-us/HT213927", "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940", "https://support.apple.com/en-us/HT213985" ], "module": "Passkeys", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)" ], "credit": "Yi\u011fit Can YILMAZ (@yilmazcanyigit)", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2023-40402", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/HT213940" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Ventura" ], "credit": "Dohyun Lee (@l33d0hyun) of PK Security", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-40403", "impact": "Processing web content may disclose sensitive information", "links": [ "https://support.apple.com/en-us/HT213927", "https://support.apple.com/en-us/HT213931", "https://support.apple.com/en-us/HT213932", "https://support.apple.com/en-us/HT213936", "https://support.apple.com/en-us/HT213937", "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940" ], "module": "libxslt", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "Certik Skyfall Team", "description": "A use-after-free issue was addressed with improved memory management.", "id": "CVE-2023-40404", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213984" ], "module": "Networking", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "Csaba Fitzl (@theevilbit) of Offensive Security", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2023-40405", "impact": "An app may be able to read sensitive location information", "links": [ "https://support.apple.com/en-us/HT213984" ], "module": "Maps", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "macOS Monterey", "macOS Ventura" ], "credit": "JeongOhKyea of Theori", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-40406", "impact": "An app may be able to read arbitrary files", "links": [ "https://support.apple.com/en-us/HT213931", "https://support.apple.com/en-us/HT213932", "https://support.apple.com/en-us/HT213940" ], "module": "ColorSync", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)" ], "credit": "Sei K.", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2023-40407", "impact": "A remote attacker may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/HT213940" ], "module": "CUPS", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "Grzegorz Riegel", "description": "An inconsistent user interface issue was addressed with improved state management.", "id": "CVE-2023-40408", "impact": "Hide My Email may be deactivated unexpectedly", "links": [ "https://support.apple.com/en-us/HT213981", "https://support.apple.com/en-us/HT213982", "https://support.apple.com/en-us/HT213984", "https://support.apple.com/en-us/HT213988" ], "module": "Mail Drafts", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 9 and Apple Watch Ultra 2", "iPhone XS and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Ventura" ], "credit": "Ye Zhang (@VAR10CK) of Baidu Security", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-40409", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213931", "https://support.apple.com/en-us/HT213932", "https://support.apple.com/en-us/HT213936", "https://support.apple.com/en-us/HT213937", "https://support.apple.com/en-us/HT213938" ], "module": "Apple Neural Engine", "rsr": "", "update": "September 26, 2023" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 9 and Apple Watch Ultra 2", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone XS and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Ventura" ], "credit": "Tim Michaud (@TimGMichaud) of Moveworks.ai", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2023-40410", "impact": "An app may be able to disclose kernel memory", "links": [ "https://support.apple.com/en-us/HT213931", "https://support.apple.com/en-us/HT213932", "https://support.apple.com/en-us/HT213936", "https://support.apple.com/en-us/HT213937", "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940" ], "module": "Apple Neural Engine", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)" ], "credit": "Noah Roskin-Frazee and Prof. J. (ZeroClicks.ai Lab), and Csaba Fitzl (@theevilbit) of Offensive Security", "description": "This issue was addressed with improved data protection.", "id": "CVE-2023-40411", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/HT213940" ], "module": "FileProvider", "rsr": "", "update": "December 22, 2023" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 9 and Apple Watch Ultra 2", "iPhone XS and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Ventura" ], "credit": "Mohamed GHANNAM (@_simo36)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-40412", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213931", "https://support.apple.com/en-us/HT213932", "https://support.apple.com/en-us/HT213936", "https://support.apple.com/en-us/HT213937", "https://support.apple.com/en-us/HT213938" ], "module": "Apple Neural Engine", "rsr": "", "update": "September 26, 2023" }, { "available": [ "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Adam M.", "description": "The issue was addressed with improved handling of caches.", "id": "CVE-2023-40413", "impact": "An app may be able to read sensitive location information", "links": [ "https://support.apple.com/en-us/HT213981", "https://support.apple.com/en-us/HT213982", "https://support.apple.com/en-us/HT213983", "https://support.apple.com/en-us/HT213984", "https://support.apple.com/en-us/HT213985", "https://support.apple.com/en-us/HT213988" ], "module": "Find My", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey and macOS Ventura" ], "bugzilla": "258992", "credit": "Francisco Alonso (@revskills)", "description": "A use-after-free issue was addressed with improved memory management.", "id": "CVE-2023-40414", "impact": "Processing web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213936", "https://support.apple.com/en-us/HT213937", "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940", "https://support.apple.com/en-us/HT213941" ], "module": "WebKit", "rsr": "", "update": "January 2, 2024, updated April 7, 2025" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "JZ", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-40416", "impact": "Processing an image may result in disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT213981", "https://support.apple.com/en-us/HT213982", "https://support.apple.com/en-us/HT213983", "https://support.apple.com/en-us/HT213984", "https://support.apple.com/en-us/HT213985" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 4 and later", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey and macOS Ventura" ], "credit": "Narendra Bhati (twitter.com/imnarendrabhati) of Suma Soft Pvt. Ltd, Pune (India)", "description": "A window management issue was addressed with improved state management.", "id": "CVE-2023-40417", "impact": "Visiting a website that frames malicious content may lead to UI spoofing", "links": [ "https://support.apple.com/en-us/HT213937", "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940", "https://support.apple.com/en-us/HT213941" ], "module": "Safari", "rsr": "", "update": "January 2, 2024" }, { "available": [ "Apple Watch Ultra (all models)" ], "credit": "serkan Gurbuz", "description": "An authentication issue was addressed with improved state management.", "id": "CVE-2023-40418", "impact": "An Apple Watch Ultra may not lock when using the Depth app", "links": [ "https://support.apple.com/en-us/HT213937" ], "module": "Passcode", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Arsenii Kostromin (0x3c3e)", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-40419", "impact": "An app may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT213936", "https://support.apple.com/en-us/HT213937", "https://support.apple.com/en-us/HT213938" ], "module": "Simulator", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Ventura" ], "credit": "\uc774\uc900\uc131(Junsung Lee) of Cross Republic", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-40420", "impact": "Processing web content may lead to a denial-of-service", "links": [ "https://support.apple.com/en-us/HT213927", "https://support.apple.com/en-us/HT213931", "https://support.apple.com/en-us/HT213932", "https://support.apple.com/en-us/HT213936", "https://support.apple.com/en-us/HT213937", "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940" ], "module": "CoreAnimation", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Noah Roskin-Frazee and Prof. J. (ZeroClicks.ai Lab)", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2023-40421", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/HT213983", "https://support.apple.com/en-us/HT213984", "https://support.apple.com/en-us/HT213985" ], "module": "talagent", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Tomi Tokics (@tomitokics) of iTomsn0w", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-40422", "impact": "An app may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940" ], "module": "QuartzCore", "rsr": "", "update": "" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-40423", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213981", "https://support.apple.com/en-us/HT213982", "https://support.apple.com/en-us/HT213983", "https://support.apple.com/en-us/HT213984", "https://support.apple.com/en-us/HT213985" ], "module": "IOTextEncryptionFamily", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 4 and later", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Arsenii Kostromin (0x3c3e), Joshua Jewett (@JoshJewett33), and Csaba Fitzl (@theevilbit) of Offensive Security", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-40424", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/HT213937", "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940" ], "module": "TCC", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "macOS Monterey" ], "credit": "Csaba Fitzl (@theevilbit) of Offensive Security", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2023-40425", "impact": "An app with root privileges may be able to access private information", "links": [ "https://support.apple.com/en-us/HT213940", "https://support.apple.com/en-us/HT213983" ], "module": "Sandbox", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)" ], "credit": "Yi\u011fit Can YILMAZ (@yilmazcanyigit)", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2023-40426", "impact": "An app may be able to bypass certain Privacy preferences", "links": [ "https://support.apple.com/en-us/HT213940" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Ventura" ], "credit": "Adam M., and Wojciech Regula of SecuRing (wojciechregula.blog)", "description": "The issue was addressed with improved handling of caches.", "id": "CVE-2023-40427", "impact": "An app may be able to read sensitive location information", "links": [ "https://support.apple.com/en-us/HT213931", "https://support.apple.com/en-us/HT213932", "https://support.apple.com/en-us/HT213936", "https://support.apple.com/en-us/HT213937", "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940" ], "module": "Maps", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Abhay Kailasia (@abhay_kailasia) of Lakshmi Narain College Of Technology Bhopal", "description": "The issue was addressed with improved handling of caches.", "id": "CVE-2023-40428", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/HT213938" ], "module": "Siri", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Michael (Biscuit) Thomas and \u5f20\u5e08\u5085(@\u4eac\u4e1c\u84dd\u519b)", "description": "A permissions issue was addressed with improved validation.", "id": "CVE-2023-40429", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/HT213936", "https://support.apple.com/en-us/HT213937", "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)" ], "credit": "Yi\u011fit Can YILMAZ (@yilmazcanyigit)", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2023-40430", "impact": "An app may be able to access removable volumes without user consent", "links": [ "https://support.apple.com/en-us/HT213940" ], "module": "Sandbox", "rsr": "", "update": "December 22, 2023" }, { "available": [ "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Certik Skyfall Team", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-40431", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213938" ], "module": "GPU Drivers", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 9 and Apple Watch Ultra 2", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone XS and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later" ], "credit": "Mohamed GHANNAM (@_simo36)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-40432", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213936", "https://support.apple.com/en-us/HT213937", "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940" ], "module": "Apple Neural Engine", "rsr": "", "update": "December 22, 2023" }, { "available": [ "macOS Ventura" ], "credit": "Mikko Kentt\u00e4l\u00e4 (@Turmio_ ) of SensorFu", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2023-40433", "impact": "An app may bypass Gatekeeper checks", "links": [ "https://support.apple.com/en-us/HT213670" ], "module": "DesktopServices", "rsr": "", "update": "December 21, 2023" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Mikko Kentt\u00e4l\u00e4 (@Turmio_ ) of SensorFu", "description": "A configuration issue was addressed with additional restrictions.", "id": "CVE-2023-40434", "impact": "An app may be able to access a user's Photos Library", "links": [ "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940" ], "module": "iCloud Photo Library", "rsr": "", "update": "" }, { "available": [ "macOS Ventura 13.5 and later" ], "credit": "James Duffy (mangoSecure)", "description": "This issue was addressed by enabling hardened runtime.", "id": "CVE-2023-40435", "impact": "An app may be able to access App Store credentials", "links": [ "https://support.apple.com/en-us/HT213939" ], "module": "iTMSTransporter", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)" ], "credit": "Murray Mike", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2023-40436", "impact": "An attacker may be able to cause unexpected system termination or read kernel memory", "links": [ "https://support.apple.com/en-us/HT213940" ], "module": "IOAcceleratorFamily", "rsr": "", "update": "" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Kirin (@Pwnrin), and Wojciech Regula of SecuRing (wojciechregula.blog)", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2023-40437", "impact": "An app may be able to read sensitive location information", "links": [ "https://support.apple.com/en-us/HT213841", "https://support.apple.com/en-us/HT213843" ], "module": "Find My", "rsr": "", "update": "October 31, 2023" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later" ], "credit": "Wojciech Regula of SecuRing (wojciechregula.blog)", "description": "An issue was addressed with improved handling of temporary files.", "id": "CVE-2023-40438", "impact": "An app may be able to access edited photos saved to a temporary directory", "links": [ "https://support.apple.com/en-us/HT213927", "https://support.apple.com/en-us/HT213940" ], "module": "Core Image", "rsr": "", "update": "December 22, 2023" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Kirin (@Pwnrin)", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2023-40439", "impact": "An app may be able to read sensitive location information", "links": [ "https://support.apple.com/en-us/HT213841", "https://support.apple.com/en-us/HT213843" ], "module": "Accounts", "rsr": "", "update": "October 31, 2023" }, { "available": [ "macOS Monterey", "macOS Ventura" ], "credit": "Taavi Eom\u00e4e from Zone Media O\u00dc", "description": "This issue was addressed with improved state management of S/MIME encrypted emails.", "id": "CVE-2023-40440", "impact": "A S/MIME encrypted email may be inadvertently sent unencrypted", "links": [ "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213844" ], "module": "Mail", "rsr": "", "update": "December 21, 2023" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Ron Masas of Imperva", "description": "A resource exhaustion issue was addressed with improved input validation.", "id": "CVE-2023-40441", "impact": "Processing web content may lead to a denial-of-service", "links": [ "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940" ], "module": "GPU Drivers", "rsr": "", "update": "" }, { "available": [ "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur", "macOS Monterey" ], "credit": "Nick Brook", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2023-40442", "impact": "An app may be able to read sensitive location information", "links": [ "https://support.apple.com/en-us/HT213841", "https://support.apple.com/en-us/HT213842", "https://support.apple.com/en-us/HT213844", "https://support.apple.com/en-us/HT213845" ], "module": "Accessibility", "rsr": "", "update": "October 31, 2023" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)" ], "credit": "Gergely Kalman (@gergely_kalman)", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-40443", "impact": "An app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/HT213940" ], "module": "Spotlight", "rsr": "", "update": "December 22, 2023" }, { "available": [ "macOS Sonoma" ], "credit": "Noah Roskin-Frazee and Prof. J. (ZeroClicks.ai Lab)", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2023-40444", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/HT213984" ], "module": "AppSandbox", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Ting Ding, James Mancz, Omar Shibli, an anonymous researcher, Lorenzo Cavallaro, and Harry Lewandowski", "description": "The issue was addressed with improved UI handling.", "id": "CVE-2023-40445", "impact": "A device may persistently fail to lock", "links": [ "https://support.apple.com/en-us/HT213982" ], "module": "Status Bar", "rsr": "", "update": "" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "inooo", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-40446", "impact": "Processing maliciously crafted input may lead to arbitrary code execution in user-installed apps", "links": [ "https://support.apple.com/en-us/HT213981", "https://support.apple.com/en-us/HT213982", "https://support.apple.com/en-us/HT213983", "https://support.apple.com/en-us/HT213984", "https://support.apple.com/en-us/HT213985" ], "module": "libc", "rsr": "", "update": "November 3, 2023" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey and macOS Ventura", "macOS Sonoma" ], "bugzilla": "259836", "credit": "\uc774\uc900\uc131(Junsung Lee) of Cross Republic", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-40447", "impact": "Processing web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213981", "https://support.apple.com/en-us/HT213982", "https://support.apple.com/en-us/HT213984", "https://support.apple.com/en-us/HT213986", "https://support.apple.com/en-us/HT213987", "https://support.apple.com/en-us/HT213988" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "w0wbox", "description": "The issue was addressed with improved handling of protocols.", "id": "CVE-2023-40448", "impact": "A remote attacker may be able to break out of Web Content sandbox", "links": [ "https://support.apple.com/en-us/HT213927", "https://support.apple.com/en-us/HT213936", "https://support.apple.com/en-us/HT213937", "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940" ], "module": "App Store", "rsr": "", "update": "" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Tomi Tokics (@tomitokics) of iTomsn0w", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-40449", "impact": "An app may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/HT213981", "https://support.apple.com/en-us/HT213982", "https://support.apple.com/en-us/HT213983", "https://support.apple.com/en-us/HT213984", "https://support.apple.com/en-us/HT213985" ], "module": "CoreAnimation", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)" ], "credit": "Thijs Alkemade (@xnyhps) from Computest Sector 7", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-40450", "impact": "An app may bypass Gatekeeper checks", "links": [ "https://support.apple.com/en-us/HT213940" ], "module": "System Preferences", "rsr": "", "update": "" }, { "available": [ "macOS Monterey and macOS Ventura" ], "bugzilla": "251276", "credit": "an anonymous researcher", "description": "This issue was addressed with improved iframe sandbox enforcement.", "id": "CVE-2023-40451", "impact": "An attacker with JavaScript execution may be able to execute arbitrary code", "links": [ "https://support.apple.com/en-us/HT213941" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Ventura" ], "credit": "Yi\u011fit Can YILMAZ (@yilmazcanyigit)", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2023-40452", "impact": "An app may be able to overwrite arbitrary files", "links": [ "https://support.apple.com/en-us/HT213931", "https://support.apple.com/en-us/HT213932", "https://support.apple.com/en-us/HT213936", "https://support.apple.com/en-us/HT213937", "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940" ], "module": "Sandbox", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Ventura" ], "credit": "Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab (xlab.tencent.com)", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2023-40454", "impact": "An app may be able to delete files for which it does not have permission", "links": [ "https://support.apple.com/en-us/HT213927", "https://support.apple.com/en-us/HT213931", "https://support.apple.com/en-us/HT213932", "https://support.apple.com/en-us/HT213936", "https://support.apple.com/en-us/HT213937", "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940" ], "module": "libxpc", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)" ], "credit": "Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab (xlab.tencent.com)", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2023-40455", "impact": "A sandboxed process may be able to circumvent sandbox restrictions", "links": [ "https://support.apple.com/en-us/HT213940" ], "module": "NetFSFramework", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Kirin (@Pwnrin)", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-40456", "impact": "An app may be able to access edited photos saved to a temporary directory", "links": [ "https://support.apple.com/en-us/HT213936", "https://support.apple.com/en-us/HT213937", "https://support.apple.com/en-us/HT213938" ], "module": "Photos Storage", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Kirin (@Pwnrin)", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-40520", "impact": "An app may be able to access edited photos saved to a temporary directory", "links": [ "https://support.apple.com/en-us/HT213936", "https://support.apple.com/en-us/HT213937", "https://support.apple.com/en-us/HT213938" ], "module": "Photos Storage", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Kirin (@Pwnrin) of NorthSea", "description": "This issue was addressed by removing the vulnerable code.", "id": "CVE-2023-40528", "impact": "An app may be able to bypass Privacy preferences", "links": [ "https://support.apple.com/en-us/HT213936", "https://support.apple.com/en-us/HT213937", "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940" ], "module": "Core Data", "rsr": "", "update": "January 22, 2024" }, { "available": [ "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Abhay Kailasia (@abhay_kailasia) of Lakshmi Narain College Of Technology Bhopal", "description": "This issue was addressed with improved redaction of sensitive information.", "id": "CVE-2023-40529", "impact": "A person with physical access to a device may be able to use VoiceOver to access private calendar information", "links": [ "https://support.apple.com/en-us/HT213938" ], "module": "Accessibility", "rsr": "", "update": "December 22, 2023" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)" ], "credit": "Noah Roskin-Frazee (ZeroClicks.ai Lab) and James Duffy (mangoSecure)", "description": "This issue was addressed by adding an additional prompt for user consent.", "id": "CVE-2023-40541", "impact": "A shortcut may output sensitive user data without consent", "links": [ "https://support.apple.com/en-us/HT213940" ], "module": "Shortcuts", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Joseph Ravichandran (@0xjprx) of MIT CSAIL", "description": "A type confusion issue was addressed with improved checks.", "id": "CVE-2023-41060", "impact": "A remote user may be able to cause kernel code execution", "links": [ "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940" ], "module": "Kernel", "rsr": "", "update": "December 22, 2023" }, { "available": [ "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later" ], "credit": "Apple", "description": "A validation issue was addressed with improved logic.", "id": "CVE-2023-41061", "impact": "A maliciously crafted attachment may result in arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.", "links": [ "https://support.apple.com/en-us/HT213905", "https://support.apple.com/en-us/HT213907" ], "module": "Wallet", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Certik Skyfall Team", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-41063", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213927", "https://support.apple.com/en-us/HT213931", "https://support.apple.com/en-us/HT213936", "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940" ], "module": "Pro Res", "rsr": "", "update": "" }, { "available": [ "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "The Citizen Lab at The University of Toronto\u02bcs Munk School", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2023-41064", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.", "links": [ "https://support.apple.com/en-us/HT213905", "https://support.apple.com/en-us/HT213906", "https://support.apple.com/en-us/HT213913", "https://support.apple.com/en-us/HT213914", "https://support.apple.com/en-us/HT213915" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Adam M., and Noah Roskin-Frazee and Professor Jason Lau (ZeroClicks.ai Lab)", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2023-41065", "impact": "An app may be able to read sensitive location information", "links": [ "https://support.apple.com/en-us/HT213936", "https://support.apple.com/en-us/HT213937", "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940" ], "module": "bootp", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)" ], "credit": "An anonymous researcher, Jeremy Legendre of MacEnhance, and Felix Kratz", "description": "An authentication issue was addressed with improved state management.", "id": "CVE-2023-41066", "impact": "An app may be able to unexpectedly leak a user's credentials from secure text fields", "links": [ "https://support.apple.com/en-us/HT213940" ], "module": "Windows Server", "rsr": "", "update": "December 22, 2023" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)" ], "credit": "Ferdous Saljooki (@malwarezoo) of Jamf Software and an anonymous researcher", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2023-41067", "impact": "An app may bypass Gatekeeper checks", "links": [ "https://support.apple.com/en-us/HT213940" ], "module": "LaunchServices", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Mickey Jin (@patch1t)", "description": "An access issue was addressed with improved access restrictions.", "id": "CVE-2023-41068", "impact": "A user may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/HT213927", "https://support.apple.com/en-us/HT213936", "https://support.apple.com/en-us/HT213937", "https://support.apple.com/en-us/HT213938" ], "module": "MobileStorageMounter", "rsr": "", "update": "September 26, 2023" }, { "available": [ "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, and iPad Pro 11-inch 1st generation and later" ], "credit": "Zhice Yang (ShanghaiTech University)", "description": "This issue was addressed by improving Face ID anti-spoofing models.", "id": "CVE-2023-41069", "impact": "A 3D model constructed to look like the enrolled user may authenticate via Face ID", "links": [ "https://support.apple.com/en-us/HT213938" ], "module": "Face ID", "rsr": "", "update": "December 22, 2023" }, { "available": [ "Apple Watch Series 4 and later", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Kirin (@Pwnrin)", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2023-41070", "impact": "An app may be able to access sensitive data logged when a user shares a link", "links": [ "https://support.apple.com/en-us/HT213927", "https://support.apple.com/en-us/HT213931", "https://support.apple.com/en-us/HT213937", "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940" ], "module": "Share Sheet", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 9 and Apple Watch Ultra 2", "iPhone XS and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Mohamed GHANNAM (@_simo36)", "description": "A use-after-free issue was addressed with improved memory management.", "id": "CVE-2023-41071", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213931", "https://support.apple.com/en-us/HT213936", "https://support.apple.com/en-us/HT213937", "https://support.apple.com/en-us/HT213938" ], "module": "Apple Neural Engine", "rsr": "", "update": "September 26, 2023" }, { "available": [ "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "Wojciech Regula of SecuRing (wojciechregula.blog) and Csaba Fitzl (@theevilbit) of Offensive Security", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2023-41072", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/HT213982", "https://support.apple.com/en-us/HT213984" ], "module": "Contacts", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Ventura" ], "credit": "Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab (xlab.tencent.com)", "description": "An authorization issue was addressed with improved state management.", "id": "CVE-2023-41073", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/HT213927", "https://support.apple.com/en-us/HT213931", "https://support.apple.com/en-us/HT213932", "https://support.apple.com/en-us/HT213936", "https://support.apple.com/en-us/HT213937", "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940" ], "module": "libxpc", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey and macOS Ventura" ], "bugzilla": "256551", "credit": "\uc774\uc900\uc131(Junsung Lee) of Cross Republic and Jie Ding(@Lime) from HKUS3 Lab", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-41074", "impact": "Processing web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213936", "https://support.apple.com/en-us/HT213937", "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940", "https://support.apple.com/en-us/HT213941" ], "module": "WebKit", "rsr": "", "update": "January 2, 2024" }, { "available": [ "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur", "macOS Ventura" ], "credit": "Zweig of Kunlun Lab", "description": "A type confusion issue was addressed with improved checks.", "id": "CVE-2023-41075", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213673", "https://support.apple.com/en-us/HT213675", "https://support.apple.com/en-us/HT213676" ], "module": "libpthread", "rsr": "", "update": "December 21, 2023" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed by removing the vulnerable code.", "id": "CVE-2023-41076", "impact": "An app may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/HT213940" ], "module": "Windows Installer", "rsr": "", "update": "April 7, 2025" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-41077", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/HT213940", "https://support.apple.com/en-us/HT213985" ], "module": "Image Capture", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)" ], "credit": "Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab (xlab.tencent.com)", "description": "An authorization issue was addressed with improved state management.", "id": "CVE-2023-41078", "impact": "An app may be able to bypass certain Privacy preferences", "links": [ "https://support.apple.com/en-us/HT213940" ], "module": "Screen Sharing", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)" ], "credit": "Ron Masas of BreakPoint.sh and an anonymous researcher", "description": "The issue was addressed with improved permissions logic.", "id": "CVE-2023-41079", "impact": "An app may be able to bypass Privacy preferences", "links": [ "https://support.apple.com/en-us/HT213940" ], "module": "Shortcuts", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 9 and Apple Watch Ultra 2", "iPhone XS and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later" ], "credit": "Mohamed GHANNAM (@_simo36)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-41174", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213936", "https://support.apple.com/en-us/HT213937", "https://support.apple.com/en-us/HT213938" ], "module": "Apple Neural Engine", "rsr": "", "update": "December 22, 2023" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Ventura" ], "credit": "Liang Wei of PixiePoint Security", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2023-41232", "impact": "An app may be able to disclose kernel memory", "links": [ "https://support.apple.com/en-us/HT213927", "https://support.apple.com/en-us/HT213931", "https://support.apple.com/en-us/HT213932", "https://support.apple.com/en-us/HT213938" ], "module": "Biometric Authentication", "rsr": "", "update": "September 26, 2023" }, { "available": [ "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma", "macOS Ventura" ], "credit": "Cristian Dinca of \"Tudor Vianu\" National High School of Computer Science, Romania", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2023-41254", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/HT213981", "https://support.apple.com/en-us/HT213982", "https://support.apple.com/en-us/HT213984", "https://support.apple.com/en-us/HT213985", "https://support.apple.com/en-us/HT213988" ], "module": "Weather", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t) and James Hutchins", "description": "This issue was addressed with improved validation of symlinks.", "id": "CVE-2023-41968", "impact": "An app may be able to read arbitrary files", "links": [ "https://support.apple.com/en-us/HT213931", "https://support.apple.com/en-us/HT213932", "https://support.apple.com/en-us/HT213936", "https://support.apple.com/en-us/HT213937", "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940" ], "module": "StorageKit", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "F\u00e9lix Poulin-B\u00e9langer", "description": "A use-after-free issue was addressed with improved memory management.", "id": "CVE-2023-41974", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213938" ], "module": "Kernel", "rsr": "", "update": "December 22, 2023" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "This issue was addressed by removing the vulnerable code.", "id": "CVE-2023-41975", "impact": "A website may be able to access the microphone without the microphone use indicator being shown", "links": [ "https://support.apple.com/en-us/HT213983", "https://support.apple.com/en-us/HT213984", "https://support.apple.com/en-us/HT213985" ], "module": "WindowServer", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey and macOS Ventura", "macOS Sonoma" ], "bugzilla": "259890", "credit": "\uc774\uc900\uc131(Junsung Lee)", "description": "A use-after-free issue was addressed with improved memory management.", "id": "CVE-2023-41976", "impact": "Processing web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213981", "https://support.apple.com/en-us/HT213982", "https://support.apple.com/en-us/HT213984", "https://support.apple.com/en-us/HT213986", "https://support.apple.com/en-us/HT213987", "https://support.apple.com/en-us/HT213988" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "Alex Renda", "description": "The issue was addressed with improved handling of caches.", "id": "CVE-2023-41977", "impact": "Visiting a malicious website may reveal browsing history", "links": [ "https://support.apple.com/en-us/HT213981", "https://support.apple.com/en-us/HT213984" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)" ], "credit": "Koh M. Nakagawa (@tsunek0h)", "description": "A race condition was addressed with improved locking.", "id": "CVE-2023-41979", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/HT213940" ], "module": "XProtectFramework", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Noah Roskin-Frazee and Professor Jason Lau (ZeroClicks.ai Lab)", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2023-41980", "impact": "An app may be able to bypass Privacy preferences", "links": [ "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940" ], "module": "FileProvider", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Linus Henze of Pinauten GmbH (pinauten.de)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-41981", "impact": "An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations", "links": [ "https://support.apple.com/en-us/HT213927", "https://support.apple.com/en-us/HT213931", "https://support.apple.com/en-us/HT213936", "https://support.apple.com/en-us/HT213937", "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "Bistrit Dahal", "description": "This issue was addressed by restricting options offered on a locked device.", "id": "CVE-2023-41982", "impact": "An attacker with physical access may be able to use Siri to access sensitive user data", "links": [ "https://support.apple.com/en-us/HT213981", "https://support.apple.com/en-us/HT213982", "https://support.apple.com/en-us/HT213984", "https://support.apple.com/en-us/HT213988" ], "module": "Siri", "rsr": "", "update": "February 16, 2024" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey and macOS Ventura", "macOS Sonoma" ], "bugzilla": "260757", "credit": "\uc774\uc900\uc131(Junsung Lee)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-41983", "impact": "Processing web content may lead to a denial-of-service", "links": [ "https://support.apple.com/en-us/HT213981", "https://support.apple.com/en-us/HT213982", "https://support.apple.com/en-us/HT213984", "https://support.apple.com/en-us/HT213986" ], "module": "WebKit Process Model", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Ventura" ], "credit": "Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte. Ltd.", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-41984", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213927", "https://support.apple.com/en-us/HT213931", "https://support.apple.com/en-us/HT213932", "https://support.apple.com/en-us/HT213936", "https://support.apple.com/en-us/HT213937", "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Gergely Kalman (@gergely_kalman)", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-41986", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940" ], "module": "Music", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)" ], "credit": "Kirin (@Pwnrin), and Wojciech Regula of SecuRing (wojciechregula.blog)", "description": "This issue was addressed with improved checks.", "id": "CVE-2023-41987", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/HT213940" ], "module": "Printing", "rsr": "", "update": "December 22, 2023" }, { "available": [ "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "Bistrit Dahal", "description": "This issue was addressed by restricting options offered on a locked device.", "id": "CVE-2023-41988", "impact": "An attacker with physical access may be able to use Siri to access sensitive user data", "links": [ "https://support.apple.com/en-us/HT213982", "https://support.apple.com/en-us/HT213984", "https://support.apple.com/en-us/HT213988" ], "module": "Siri", "rsr": "", "update": "February 16, 2024" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Jewel Lambert", "description": "The issue was addressed by restricting options offered on a locked device.", "id": "CVE-2023-41989", "impact": "An attacker may be able to execute arbitrary code as root from the Lock Screen", "links": [ "https://support.apple.com/en-us/HT213984", "https://support.apple.com/en-us/HT214037", "https://support.apple.com/en-us/HT214038" ], "module": "Emoji", "rsr": "", "update": "July 16, 2024" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "Apple, Valentin Pashkov, Mikhail Vinogradov, Georgy Kucherin (@kucher1n), Leonid Bezvershenko (@bzvr_), and Boris Larin (@oct0xor) of Kaspersky", "description": "The issue was addressed with improved handling of caches.", "id": "CVE-2023-41990", "impact": "Processing a font file may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.1.", "links": [ "https://support.apple.com/en-us/HT213599", "https://support.apple.com/en-us/HT213601", "https://support.apple.com/en-us/HT213605", "https://support.apple.com/en-us/HT213606", "https://support.apple.com/en-us/HT213842", "https://support.apple.com/en-us/HT213844", "https://support.apple.com/en-us/HT213845" ], "module": "FontParser", "rsr": "", "update": "September 8, 2023" }, { "available": [ "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Bill Marczak of The Citizen Lab at The University of Toronto's Munk School and Maddie Stone of Google's Threat Analysis Group", "description": "A certificate validation issue was addressed.", "id": "CVE-2023-41991", "impact": "A malicious app may be able to bypass signature validation. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.", "links": [ "https://support.apple.com/en-us/HT213926", "https://support.apple.com/en-us/HT213927", "https://support.apple.com/en-us/HT213928", "https://support.apple.com/en-us/HT213929", "https://support.apple.com/en-us/HT213931" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, iPad mini 5th generation and later", "macOS Monterey", "macOS Ventura" ], "credit": "Bill Marczak of The Citizen Lab at The University of Toronto's Munk School and Maddie Stone of Google's Threat Analysis Group", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-41992", "impact": "A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.", "links": [ "https://support.apple.com/en-us/HT213926", "https://support.apple.com/en-us/HT213927", "https://support.apple.com/en-us/HT213928", "https://support.apple.com/en-us/HT213929", "https://support.apple.com/en-us/HT213931", "https://support.apple.com/en-us/HT213932" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Available for: Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, iPad mini 5th generation and later", "macOS Big Sur and Monterey", "macOS Ventura" ], "bugzilla": "261544", "credit": "Bill Marczak of The Citizen Lab at The University of Toronto's Munk School and Maddie Stone of Google's Threat Analysis Group", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-41993", "impact": "Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.", "links": [ "https://support.apple.com/en-us/HT213926", "https://support.apple.com/en-us/HT213927", "https://support.apple.com/en-us/HT213930", "https://support.apple.com/en-us/HT213940", "https://support.apple.com/en-us/HT213941" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)" ], "credit": "Halle Winkler, Politepix @hallewinkler", "description": "A logic issue was addressed with improved checks", "id": "CVE-2023-41994", "impact": "A camera extension may be able to access the camera view from apps other than the app for which it was granted permission", "links": [ "https://support.apple.com/en-us/HT213940" ], "module": "CoreMedia", "rsr": "", "update": "December 22, 2023" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Certik Skyfall Team, and pattern-f (@pattern_F_) of Ant Security Light-Year Lab", "description": "A use-after-free issue was addressed with improved memory management.", "id": "CVE-2023-41995", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213841", "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940" ], "module": "Kernel", "rsr": "", "update": "December 22, 2023" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t) and Yi\u011fit Can YILMAZ (@yilmazcanyigit)", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-41996", "impact": "Apps that fail verification checks may still launch", "links": [ "https://support.apple.com/en-us/HT213931", "https://support.apple.com/en-us/HT213940" ], "module": "Sandbox", "rsr": "", "update": "December 22, 2023" }, { "available": [ "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "Bistrit Dahal", "description": "This issue was addressed by restricting options offered on a locked device.", "id": "CVE-2023-41997", "impact": "An attacker with physical access may be able to use Siri to access sensitive user data", "links": [ "https://support.apple.com/en-us/HT213981", "https://support.apple.com/en-us/HT213982", "https://support.apple.com/en-us/HT213984", "https://support.apple.com/en-us/HT213988" ], "module": "Siri", "rsr": "", "update": "February 16, 2024" }, { "available": [ "macOS Sonoma" ], "credit": "Rafay Baloch & Muhammad Samaak, and an anonymous researcher", "description": "An inconsistent user interface issue was addressed with improved state management.", "id": "CVE-2023-42438", "impact": "Visiting a malicious website may lead to user interface spoofing", "links": [ "https://support.apple.com/en-us/HT213984" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "", "description": "The issue was resolved by sanitizing logging", "id": "CVE-2023-42823", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/HT213981", "https://support.apple.com/en-us/HT213982", "https://support.apple.com/en-us/HT213983", "https://support.apple.com/en-us/HT213984", "https://support.apple.com/en-us/HT213985", "https://support.apple.com/en-us/HT213987", "https://support.apple.com/en-us/HT213988" ], "module": "Core Recents", "rsr": "", "update": "February 16, 2024" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-42824", "impact": "A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.6.", "links": [ "https://support.apple.com/en-us/HT213961", "https://support.apple.com/en-us/HT213972" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)" ], "credit": "Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-42826", "impact": "Processing a file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213940" ], "module": "Model I/O", "rsr": "", "update": "October 19, 2023" }, { "available": [ "macOS Ventura" ], "credit": "Erhad Husovic", "description": "This issue was addressed by removing the vulnerable code.", "id": "CVE-2023-42828", "impact": "An app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/HT213843" ], "module": "crontabs", "rsr": "", "update": "December 21, 2023" }, { "available": [ "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "James Duffy (mangoSecure)", "description": "The issue was addressed with additional restrictions on the observability of app states.", "id": "CVE-2023-42829", "impact": "An app may be able to access SSH passphrases", "links": [ "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213844", "https://support.apple.com/en-us/HT213845" ], "module": "OpenSSH", "rsr": "", "update": "December 21, 2023" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Adam M.", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2023-42830", "impact": "An app may be able to read sensitive location information", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213676" ], "module": "App Store", "rsr": "", "update": "October 31, 2023, updated July 16, 2024" }, { "available": [ "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "James Duffy (mangoSecure)", "description": "This issue was addressed by removing the vulnerable code.", "id": "CVE-2023-42831", "impact": "An app may be able to fingerprint the user", "links": [ "https://support.apple.com/en-us/HT213842", "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213844", "https://support.apple.com/en-us/HT213845" ], "module": "Security", "rsr": "", "update": "December 22, 2023" }, { "available": [ "macOS Big Sur", "macOS Monterey", "macOS Ventura" ], "credit": "Arsenii Kostromin (0x3c3e)", "description": "A race condition was addressed with improved state handling.", "id": "CVE-2023-42832", "impact": "An app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213844", "https://support.apple.com/en-us/HT213845" ], "module": "Software Update", "rsr": "", "update": "December 21, 2023" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey and macOS Ventura" ], "bugzilla": "258592", "credit": "Dong Jun Kim (@smlijun) and Jong Seong Kim (@nevul37) of AbyssLab", "description": "A correctness issue was addressed with improved checks.", "id": "CVE-2023-42833", "impact": "Processing web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940", "https://support.apple.com/en-us/HT213941" ], "module": "WebKit", "rsr": "", "update": "January 2, 2024" }, { "available": [ "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Csaba Fitzl (@theevilbit) of Offensive Security", "description": "A privacy issue was addressed with improved handling of files.", "id": "CVE-2023-42834", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/HT213982", "https://support.apple.com/en-us/HT213984", "https://support.apple.com/en-us/HT213988", "https://support.apple.com/en-us/HT214037", "https://support.apple.com/en-us/HT214038" ], "module": "Find My", "rsr": "", "update": "February 16, 2024" }, { "available": [ "macOS Sonoma" ], "credit": "Mickey Jin (@patch1t)", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2023-42835", "impact": "An attacker may be able to access user data", "links": [ "https://support.apple.com/en-us/HT213984" ], "module": "RemoteViewServices", "rsr": "", "update": "February 16, 2024" }, { "available": [ "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Yi\u011fit Can YILMAZ (@yilmazcanyigit)", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2023-42836", "impact": "An attacker may be able to access connected network volumes mounted in the home directory", "links": [ "https://support.apple.com/en-us/HT213982", "https://support.apple.com/en-us/HT213984", "https://support.apple.com/en-us/HT214037", "https://support.apple.com/en-us/HT214038" ], "module": "Sandbox", "rsr": "", "update": "February 16, 2024" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Yi\u011fit Can YILMAZ (@yilmazcanyigit), and Csaba Fitzl (@theevilbit) of Offensive Security", "description": "An access issue was addressed with improvements to the sandbox.", "id": "CVE-2023-42838", "impact": "An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges", "links": [ "https://support.apple.com/en-us/HT213984", "https://support.apple.com/en-us/HT214037", "https://support.apple.com/en-us/HT214038" ], "module": "quarantine", "rsr": "", "update": "February 16, 2024" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "Yi\u011fit Can YILMAZ (@yilmazcanyigit)", "description": "This issue was addressed with improved state management.", "id": "CVE-2023-42839", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/HT213982", "https://support.apple.com/en-us/HT213984", "https://support.apple.com/en-us/HT213987", "https://support.apple.com/en-us/HT213988" ], "module": "Sandbox", "rsr": "", "update": "February 16, 2024" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t), and Csaba Fitzl (@theevilbit) of Offensive Security", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-42840", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/HT213983", "https://support.apple.com/en-us/HT213984", "https://support.apple.com/en-us/HT213985" ], "module": "PackageKit", "rsr": "", "update": "February 16, 2024" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma", "macOS Ventura" ], "credit": "Mingxuan Yang (@PPPF00L), happybabywu and Guang Gong of 360 Vulnerability Research Institute", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-42841", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213981", "https://support.apple.com/en-us/HT213982", "https://support.apple.com/en-us/HT213984", "https://support.apple.com/en-us/HT213985" ], "module": "Pro Res", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "an anonymous researcher", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-42842", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/HT213984", "https://support.apple.com/en-us/HT214036" ], "module": "SharedFileList", "rsr": "", "update": "" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey and macOS Ventura", "macOS Sonoma" ], "bugzilla": "260046", "credit": "Kacper Kwapisz (@KKKas_)", "description": "An inconsistent user interface issue was addressed with improved state management.", "id": "CVE-2023-42843", "impact": "Visiting a malicious website may lead to address bar spoofing", "links": [ "https://support.apple.com/en-us/HT213981", "https://support.apple.com/en-us/HT213982", "https://support.apple.com/en-us/HT213984", "https://support.apple.com/en-us/HT213986" ], "module": "WebKit", "rsr": "", "update": "February 16, 2024" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Ron Masas of BreakPoint.SH", "description": "This issue was addressed with improved handling of symlinks.", "id": "CVE-2023-42844", "impact": "A website may be able to access sensitive user data when resolving symlinks", "links": [ "https://support.apple.com/en-us/HT213983", "https://support.apple.com/en-us/HT213984", "https://support.apple.com/en-us/HT213985" ], "module": "Foundation", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "Bistrit Dahal", "description": "An authentication issue was addressed with improved state management.", "id": "CVE-2023-42845", "impact": "Photos in the Hidden Photos Album may be viewed without authentication", "links": [ "https://support.apple.com/en-us/HT213982", "https://support.apple.com/en-us/HT213984" ], "module": "Photos", "rsr": "", "update": "February 16, 2024" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Talal Haj Bakry and Tommy Mysk of Mysk Inc. @mysk_co", "description": "This issue was addressed by removing the vulnerable code.", "id": "CVE-2023-42846", "impact": "A device may be passively tracked by its Wi-Fi MAC address", "links": [ "https://support.apple.com/en-us/HT213981", "https://support.apple.com/en-us/HT213982", "https://support.apple.com/en-us/HT213987", "https://support.apple.com/en-us/HT213988" ], "module": "mDNSResponder", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "an anonymous researcher", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2023-42847", "impact": "An attacker may be able to access passkeys without authentication", "links": [ "https://support.apple.com/en-us/HT213982", "https://support.apple.com/en-us/HT213984" ], "module": "Passkeys", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma", "macOS Ventura" ], "credit": "JZ", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2023-42848", "impact": "Processing a maliciously crafted image may lead to heap corruption", "links": [ "https://support.apple.com/en-us/HT213981", "https://support.apple.com/en-us/HT213982", "https://support.apple.com/en-us/HT213984", "https://support.apple.com/en-us/HT213985", "https://support.apple.com/en-us/HT213987", "https://support.apple.com/en-us/HT213988" ], "module": "ImageIO", "rsr": "", "update": "February 16, 2024" }, { "available": [ "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Linus Henze of Pinauten GmbH (pinauten.de)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-42849", "impact": "An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations", "links": [ "https://support.apple.com/en-us/HT213981", "https://support.apple.com/en-us/HT213982", "https://support.apple.com/en-us/HT213983", "https://support.apple.com/en-us/HT213984", "https://support.apple.com/en-us/HT213985", "https://support.apple.com/en-us/HT213988" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "Thijs Alkemade (@xnyhps) from Computest Sector 7, Zhongquan Li (@Guluisacat), and Bohdan Stasiuk (@Bohdan_Stasiuk)", "description": "The issue was addressed with improved permissions logic.", "id": "CVE-2023-42850", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/HT213984" ], "module": "LaunchServices", "rsr": "", "update": "May 29, 2024" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey and macOS Ventura", "macOS Sonoma" ], "bugzilla": "260173", "credit": "Pedro Ribeiro (@pedrib1337) and Vitor Pedreira (@0xvhp_) of Agile Information Security", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2023-42852", "impact": "Processing web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213981", "https://support.apple.com/en-us/HT213982", "https://support.apple.com/en-us/HT213984", "https://support.apple.com/en-us/HT213986", "https://support.apple.com/en-us/HT213987", "https://support.apple.com/en-us/HT213988" ], "module": "WebKit", "rsr": "", "update": "February 16, 2024" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2023-42853", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/HT213983", "https://support.apple.com/en-us/HT213984", "https://support.apple.com/en-us/HT213985" ], "module": "PackageKit", "rsr": "", "update": "February 16, 2024" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Noah Roskin-Frazee and Prof. J. (ZeroClicks.ai Lab)", "description": "This issue was addressed by removing the vulnerable code.", "id": "CVE-2023-42854", "impact": "An app may be able to cause a denial-of-service to Endpoint Security clients", "links": [ "https://support.apple.com/en-us/HT213983", "https://support.apple.com/en-us/HT213984", "https://support.apple.com/en-us/HT213985" ], "module": "FileProvider", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Sam Lakmaker", "description": "This issue was addressed with improved state management.", "id": "CVE-2023-42855", "impact": "An attacker with physical access may be able to silently persist an Apple ID on an erased device", "links": [ "https://support.apple.com/en-us/HT213982" ], "module": "Setup Assistant", "rsr": "", "update": "February 16, 2024" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-42856", "impact": "Processing a file may lead to unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213983", "https://support.apple.com/en-us/HT213984", "https://support.apple.com/en-us/HT213985" ], "module": "Model I/O", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "Noah Roskin-Frazee and Prof. J. (ZeroClicks.ai Lab)", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2023-42857", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/HT213982", "https://support.apple.com/en-us/HT213984" ], "module": "Contacts", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-42858", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/HT213983", "https://support.apple.com/en-us/HT213984", "https://support.apple.com/en-us/HT213985" ], "module": "WindowServer", "rsr": "", "update": "February 16, 2024" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Arsenii Kostromin (0x3c3e), Mickey Jin (@patch1t), and Hevel Engineering", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-42859", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/HT213983", "https://support.apple.com/en-us/HT213984", "https://support.apple.com/en-us/HT213985" ], "module": "PackageKit", "rsr": "", "update": "February 16, 2024" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Koh M. Nakagawa (@tsunek0h) of FFRI Security, Inc.", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2023-42860", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/HT213983", "https://support.apple.com/en-us/HT213984", "https://support.apple.com/en-us/HT213985" ], "module": "PackageKit", "rsr": "", "update": "February 16, 2024" }, { "available": [ "macOS Sonoma" ], "credit": "Jon Crain, \u51ef \u738b, Brandon Chesser & CPU IT, inc, Matthew McLean, Steven Maser, and the Avalon IT Team of Concentrix", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2023-42861", "impact": "An attacker with knowledge of a standard user's credentials can unlock another standard user's locked screen on the same Mac", "links": [ "https://support.apple.com/en-us/HT213984" ], "module": "Login Window", "rsr": "", "update": "May 29, 2024" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Meysam Firouzi (@R00tkitSMM) of Mbition Mercedes-Benz Innovation Lab", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2023-42862", "impact": "Processing an image may result in disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213674", "https://support.apple.com/en-us/HT213676", "https://support.apple.com/en-us/HT213678" ], "module": "ImageIO", "rsr": "", "update": "December 21, 2023" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "jzhu working with Trend Micro Zero Day Initiative and Meysam Firouzi (@R00tkitSMM) of Mbition Mercedes-Benz Innovation Lab", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2023-42865", "impact": "Processing an image may result in disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT213670", "https://support.apple.com/en-us/HT213674", "https://support.apple.com/en-us/HT213676", "https://support.apple.com/en-us/HT213678" ], "module": "ImageIO", "rsr": "", "update": "December 21, 2023" }, { "available": [ "Apple TV 4K (all models) and Apple TV HD", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Big Sur and macOS Monterey", "macOS Ventura" ], "bugzilla": "257684", "credit": "Francisco Alonso (@revskills) and Junsung Lee", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-42866", "impact": "Processing web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213841", "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213846", "https://support.apple.com/en-us/HT213847", "https://support.apple.com/en-us/HT213848" ], "module": "WebKit", "rsr": "", "update": "December 21, 2023" }, { "available": [ "macOS Ventura and macOS Sonoma" ], "credit": "Wojciech Regula of SecuRing (wojciechregula.blog)", "description": "This issue was addressed with improved validation of the process entitlement and Team ID.", "id": "CVE-2023-42867", "impact": "An app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/HT214042" ], "module": "GarageBand", "rsr": "", "update": "" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "OSS-Fuzz, and Ned Williamson of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved input validation.", "id": "CVE-2023-42869", "impact": "Multiple issues in libxml2", "links": [ "https://support.apple.com/en-us/HT213757", "https://support.apple.com/en-us/HT213758" ], "module": "libxml2", "rsr": "", "update": "December 21, 2023" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Zweig of Kunlun Lab", "description": "A use-after-free issue was addressed with improved memory management.", "id": "CVE-2023-42870", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940" ], "module": "Kernel", "rsr": "", "update": "December 22, 2023" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone XS and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later" ], "credit": "Mohamed GHANNAM (@_simo36)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-42871", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940" ], "module": "Apple Neural Engine", "rsr": "", "update": "December 22, 2023" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Mickey Jin (@patch1t)", "description": "The issue was addressed with additional permissions checks.", "id": "CVE-2023-42872", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "December 22, 2023" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Mingxuan Yang (@PPPF00L), and happybabywu and Guang Gong of 360 Vulnerability Research Institute", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2023-42873", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213981", "https://support.apple.com/en-us/HT213982", "https://support.apple.com/en-us/HT213983", "https://support.apple.com/en-us/HT213984", "https://support.apple.com/en-us/HT213985", "https://support.apple.com/en-us/HT213987" ], "module": "Pro Res", "rsr": "", "update": "February 16, 2024" }, { "available": [ "macOS Sonoma" ], "credit": "Don Clarke", "description": "This issue was addressed with improved state management.", "id": "CVE-2023-42874", "impact": "Secure text fields may be displayed via the Accessibility Keyboard when using a physical keyboard", "links": [ "https://support.apple.com/en-us/HT214036" ], "module": "Accessibility", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey and macOS Ventura" ], "bugzilla": "259606", "credit": "\uc774\uc900\uc131(Junsung Lee)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-42875", "impact": "Processing web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213936", "https://support.apple.com/en-us/HT213937", "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940", "https://support.apple.com/en-us/HT213941" ], "module": "WebKit", "rsr": "", "update": "April 7, 2025" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)" ], "credit": "Koh M. Nakagawa (@tsunek0h)", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2023-42876", "impact": "Processing a file may lead to a denial-of-service or potentially disclose memory contents", "links": [ "https://support.apple.com/en-us/HT213940" ], "module": "BOM", "rsr": "", "update": "December 22, 2023" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Arsenii Kostromin (0x3c3e)", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-42877", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/HT213983", "https://support.apple.com/en-us/HT213984", "https://support.apple.com/en-us/HT213985" ], "module": "PackageKit", "rsr": "", "update": "February 16, 2024" }, { "available": [ "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "Kirin (@Pwnrin), Wojciech Regula of SecuRing (wojciechregula.blog), and Cristian Dinca of \"Tudor Vianu\" National High School of Computer Science, Romania", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2023-42878", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/HT213982", "https://support.apple.com/en-us/HT213984", "https://support.apple.com/en-us/HT213988" ], "module": "Share Sheet", "rsr": "", "update": "February 16, 2024" }, { "available": [ "macOS Sonoma" ], "credit": "Ivan Fratric of Google Project Zero", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-42881", "impact": "Processing a file may lead to unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT214036" ], "module": "AppleVA", "rsr": "", "update": "December 12, 2023" }, { "available": [ "macOS Sonoma" ], "credit": "Ivan Fratric of Google Project Zero", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-42882", "impact": "Processing an image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT214036" ], "module": "AppleVA", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey and macOS Ventura", "macOS Sonoma" ], "bugzilla": "263349", "credit": "Zoom Offensive Security Team", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-42883", "impact": "Processing an image may lead to a denial-of-service", "links": [ "https://support.apple.com/en-us/HT214034", "https://support.apple.com/en-us/HT214035", "https://support.apple.com/en-us/HT214036", "https://support.apple.com/en-us/HT214039", "https://support.apple.com/en-us/HT214040", "https://support.apple.com/en-us/HT214041" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "This issue was addressed with improved redaction of sensitive information.", "id": "CVE-2023-42884", "impact": "An app may be able to disclose kernel memory", "links": [ "https://support.apple.com/en-us/HT214034", "https://support.apple.com/en-us/HT214035", "https://support.apple.com/en-us/HT214036", "https://support.apple.com/en-us/HT214038", "https://support.apple.com/en-us/HT214040" ], "module": "AVEVideoEncoder", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Koh M. Nakagawa (@tsunek0h)", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2023-42886", "impact": "A user may be able to cause unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT214036", "https://support.apple.com/en-us/HT214037", "https://support.apple.com/en-us/HT214038" ], "module": "CoreServices", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "Ron Masas of BreakPoint.sh", "description": "An access issue was addressed with additional sandbox restrictions.", "id": "CVE-2023-42887", "impact": "An app may be able to read arbitrary files", "links": [ "https://support.apple.com/en-us/HT214036" ], "module": "NSOpenPanel", "rsr": "", "update": "January 22, 2024" }, { "available": [ "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-42888", "impact": "Processing a maliciously crafted image may result in disclosure of process memory", "links": [ "https://support.apple.com/en-us/HT214035", "https://support.apple.com/en-us/HT214036", "https://support.apple.com/en-us/HT214041" ], "module": "ImageIO", "rsr": "", "update": "January 22, 2024" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-42889", "impact": "An app may be able to bypass certain Privacy preferences", "links": [ "https://support.apple.com/en-us/HT213983", "https://support.apple.com/en-us/HT213984", "https://support.apple.com/en-us/HT213985" ], "module": "PackageKit", "rsr": "", "update": "February 16, 2024" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey and macOS Ventura", "macOS Sonoma" ], "bugzilla": "259830", "credit": "Pwn2car", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-42890", "impact": "Processing web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT214035", "https://support.apple.com/en-us/HT214036", "https://support.apple.com/en-us/HT214039", "https://support.apple.com/en-us/HT214040", "https://support.apple.com/en-us/HT214041" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "An authentication issue was addressed with improved state management.", "id": "CVE-2023-42891", "impact": "An app may be able to monitor keystrokes without user permission", "links": [ "https://support.apple.com/en-us/HT214036", "https://support.apple.com/en-us/HT214037", "https://support.apple.com/en-us/HT214038" ], "module": "IOKit", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Anthony Cruz @App Tyrant Corp", "description": "A use-after-free issue was addressed with improved memory management.", "id": "CVE-2023-42892", "impact": "A local attacker may be able to elevate their privileges", "links": [ "https://support.apple.com/en-us/HT214036", "https://support.apple.com/en-us/HT214037", "https://support.apple.com/en-us/HT214038" ], "module": "FileURL", "rsr": "", "update": "March 22, 2024" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "", "description": "A permissions issue was addressed by removing vulnerable code and adding additional checks.", "id": "CVE-2023-42893", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/HT214034", "https://support.apple.com/en-us/HT214035", "https://support.apple.com/en-us/HT214036", "https://support.apple.com/en-us/HT214037", "https://support.apple.com/en-us/HT214038", "https://support.apple.com/en-us/HT214040", "https://support.apple.com/en-us/HT214041" ], "module": "Libsystem", "rsr": "", "update": "March 22, 2024" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Noah Roskin-Frazee and Prof. J. (ZeroClicks.ai Lab)", "description": "This issue was addressed with improved redaction of sensitive information.", "id": "CVE-2023-42894", "impact": "An app may be able to access information about a user's contacts", "links": [ "https://support.apple.com/en-us/HT214036", "https://support.apple.com/en-us/HT214037", "https://support.apple.com/en-us/HT214038" ], "module": "AppleEvents", "rsr": "", "update": "" }, { "available": [ "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "An issue was addressed with improved handling of temporary files.", "id": "CVE-2023-42896", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/HT214034", "https://support.apple.com/en-us/HT214035", "https://support.apple.com/en-us/HT214036", "https://support.apple.com/en-us/HT214037", "https://support.apple.com/en-us/HT214038" ], "module": "Assets", "rsr": "", "update": "March 22, 2024" }, { "available": [ "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Andrew Goldberg of The McCombs School of Business, The University of Texas at Austin (linkedin.com/andrew-goldberg-/)", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-42897", "impact": "An attacker with physical access may be able to use Siri to access sensitive user data", "links": [ "https://support.apple.com/en-us/HT214035" ], "module": "Siri", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "Zhenjiang Zhao of Pangu Team, Qianxin and Junsung Lee", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-42898", "impact": "Processing an image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT214035", "https://support.apple.com/en-us/HT214036", "https://support.apple.com/en-us/HT214040", "https://support.apple.com/en-us/HT214041" ], "module": "ImageIO", "rsr": "", "update": "March 22, 2024" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Meysam Firouzi @R00tkitSMM and Junsung Lee", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-42899", "impact": "Processing an image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT214034", "https://support.apple.com/en-us/HT214035", "https://support.apple.com/en-us/HT214036", "https://support.apple.com/en-us/HT214037", "https://support.apple.com/en-us/HT214038", "https://support.apple.com/en-us/HT214040", "https://support.apple.com/en-us/HT214041" ], "module": "ImageIO", "rsr": "", "update": "March 22, 2024" }, { "available": [ "macOS Sonoma" ], "credit": "Mickey Jin (@patch1t)", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-42900", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/HT214036" ], "module": "CoreMedia Playback", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "Ivan Fratric of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved input validation.", "id": "CVE-2023-42901", "impact": "Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT214036" ], "module": "AppleGraphicsControl", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "Ivan Fratric of Google Project Zero, and Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative", "description": "Multiple memory corruption issues were addressed with improved input validation.", "id": "CVE-2023-42902", "impact": "Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT214036" ], "module": "AppleGraphicsControl", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "Ivan Fratric of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved input validation.", "id": "CVE-2023-42903", "impact": "Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT214036" ], "module": "AppleGraphicsControl", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "Ivan Fratric of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved input validation.", "id": "CVE-2023-42904", "impact": "Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT214036" ], "module": "AppleGraphicsControl", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "Ivan Fratric of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved input validation.", "id": "CVE-2023-42905", "impact": "Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT214036" ], "module": "AppleGraphicsControl", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "Ivan Fratric of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved input validation.", "id": "CVE-2023-42906", "impact": "Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT214036" ], "module": "AppleGraphicsControl", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "Ivan Fratric of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved input validation.", "id": "CVE-2023-42907", "impact": "Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT214036" ], "module": "AppleGraphicsControl", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "Ivan Fratric of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved input validation.", "id": "CVE-2023-42908", "impact": "Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT214036" ], "module": "AppleGraphicsControl", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "Ivan Fratric of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved input validation.", "id": "CVE-2023-42909", "impact": "Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT214036" ], "module": "AppleGraphicsControl", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "Ivan Fratric of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved input validation.", "id": "CVE-2023-42910", "impact": "Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT214036" ], "module": "AppleGraphicsControl", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "Ivan Fratric of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved input validation.", "id": "CVE-2023-42911", "impact": "Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT214036" ], "module": "AppleGraphicsControl", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "Ivan Fratric of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved input validation.", "id": "CVE-2023-42912", "impact": "Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT214036" ], "module": "AppleGraphicsControl", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "Mattie Behrens and Joshua Jewett (@JoshJewett33)", "description": "This issue was addressed through improved state management.", "id": "CVE-2023-42913", "impact": "Remote Login sessions may be able to obtain full disk access permissions", "links": [ "https://support.apple.com/en-us/HT214036" ], "module": "System Settings", "rsr": "", "update": "March 22, 2024" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Eloi Benoist-Vanderbeken (@elvanderb) of Synacktiv (@Synacktiv)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-42914", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/HT214034", "https://support.apple.com/en-us/HT214035", "https://support.apple.com/en-us/HT214036", "https://support.apple.com/en-us/HT214037", "https://support.apple.com/en-us/HT214038", "https://support.apple.com/en-us/HT214040", "https://support.apple.com/en-us/HT214041" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey and macOS Ventura", "macOS Sonoma" ], "bugzilla": "265041", "credit": "Cl\u00e9ment Lecigne of Google's Threat Analysis Group", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2023-42916", "impact": "Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1.", "links": [ "https://support.apple.com/en-us/HT214031", "https://support.apple.com/en-us/HT214032", "https://support.apple.com/en-us/HT214033", "https://support.apple.com/en-us/HT214034", "https://support.apple.com/en-us/HT214040", "https://support.apple.com/en-us/HT214041" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey and macOS Ventura", "macOS Sonoma" ], "bugzilla": "265067", "credit": "Cl\u00e9ment Lecigne of Google's Threat Analysis Group", "description": "A memory corruption vulnerability was addressed with improved locking.", "id": "CVE-2023-42917", "impact": "Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1.", "links": [ "https://support.apple.com/en-us/HT214031", "https://support.apple.com/en-us/HT214032", "https://support.apple.com/en-us/HT214033", "https://support.apple.com/en-us/HT214034", "https://support.apple.com/en-us/HT214040", "https://support.apple.com/en-us/HT214041" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)" ], "credit": "Mickey Jin (@patch1t)", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2023-42918", "impact": "A sandboxed process may be able to circumvent sandbox restrictions", "links": [ "https://support.apple.com/en-us/HT213940" ], "module": "Model I/O", "rsr": "", "update": "July 16, 2024" }, { "available": [ "Apple Watch Series 4 and later", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Kirin (@Pwnrin)", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2023-42919", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/HT214034", "https://support.apple.com/en-us/HT214035", "https://support.apple.com/en-us/HT214036", "https://support.apple.com/en-us/HT214037", "https://support.apple.com/en-us/HT214038", "https://support.apple.com/en-us/HT214041" ], "module": "Accounts", "rsr": "", "update": "" }, { "available": [ "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Wojciech Regula of SecuRing (wojciechregula.blog)", "description": "This issue was addressed with improved redaction of sensitive information.", "id": "CVE-2023-42922", "impact": "An app may be able to read sensitive location information", "links": [ "https://support.apple.com/en-us/HT214034", "https://support.apple.com/en-us/HT214035", "https://support.apple.com/en-us/HT214036", "https://support.apple.com/en-us/HT214037", "https://support.apple.com/en-us/HT214038" ], "module": "Find My", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "ARJUN S D", "description": "This issue was addressed through improved state management.", "id": "CVE-2023-42923", "impact": "Private Browsing tabs may be accessed without authentication", "links": [ "https://support.apple.com/en-us/HT214035" ], "module": "Safari Private Browsing", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2023-42924", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/HT214036", "https://support.apple.com/en-us/HT214038" ], "module": "Archive Utility", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Wojciech Regu\u0142a (@_r3ggi) and Kirin (@Pwnrin)", "description": "The issue was addressed with improved restriction of data container access.", "id": "CVE-2023-42925", "impact": "An app may be able to access Notes attachments", "links": [ "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940" ], "module": "AppSandbox", "rsr": "", "update": "July 16, 2024" }, { "available": [ "macOS Sonoma" ], "credit": "Ivan Fratric of Google Project Zero", "description": "Multiple memory corruption issues were addressed with improved input validation.", "id": "CVE-2023-42926", "impact": "Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT214036" ], "module": "AppleGraphicsControl", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Peter Nguy\u1ec5n V\u0169 Ho\u00e0ng (@peternguyen14) of STAR Labs SG Pte. Ltd.", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2023-42928", "impact": "An app may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT213982" ], "module": "FairPlay", "rsr": "", "update": "February 16, 2024" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)" ], "credit": "Mickey Jin (@patch1t)", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-42929", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/HT213940" ], "module": "AppSandbox", "rsr": "", "update": "December 22, 2023" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Arsenii Kostromin (0x3c3e)", "description": "This issue was addressed with improved checks.", "id": "CVE-2023-42930", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/HT214036", "https://support.apple.com/en-us/HT214037", "https://support.apple.com/en-us/HT214038" ], "module": "Shell", "rsr": "", "update": "March 22, 2024" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Yann GASCUEL of Alter Solutions", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-42931", "impact": "A process may gain admin privileges without proper authentication", "links": [ "https://support.apple.com/en-us/HT214036", "https://support.apple.com/en-us/HT214037", "https://support.apple.com/en-us/HT214038" ], "module": "DiskArbitration", "rsr": "", "update": "March 22, 2024" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Zhongquan Li (@Guluisacat)", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2023-42932", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/HT214036", "https://support.apple.com/en-us/HT214037", "https://support.apple.com/en-us/HT214038" ], "module": "TCC", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed with improved checks.", "id": "CVE-2023-42933", "impact": "An app may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT213940" ], "module": "Dev Tools", "rsr": "", "update": "December 22, 2023" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Wojciech Regula of SecuRing (wojciechregula.blog)", "description": "An information disclosure issue was addressed by removing the vulnerable code.", "id": "CVE-2023-42934", "impact": "An app with root privileges may be able to access private information", "links": [ "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940" ], "module": "Photos Storage", "rsr": "", "update": "December 22, 2023" }, { "available": [ "macOS Sonoma" ], "credit": "ASentientBot", "description": "An authentication issue was addressed with improved state management.", "id": "CVE-2023-42935", "impact": "A local attacker may be able to view the previous logged in user\u2019s desktop from the fast user switching screen", "links": [ "https://support.apple.com/en-us/HT213984" ], "module": "LoginWindow", "rsr": "", "update": "January 22, 2024, updated April 24, 2024" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Csaba Fitzl (@theevilbit) of OffSec", "description": "This issue was addressed with improved redaction of sensitive information.", "id": "CVE-2023-42936", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/HT214035", "https://support.apple.com/en-us/HT214036", "https://support.apple.com/en-us/HT214037", "https://support.apple.com/en-us/HT214038", "https://support.apple.com/en-us/HT214040", "https://support.apple.com/en-us/HT214041" ], "module": "Sandbox", "rsr": "", "update": "March 22, 2024, updated July 16, 2024" }, { "available": [ "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "Noah Roskin-Frazee and Prof. J. (ZeroClicks.ai Lab)", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2023-42937", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/HT214035", "https://support.apple.com/en-us/HT214036", "https://support.apple.com/en-us/HT214041" ], "module": "Accessibility", "rsr": "", "update": "January 22, 2024" }, { "available": [ "Windows 10 and later" ], "credit": "Gee Sung", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2023-42938", "impact": "A local attacker may be able to elevate their privileges", "links": [ "https://support.apple.com/en-us/HT214091" ], "module": "Mobile Device Service", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Abhay Kailasia (@abhay_kailasia) of Lakshmi Narain College Of Technology Bhopal India", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2023-42939", "impact": "A user's private browsing activity may be unexpectedly saved in the App Privacy Report", "links": [ "https://support.apple.com/en-us/HT213982" ], "module": "WebKit", "rsr": "", "update": "February 16, 2024" }, { "available": [ "macOS Sonoma" ], "credit": "Craig Hockenberry", "description": "A session rendering issue was addressed with improved session tracking.", "id": "CVE-2023-42940", "impact": "A user who shares their screen may unintentionally share the incorrect content", "links": [ "https://support.apple.com/en-us/HT214048" ], "module": "WindowServer", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Christopher Reynolds", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-42941", "impact": "An attacker in a privileged network position may be able to perform a denial-of-service attack using crafted Bluetooth packets", "links": [ "https://support.apple.com/en-us/HT214035" ], "module": "Bluetooth", "rsr": "", "update": "January 10, 2024" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed with improved handling of symlinks.", "id": "CVE-2023-42942", "impact": "A malicious app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/HT213981", "https://support.apple.com/en-us/HT213982", "https://support.apple.com/en-us/HT213984", "https://support.apple.com/en-us/HT213985", "https://support.apple.com/en-us/HT213987", "https://support.apple.com/en-us/HT213988" ], "module": "libxpc", "rsr": "", "update": "February 16, 2024" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)" ], "credit": "Cristian Dinca of \"Tudor Vianu\" National High School of Computer Science, Romania", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2023-42943", "impact": "An app may be able to read sensitive location information", "links": [ "https://support.apple.com/en-us/HT213940" ], "module": "Clock", "rsr": "", "update": "July 16, 2024" }, { "available": [ "macOS Sonoma" ], "credit": "", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2023-42945", "impact": "An app may gain unauthorized access to Bluetooth", "links": [ "https://support.apple.com/en-us/HT213984" ], "module": "Bluetooth", "rsr": "", "update": "February 16, 2024" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "", "description": "This issue was addressed with improved redaction of sensitive information.", "id": "CVE-2023-42946", "impact": "An app may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/HT213982", "https://support.apple.com/en-us/HT213984", "https://support.apple.com/en-us/HT213987", "https://support.apple.com/en-us/HT213988" ], "module": "Siri", "rsr": "", "update": "February 16, 2024" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Zhongquan Li (@Guluisacat) of Dawn Security Lab of JingDong", "description": "A path handling issue was addressed with improved validation.", "id": "CVE-2023-42947", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/HT214035", "https://support.apple.com/en-us/HT214036", "https://support.apple.com/en-us/HT214037", "https://support.apple.com/en-us/HT214038", "https://support.apple.com/en-us/HT214040", "https://support.apple.com/en-us/HT214041" ], "module": "TCC", "rsr": "", "update": "March 22, 2024" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)" ], "credit": "Andrew Haggard", "description": "This issue was addressed through improved state management.", "id": "CVE-2023-42948", "impact": "A Wi-Fi password may not be deleted when activating a Mac in macOS Recovery", "links": [ "https://support.apple.com/en-us/HT213940" ], "module": "System Settings", "rsr": "", "update": "July 16, 2024" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Kirin (@Pwnrin)", "description": "This issue was addressed with improved data protection.", "id": "CVE-2023-42949", "impact": "An app may be able to access edited photos saved to a temporary directory", "links": [ "https://support.apple.com/en-us/HT213936", "https://support.apple.com/en-us/HT213937", "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940" ], "module": "Photos", "rsr": "", "update": "July 16, 2024" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey and macOS Ventura", "macOS Sonoma" ], "bugzilla": "263682", "credit": "Nan Wang (@eternalsakura13) of 360 Vulnerability Research Institute and rushikesh nandedkar", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2023-42950", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT214035", "https://support.apple.com/en-us/HT214036", "https://support.apple.com/en-us/HT214039", "https://support.apple.com/en-us/HT214040", "https://support.apple.com/en-us/HT214041" ], "module": "WebKit", "rsr": "", "update": "March 22, 2024" }, { "available": [ "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Adis Alic", "description": "The issue was addressed with improved handling of caches.", "id": "CVE-2023-42951", "impact": "A user may be unable to delete browsing history items", "links": [ "https://support.apple.com/en-us/HT213982" ], "module": "Safari", "rsr": "", "update": "February 16, 2024" }, { "available": [ "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab (xlab.tencent.com)", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-42952", "impact": "An app with root privileges may be able to access private information", "links": [ "https://support.apple.com/en-us/HT213982", "https://support.apple.com/en-us/HT213983", "https://support.apple.com/en-us/HT213984", "https://support.apple.com/en-us/HT214038" ], "module": "Automation", "rsr": "", "update": "February 16, 2024" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "Michael (Biscuit) Thomas - @biscuit@social.lol", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2023-42953", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/HT213982", "https://support.apple.com/en-us/HT213984", "https://support.apple.com/en-us/HT213987", "https://support.apple.com/en-us/HT213988" ], "module": "Game Center", "rsr": "", "update": "February 16, 2024" }, { "available": [ "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey and macOS Ventura", "macOS Sonoma" ], "bugzilla": "263989", "credit": "SungKwon Lee (Demon.Team)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-42956", "impact": "Processing web content may lead to a denial-of-service", "links": [ "https://support.apple.com/en-us/HT214035", "https://support.apple.com/en-us/HT214036", "https://support.apple.com/en-us/HT214039" ], "module": "WebKit", "rsr": "", "update": "March 22, 2024" }, { "available": [ "Apple Watch Series 4 and later", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Adam M., and Ron Masas of BreakPoint Security Research", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2023-42957", "impact": "An app may be able to read sensitive location information", "links": [ "https://support.apple.com/en-us/HT213937", "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940" ], "module": "Maps", "rsr": "", "update": "July 16, 2024" }, { "available": [ "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2023-42958", "impact": "An app may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/HT213758" ], "module": "MobileStorageMounter", "rsr": "", "update": "July 16, 2024" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)" ], "credit": "Murray Mike", "description": "A race condition was addressed with improved state handling.", "id": "CVE-2023-42959", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT213940" ], "module": "Graphics Drivers", "rsr": "", "update": "July 16, 2024" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "A path handling issue was addressed with improved validation.", "id": "CVE-2023-42961", "impact": "A sandboxed process may be able to circumvent sandbox restrictions", "links": [ "https://support.apple.com/en-us/HT213927", "https://support.apple.com/en-us/HT213931", "https://support.apple.com/en-us/HT213932", "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940" ], "module": "Intents", "rsr": "", "update": "April 7, 2025" }, { "available": [ "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Aymane Chabat", "description": "This issue was addressed with improved checks", "id": "CVE-2023-42962", "impact": "A remote attacker may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/HT214034", "https://support.apple.com/en-us/HT214035" ], "module": "CallKit", "rsr": "", "update": "March 22, 2024" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Ventura" ], "credit": "pattern-f (@pattern_F_) of Ant Security Light-Year Lab", "description": "The issue was addressed with improved handling of caches.", "id": "CVE-2023-42969", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/HT213927", "https://support.apple.com/en-us/HT213931", "https://support.apple.com/en-us/HT213932", "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940" ], "module": "Apple Neural Engine", "rsr": "", "update": "April 7, 2025" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey and macOS Ventura" ], "bugzilla": "259583", "credit": "\uc774\uc900\uc131(Junsung Lee) of Cross Republic", "description": "A use-after-free issue was addressed with improved memory management.", "id": "CVE-2023-42970", "impact": "Processing web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213936", "https://support.apple.com/en-us/HT213937", "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940", "https://support.apple.com/en-us/HT213941" ], "module": "WebKit", "rsr": "", "update": "January 2, 2024, updated April 7, 2025" }, { "available": [ "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Kenneth Chew", "description": "The issue was addressed with improved UI.", "id": "CVE-2023-42973", "impact": "Private Browsing tabs may be accessed without authentication", "links": [ "https://support.apple.com/en-us/HT213938" ], "module": "Safari Private Browsing", "rsr": "", "update": "April 7, 2025" }, { "available": [ "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte. Ltd.", "description": "A race condition was addressed with improved state handling.", "id": "CVE-2023-42974", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/HT214034", "https://support.apple.com/en-us/HT214035", "https://support.apple.com/en-us/HT214036", "https://support.apple.com/en-us/HT214037", "https://support.apple.com/en-us/HT214038" ], "module": "IOUSBDeviceFamily", "rsr": "", "update": "March 22, 2024" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Mickey Jin (@patch1t)", "description": "A path handling issue was addressed with improved validation.", "id": "CVE-2023-42977", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/HT213938", "https://support.apple.com/en-us/HT213940" ], "module": "Power Services", "rsr": "", "update": "April 7, 2025" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)" ], "credit": "Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-42981", "impact": "Processing a file may lead to a denial-of-service or potentially disclose memory contents", "links": [ "https://support.apple.com/en-us/HT213940" ], "module": "Model I/O", "rsr": "", "update": "April 7, 2025" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)" ], "credit": "Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-42982", "impact": "Processing a file may lead to a denial-of-service or potentially disclose memory contents", "links": [ "https://support.apple.com/en-us/HT213940" ], "module": "Model I/O", "rsr": "", "update": "April 7, 2025" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)" ], "credit": "Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-42983", "impact": "Processing a file may lead to a denial-of-service or potentially disclose memory contents", "links": [ "https://support.apple.com/en-us/HT213940" ], "module": "Model I/O", "rsr": "", "update": "April 7, 2025" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "bugzilla": "255951", "credit": "Apple", "description": "A use-after-free issue was addressed with improved memory management.", "id": "CVE-2023-43000", "impact": "Processing maliciously crafted web content may lead to memory corruption", "links": [ "https://support.apple.com/en-us/HT213841", "https://support.apple.com/en-us/HT213843", "https://support.apple.com/en-us/HT213847" ], "module": "WebKit", "rsr": "", "update": "November 11, 2025" }, { "available": [ "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "Marc Newlin of SkySafe", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-45866", "impact": "An attacker in a privileged network position may be able to inject keystrokes by spoofing a keyboard", "links": [ "https://support.apple.com/en-us/HT214035", "https://support.apple.com/en-us/HT214036" ], "module": "Bluetooth", "rsr": "", "update": "December 11, 2023" }, { "available": [ "macOS Sonoma" ], "credit": "", "description": "A use-after-free issue was addressed with improved memory management.", "id": "CVE-2023-4733", "impact": "Processing malicious input may lead to code execution", "links": [ "https://support.apple.com/en-us/HT213984" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "", "description": "A use-after-free issue was addressed with improved memory management.", "id": "CVE-2023-4734", "impact": "Processing malicious input may lead to code execution", "links": [ "https://support.apple.com/en-us/HT213984" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "", "description": "A use-after-free issue was addressed with improved memory management.", "id": "CVE-2023-4735", "impact": "Processing malicious input may lead to code execution", "links": [ "https://support.apple.com/en-us/HT213984" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "", "description": "A use-after-free issue was addressed with improved memory management.", "id": "CVE-2023-4736", "impact": "Processing malicious input may lead to code execution", "links": [ "https://support.apple.com/en-us/HT213984" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "", "description": "A use-after-free issue was addressed with improved memory management.", "id": "CVE-2023-4738", "impact": "Processing malicious input may lead to code execution", "links": [ "https://support.apple.com/en-us/HT213984" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "", "description": "A use-after-free issue was addressed with improved memory management.", "id": "CVE-2023-4750", "impact": "Processing malicious input may lead to code execution", "links": [ "https://support.apple.com/en-us/HT213984" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "", "description": "A use-after-free issue was addressed with improved memory management.", "id": "CVE-2023-4751", "impact": "Processing malicious input may lead to code execution", "links": [ "https://support.apple.com/en-us/HT213984" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "", "description": "A use-after-free issue was addressed with improved memory management.", "id": "CVE-2023-4752", "impact": "Processing malicious input may lead to code execution", "links": [ "https://support.apple.com/en-us/HT213984" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "", "description": "A use-after-free issue was addressed with improved memory management.", "id": "CVE-2023-4781", "impact": "Processing malicious input may lead to code execution", "links": [ "https://support.apple.com/en-us/HT213984" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "bugzilla": "262365", "credit": "", "description": "The issue was addressed by updating to libvpx 1.13.1.", "id": "CVE-2023-5217", "impact": "A buffer overflow may result in arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT213961", "https://support.apple.com/en-us/HT213972" ], "module": "WebRTC", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "", "description": "This issue was addressed by updating to Vim version 9.0.1969.", "id": "CVE-2023-5344", "impact": "Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/HT214036", "https://support.apple.com/en-us/HT214037", "https://support.apple.com/en-us/HT214038" ], "module": "Vim", "rsr": "", "update": "" } ] ================================================ FILE: 2023/README.md ================================================ # Apple CVE 2023 * data source: https://support.apple.com/en-us/HT201222 * [2023.json](2023.json) ## ITW | Index | CVE ID | Module | |:-----:|:------:|:------------------ | | 1 | CVE-2022-42856 | WebKit | | 2 | CVE-2023-23529 | WebKit | | 3 | CVE-2023-28204 | WebKit | | 4 | CVE-2023-28205 | WebKit | | 5 | CVE-2023-28206 | IOSurfaceAccelerator | | 6 | CVE-2023-32373 | WebKit | | 7 | CVE-2023-32409 | WebKit | | 8 | CVE-2023-32434 | Kernel | | 9 | CVE-2023-32435 | WebKit | | 10 | CVE-2023-32439 | WebKit | | 11 | CVE-2023-37450 | WebKit | | 12 | CVE-2023-38606 | Kernel | | 13 | CVE-2023-41061 | Wallet | | 14 | CVE-2023-41064 | ImageIO | | 15 | CVE-2023-41990 | FontParser | | 16 | CVE-2023-41991 | Security | | 17 | CVE-2023-41992 | Kernel | | 18 | CVE-2023-41993 | WebKit | | 19 | CVE-2023-42824 | Kernel | | 20 | CVE-2023-42916 | WebKit | | 21 | CVE-2023-42917 | WebKit | ## Modules | Index | Module Name | CVE Count | |:-----:|:------------------ |:---------:| | 1 | WebKit | 57 | | 2 | Kernel | 46 | | 3 | Vim | 20 | | 4 | ImageIO | 19 | | 5 | Apple Neural Engine | 17 | | 6 | Model I/O | 16 | | 7 | curl | 14 | | 8 | PackageKit | 14 | | 9 | AMD | 14 | | 10 | AppleGraphicsControl | 13 | | 11 | Safari | 11 | | 12 | Sandbox | 10 | | 13 | AppleMobileFileIntegrity | 9 | | 14 | libxpc | 8 | | 15 | dcerpc | 8 | | 16 | ncurses | 7 | | 17 | Shortcuts | 7 | | 18 | Find My | 7 | | 19 | Accessibility | 7 | | 20 | Bluetooth | 7 | | 21 | Siri | 7 | | 22 | Photos | 6 | | 23 | LaunchServices | 5 | | 24 | System Settings | 5 | | 25 | Maps | 4 | | 26 | Weather | 4 | | 27 | Security | 4 | | 28 | Foundation | 4 | | 29 | Dev Tools | 4 | | 30 | AppSandbox | 4 | | 31 | Share Sheet | 4 | | 32 | TCC | 4 | | 33 | Mail | 3 | | 34 | Wi-Fi | 3 | | 35 | GarageBand | 3 | | 36 | FontParser | 3 | | 37 | CoreServices | 3 | | 38 | Messages | 3 | | 39 | IOSurfaceAccelerator | 3 | | 40 | CUPS | 3 | | 41 | Contacts | 3 | | 42 | Accounts | 3 | | 43 | GPU Drivers | 3 | | 44 | FileProvider | 3 | | 45 | Photos Storage | 3 | | 46 | Pro Res | 3 | | 47 | WindowServer | 3 | | 48 | DiskArbitration | 2 | | 49 | iCloud | 2 | | 50 | Windows Installer | 2 | | 51 | Crash Reporter | 2 | | 52 | Archive Utility | 2 | | 53 | ColorSync | 2 | | 54 | Calendar | 2 | | 55 | SharedFileList | 2 | | 56 | NetworkExtension | 2 | | 57 | WebKit Web Inspector | 2 | | 58 | Apple Music on Android | 2 | | 59 | libxml2 | 2 | | 60 | iTunes | 2 | | 61 | Quick Look | 2 | | 62 | StorageKit | 2 | | 63 | IOAcceleratorFamily | 2 | | 64 | Shell | 2 | | 65 | DesktopServices | 2 | | 66 | Grapher | 2 | | 67 | SQLite | 2 | | 68 | Assets | 2 | | 69 | OpenSSH | 2 | | 70 | Music | 2 | | 71 | Image Capture | 2 | | 72 | CFNetwork | 2 | | 73 | WebKit Process Model | 2 | | 74 | Printing | 2 | | 75 | libc | 2 | | 76 | Game Center | 2 | | 77 | Passkeys | 2 | | 78 | CoreAnimation | 2 | | 79 | App Store | 2 | | 80 | MobileStorageMounter | 2 | | 81 | AppleVA | 2 | | 82 | Safari Private Browsing | 2 | | 83 | AppleAVD | 1 | | 84 | DriverKit | 1 | | 85 | otool | 1 | | 86 | Magnifier | 1 | | 87 | tcpdump | 1 | | 88 | sudo | 1 | | 89 | CarPlay | 1 | | 90 | Mail Exchange | 1 | | 91 | Screen Time | 1 | | 92 | Intel Graphics Driver | 1 | | 93 | Core Bluetooth | 1 | | 94 | Carbon Core | 1 | | 95 | Camera | 1 | | 96 | Identity Services | 1 | | 97 | CommCenter | 1 | | 98 | Podcasts | 1 | | 99 | XPC | 1 | | 100 | Display | 1 | | 101 | AppleScript | 1 | | 102 | CoreCapture | 1 | | 103 | TextKit | 1 | | 104 | FaceTime | 1 | | 105 | MediaRemote | 1 | | 106 | Pro Video Formats | 1 | | 107 | OpenLDAP | 1 | | 108 | App Support | 1 | | 109 | WebKit PDF | 1 | | 110 | AuthKit | 1 | | 111 | Screen Saver | 1 | | 112 | Associated Domains | 1 | | 113 | PDFKit | 1 | | 114 | GeoServices | 1 | | 115 | Perl | 1 | | 116 | Core Location | 1 | | 117 | Metal | 1 | | 118 | TV App | 1 | | 119 | IOSurface | 1 | | 120 | Telephony | 1 | | 121 | Face Gallery | 1 | | 122 | Cellular | 1 | | 123 | MallocStackLogging | 1 | | 124 | SystemMigration | 1 | | 125 | NSURLSession | 1 | | 126 | sips | 1 | | 127 | NSSpellChecker | 1 | | 128 | Time Zone | 1 | | 129 | Power Management | 1 | | 130 | iperf3 | 1 | | 131 | Net-SNMP | 1 | | 132 | Voice Memos | 1 | | 133 | Ask to Buy | 1 | | 134 | Airport | 1 | | 135 | Notes | 1 | | 136 | Transparency | 1 | | 137 | Logging | 1 | | 138 | IOUserEthernet | 1 | | 139 | libpcap | 1 | | 140 | libxslt | 1 | | 141 | Networking | 1 | | 142 | Mail Drafts | 1 | | 143 | Passcode | 1 | | 144 | Simulator | 1 | | 145 | talagent | 1 | | 146 | QuartzCore | 1 | | 147 | IOTextEncryptionFamily | 1 | | 148 | iCloud Photo Library | 1 | | 149 | iTMSTransporter | 1 | | 150 | Core Image | 1 | | 151 | Spotlight | 1 | | 152 | Status Bar | 1 | | 153 | System Preferences | 1 | | 154 | NetFSFramework | 1 | | 155 | Core Data | 1 | | 156 | Wallet | 1 | | 157 | bootp | 1 | | 158 | Windows Server | 1 | | 159 | Face ID | 1 | | 160 | libpthread | 1 | | 161 | Screen Sharing | 1 | | 162 | Biometric Authentication | 1 | | 163 | XProtectFramework | 1 | | 164 | Emoji | 1 | | 165 | CoreMedia | 1 | | 166 | Core Recents | 1 | | 167 | crontabs | 1 | | 168 | Software Update | 1 | | 169 | RemoteViewServices | 1 | | 170 | quarantine | 1 | | 171 | mDNSResponder | 1 | | 172 | Setup Assistant | 1 | | 173 | Login Window | 1 | | 174 | BOM | 1 | | 175 | AVEVideoEncoder | 1 | | 176 | NSOpenPanel | 1 | | 177 | IOKit | 1 | | 178 | FileURL | 1 | | 179 | Libsystem | 1 | | 180 | AppleEvents | 1 | | 181 | CoreMedia Playback | 1 | | 182 | FairPlay | 1 | | 183 | LoginWindow | 1 | | 184 | Mobile Device Service | 1 | | 185 | Clock | 1 | | 186 | Automation | 1 | | 187 | Graphics Drivers | 1 | | 188 | Intents | 1 | | 189 | CallKit | 1 | | 190 | IOUSBDeviceFamily | 1 | | 191 | Power Services | 1 | | 192 | WebRTC | 1 | ================================================ FILE: 2024/2024.json ================================================ [ { "available": [ "macOS Sequoia" ], "credit": "", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2016-1246", "impact": "Multiple issues in Perl", "links": [ "https://support.apple.com/en-us/121839" ], "module": "Perl", "rsr": "", "update": "August 28, 2025" }, { "available": [ "macOS Sonoma" ], "credit": "Mickey Jin (@patch1t)", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2022-42816", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/120895" ], "module": "PackageKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "", "description": "This issue was addressed with improved checks.", "id": "CVE-2022-48554", "impact": "Processing a file may lead to a denial-of-service or potentially disclose memory contents", "links": [ "https://support.apple.com/en-us/120881", "https://support.apple.com/en-us/120882", "https://support.apple.com/en-us/120893", "https://support.apple.com/en-us/120895" ], "module": "file", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "Csaba Fitzl (@theevilbit) of Offensive Security", "description": "A race condition was addressed with improved locking.", "id": "CVE-2023-27952", "impact": "An app may bypass Gatekeeper checks", "links": [ "https://support.apple.com/en-us/120911" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "macOS Monterey", "macOS Ventura" ], "credit": "Meng Zhang (\u9cb8\u843d) of NorthSea", "description": "This issue was addressed with improved redaction of sensitive information.", "id": "CVE-2023-28826", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/120880", "https://support.apple.com/en-us/120884", "https://support.apple.com/en-us/120886" ], "module": "MediaRemote", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2023-31484", "impact": "Multiple issues in Perl", "links": [ "https://support.apple.com/en-us/121839" ], "module": "Perl", "rsr": "", "update": "August 28, 2025" }, { "available": [ "macOS Sequoia" ], "credit": "", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2023-31486", "impact": "Multiple issues in Perl", "links": [ "https://support.apple.com/en-us/121839" ], "module": "Perl", "rsr": "", "update": "August 28, 2025" }, { "available": [ "macOS Sequoia" ], "credit": "Arsenii Kostromin (0x3c3e)", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2023-32395", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/121839" ], "module": "Perl", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Ventura" ], "credit": "", "description": "Multiple issues were addressed by updating to curl version 8.4.0.", "id": "CVE-2023-38039", "impact": "Multiple issues in curl", "links": [ "https://support.apple.com/en-us/120305", "https://support.apple.com/en-us/120307" ], "module": "curl", "rsr": "", "update": "February 13, 2024" }, { "available": [ "macOS Monterey", "macOS Ventura" ], "credit": "", "description": "Multiple issues were addressed by updating to curl version 8.4.0.", "id": "CVE-2023-38545", "impact": "Multiple issues in curl", "links": [ "https://support.apple.com/en-us/120305", "https://support.apple.com/en-us/120307" ], "module": "curl", "rsr": "", "update": "February 13, 2024" }, { "available": [ "macOS Monterey", "macOS Ventura" ], "credit": "", "description": "Multiple issues were addressed by updating to curl version 8.4.0.", "id": "CVE-2023-38546", "impact": "Multiple issues in curl", "links": [ "https://support.apple.com/en-us/120305", "https://support.apple.com/en-us/120307" ], "module": "curl", "rsr": "", "update": "February 13, 2024" }, { "available": [ "macOS Sonoma" ], "credit": "Yeto", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2023-38709", "impact": "Multiple issues in apache", "links": [ "https://support.apple.com/en-us/120911" ], "module": "apache", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Ventura" ], "credit": "Csaba Fitzl (@theevilbit) of Offensive Security and Joshua Jewett (@JoshJewett33)", "description": "The issue was addressed with improved restriction of data container access.", "id": "CVE-2023-40389", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/120884", "https://support.apple.com/en-us/120886" ], "module": "Transparency", "rsr": "", "update": "May 31, 2024" }, { "available": [ "macOS Ventura" ], "credit": "Kirin (@Pwnrin) of NorthSea", "description": "This issue was addressed by removing the vulnerable code.", "id": "CVE-2023-40528", "impact": "An app may be able to bypass Privacy preferences", "links": [ "https://support.apple.com/en-us/120307" ], "module": "Core Data", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "Mickey Jin (@patch1t)", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2023-42853", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/120895" ], "module": "PackageKit", "rsr": "", "update": "" }, { "available": [ "macOS Ventura" ], "credit": "an anonymous researcher, \u51ef \u738b, Steven Maser, Matthew McLean, Brandon Chesser, CPU IT, inc, and Avalon IT Team of Concentrix", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2023-42861", "impact": "An attacker with knowledge of a standard user's credentials can unlock another standard user's locked screen on the same Mac", "links": [ "https://support.apple.com/en-us/120900" ], "module": "Login Window", "rsr": "", "update": "" }, { "available": [ "macOS Ventura" ], "credit": "Ron Masas of BreakPoint.sh", "description": "An access issue was addressed with additional sandbox restrictions.", "id": "CVE-2023-42887", "impact": "An app may be able to read arbitrary files", "links": [ "https://support.apple.com/en-us/120307" ], "module": "NSOpenPanel", "rsr": "", "update": "" }, { "available": [ "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "macOS Monterey", "macOS Ventura" ], "credit": "Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative", "description": "The issue was addressed with improved checks.", "id": "CVE-2023-42888", "impact": "Processing a maliciously crafted image may result in disclosure of process memory", "links": [ "https://support.apple.com/en-us/120305", "https://support.apple.com/en-us/120307", "https://support.apple.com/en-us/120310" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "an anonymous researcher", "description": "A permissions issue was addressed by removing vulnerable code and adding additional checks.", "id": "CVE-2023-42893", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/120903", "https://support.apple.com/en-us/120905" ], "module": "Libsystem", "rsr": "", "update": "" }, { "available": [ "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)" ], "bugzilla": "265041", "credit": "Cl\u00e9ment Lecigne of Google's Threat Analysis Group", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2023-42916", "impact": "Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1.", "links": [ "https://support.apple.com/en-us/120308" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)" ], "bugzilla": "265067", "credit": "Cl\u00e9ment Lecigne of Google's Threat Analysis Group", "description": "A memory corruption vulnerability was addressed with improved locking.", "id": "CVE-2023-42917", "impact": "Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1.", "links": [ "https://support.apple.com/en-us/120308" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Ventura" ], "credit": "ASentientBot", "description": "An authentication issue was addressed with improved state management.", "id": "CVE-2023-42935", "impact": "A local attacker may be able to view the previous logged in user\u2019s desktop from the fast user switching screen", "links": [ "https://support.apple.com/en-us/120307" ], "module": "LoginWindow", "rsr": "", "update": "April 24, 2024" }, { "available": [ "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "macOS Monterey", "macOS Ventura" ], "credit": "Noah Roskin-Frazee and Prof. J. (ZeroClicks.ai Lab)", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2023-42937", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/120305", "https://support.apple.com/en-us/120307", "https://support.apple.com/en-us/120310" ], "module": "Accessibility", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)" ], "credit": "", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2023-4504", "impact": "Processing a maliciously crafted file may lead to unexpected app termination", "links": [ "https://support.apple.com/en-us/121238" ], "module": "CUPS", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2023-47100", "impact": "Multiple issues in Perl", "links": [ "https://support.apple.com/en-us/121839" ], "module": "Perl", "rsr": "", "update": "August 28, 2025" }, { "available": [ "macOS Sonoma" ], "credit": "", "description": "Multiple issues were addressed by updating to OpenSSH 9.6.", "id": "CVE-2023-48795", "impact": "Multiple issues in OpenSSH", "links": [ "https://support.apple.com/en-us/120895" ], "module": "OpenSSH", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "", "description": "Multiple issues were addressed by updating to OpenSSH 9.6.", "id": "CVE-2023-51384", "impact": "Multiple issues in OpenSSH", "links": [ "https://support.apple.com/en-us/120895" ], "module": "OpenSSH", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "", "description": "Multiple issues were addressed by updating to OpenSSH 9.6.", "id": "CVE-2023-51385", "impact": "Multiple issues in OpenSSH", "links": [ "https://support.apple.com/en-us/120895" ], "module": "OpenSSH", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 4 and later", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2023-52356", "impact": "Processing an image may lead to a denial-of-service", "links": [ "https://support.apple.com/en-us/120908", "https://support.apple.com/en-us/120909", "https://support.apple.com/en-us/120910", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120912", "https://support.apple.com/en-us/120914", "https://support.apple.com/en-us/120915", "https://support.apple.com/en-us/120916" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2023-5841", "impact": "Processing a maliciously crafted image may lead to a denial-of-service", "links": [ "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121248", "https://support.apple.com/en-us/121249", "https://support.apple.com/en-us/121250" ], "module": "Model I/O", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 4 and later", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2023-6277", "impact": "Processing an image may lead to a denial-of-service", "links": [ "https://support.apple.com/en-us/120908", "https://support.apple.com/en-us/120909", "https://support.apple.com/en-us/120910", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120912", "https://support.apple.com/en-us/120914", "https://support.apple.com/en-us/120915", "https://support.apple.com/en-us/120916" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Magic Keyboard; Magic Keyboard (2021); Magic Keyboard with Numeric Keypad; Magic Keyboard with Touch ID; and Magic Keyboard with Touch ID and Numeric Keypad" ], "credit": "Marc Newlin of SkySafe", "description": "A session management issue was addressed with improved checks.", "id": "CVE-2024-0230", "impact": "An attacker with physical access to the accessory may be able to extract its Bluetooth pairing key and monitor Bluetooth traffic", "links": [ "https://support.apple.com/en-us/120303" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "ali yabuz", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2024-0258", "impact": "An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges", "links": [ "https://support.apple.com/en-us/120881", "https://support.apple.com/en-us/120882", "https://support.apple.com/en-us/120893", "https://support.apple.com/en-us/120895" ], "module": "libxpc", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey and macOS Ventura", "macOS Sonoma", "macOS Ventura" ], "credit": "Nick Galloway of Google Project Zero", "description": "An out-of-bounds write issue was addressed with improved input validation.", "id": "CVE-2024-1580", "impact": "Processing an image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/120312", "https://support.apple.com/en-us/120888", "https://support.apple.com/en-us/120889", "https://support.apple.com/en-us/120890", "https://support.apple.com/en-us/120891", "https://support.apple.com/en-us/120892" ], "module": "WebRTC", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2024-2004", "impact": "Multiple issues in curl", "links": [ "https://support.apple.com/en-us/120910", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120912" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Koh M. Nakagawa of FFRI Security, Inc., an anonymous researcher", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2024-23201", "impact": "An app may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/120304", "https://support.apple.com/en-us/120306", "https://support.apple.com/en-us/120309", "https://support.apple.com/en-us/120311", "https://support.apple.com/en-us/120884", "https://support.apple.com/en-us/120886" ], "module": "libxpc", "rsr": "", "update": "" }, { "available": [ "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "The issue was addressed with additional permissions checks.", "id": "CVE-2024-23203", "impact": "A shortcut may be able to use sensitive data with certain actions without prompting the user", "links": [ "https://support.apple.com/en-us/120304", "https://support.apple.com/en-us/120309", "https://support.apple.com/en-us/120880", "https://support.apple.com/en-us/120886" ], "module": "Shortcuts", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 4 and later", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Jubaer Alnazi (@h33tjubaer)", "description": "The issue was addressed with additional permissions checks.", "id": "CVE-2024-23204", "impact": "A shortcut may be able to use sensitive data with certain actions without prompting the user", "links": [ "https://support.apple.com/en-us/120304", "https://support.apple.com/en-us/120306", "https://support.apple.com/en-us/120309", "https://support.apple.com/en-us/120880", "https://support.apple.com/en-us/120884", "https://support.apple.com/en-us/120886" ], "module": "Shortcuts", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2024-23205", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/120893", "https://support.apple.com/en-us/120895" ], "module": "ExtensionKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey and macOS Ventura", "macOS Sonoma" ], "bugzilla": "262699", "credit": "an anonymous researcher", "description": "An access issue was addressed with improved access restrictions.", "id": "CVE-2024-23206", "impact": "A maliciously crafted webpage may be able to fingerprint the user", "links": [ "https://support.apple.com/en-us/120304", "https://support.apple.com/en-us/120306", "https://support.apple.com/en-us/120309", "https://support.apple.com/en-us/120310", "https://support.apple.com/en-us/120311", "https://support.apple.com/en-us/120339" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Noah Roskin-Frazee and Prof. J. (ZeroClicks.ai Lab), and Ian de Marcellus", "description": "This issue was addressed with improved redaction of sensitive information.", "id": "CVE-2024-23207", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/120304", "https://support.apple.com/en-us/120305", "https://support.apple.com/en-us/120306", "https://support.apple.com/en-us/120307", "https://support.apple.com/en-us/120309" ], "module": "Mail Search", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "fmyy(@binary_fmyy) and lime From TIANGONG Team of Legendsec at QI-ANXIN Group", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2024-23208", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/120304", "https://support.apple.com/en-us/120306", "https://support.apple.com/en-us/120309", "https://support.apple.com/en-us/120311" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2024-23209", "impact": "Processing web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/120309" ], "module": "LLVM", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "Noah Roskin-Frazee and Prof. J. (ZeroClicks.ai Lab)", "description": "This issue was addressed with improved redaction of sensitive information.", "id": "CVE-2024-23210", "impact": "An app may be able to view a user's phone number in system logs", "links": [ "https://support.apple.com/en-us/120304", "https://support.apple.com/en-us/120306", "https://support.apple.com/en-us/120309", "https://support.apple.com/en-us/120311" ], "module": "Time Zone", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 4 and later", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey and macOS Ventura", "macOS Sonoma" ], "credit": "Mark Bowers", "description": "A privacy issue was addressed with improved handling of user preferences.", "id": "CVE-2024-23211", "impact": "A user's private browsing activity may be visible in Settings", "links": [ "https://support.apple.com/en-us/120304", "https://support.apple.com/en-us/120306", "https://support.apple.com/en-us/120309", "https://support.apple.com/en-us/120310", "https://support.apple.com/en-us/120339" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 9 and Apple Watch Ultra 2", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Ye Zhang of Baidu Security", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2024-23212", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/120304", "https://support.apple.com/en-us/120305", "https://support.apple.com/en-us/120306", "https://support.apple.com/en-us/120307", "https://support.apple.com/en-us/120309", "https://support.apple.com/en-us/120310", "https://support.apple.com/en-us/120311" ], "module": "Apple Neural Engine", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey and macOS Ventura", "macOS Sonoma" ], "bugzilla": "266619", "credit": "Wangtaiyu of Zhongfu info", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2024-23213", "impact": "Processing web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/120304", "https://support.apple.com/en-us/120306", "https://support.apple.com/en-us/120309", "https://support.apple.com/en-us/120310", "https://support.apple.com/en-us/120311", "https://support.apple.com/en-us/120339" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "bugzilla": "265129", "credit": "Nan Wang (@eternalsakura13) of 360 Vulnerability Research Institute", "description": "Multiple memory corruption issues were addressed with improved memory handling.", "id": "CVE-2024-23214", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/120304", "https://support.apple.com/en-us/120309", "https://support.apple.com/en-us/120310" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "Zhongquan Li (@Guluisacat)", "description": "An issue was addressed with improved handling of temporary files.", "id": "CVE-2024-23215", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/120304", "https://support.apple.com/en-us/120306", "https://support.apple.com/en-us/120309", "https://support.apple.com/en-us/120311" ], "module": "TCC", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Pedro T\u00f4rres (@t0rr3sp3dr0)", "description": "A path handling issue was addressed with improved validation.", "id": "CVE-2024-23216", "impact": "An app may be able to overwrite arbitrary files", "links": [ "https://support.apple.com/en-us/120884", "https://support.apple.com/en-us/120886", "https://support.apple.com/en-us/120895" ], "module": "PackageKit", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma", "macOS Ventura" ], "credit": "Kirin (@Pwnrin)", "description": "A privacy issue was addressed with improved handling of temporary files.", "id": "CVE-2024-23217", "impact": "An app may be able to bypass certain Privacy preferences", "links": [ "https://support.apple.com/en-us/120304", "https://support.apple.com/en-us/120306", "https://support.apple.com/en-us/120309", "https://support.apple.com/en-us/120886" ], "module": "Shortcuts", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Clemens Lang", "description": "A timing side-channel issue was addressed with improvements to constant-time computation in cryptographic functions.", "id": "CVE-2024-23218", "impact": "An attacker may be able to decrypt legacy RSA PKCS#1 v1.5 ciphertexts without having the private key", "links": [ "https://support.apple.com/en-us/120304", "https://support.apple.com/en-us/120306", "https://support.apple.com/en-us/120309", "https://support.apple.com/en-us/120311", "https://support.apple.com/en-us/120880", "https://support.apple.com/en-us/120884", "https://support.apple.com/en-us/120886" ], "module": "CoreCrypto", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later" ], "credit": "Peter Watthey and Christian Scalese", "description": "The issue was addressed with improved authentication.", "id": "CVE-2024-23219", "impact": "Stolen Device Protection may be unexpectedly disabled", "links": [ "https://support.apple.com/en-us/120304" ], "module": "Reset Services", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "", "description": "The issue was addressed with improved handling of caches.", "id": "CVE-2024-23220", "impact": "An app may be able to fingerprint the user", "links": [ "https://support.apple.com/en-us/120883", "https://support.apple.com/en-us/120893" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Monterey and macOS Ventura", "macOS Sonoma", "macOS Ventura" ], "bugzilla": "267134", "credit": "", "description": "A type confusion issue was addressed with improved checks.", "id": "CVE-2024-23222", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited.", "links": [ "https://support.apple.com/en-us/118479", "https://support.apple.com/en-us/120304", "https://support.apple.com/en-us/120305", "https://support.apple.com/en-us/120307", "https://support.apple.com/en-us/120309", "https://support.apple.com/en-us/120310", "https://support.apple.com/en-us/120311", "https://support.apple.com/en-us/120339" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "Noah Roskin-Frazee and Prof. J. (ZeroClicks.ai Lab)", "description": "A privacy issue was addressed with improved handling of files.", "id": "CVE-2024-23223", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/120304", "https://support.apple.com/en-us/120306", "https://support.apple.com/en-us/120309", "https://support.apple.com/en-us/120311" ], "module": "NSSpellChecker", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma", "macOS Ventura" ], "credit": "Brian McNulty", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-23224", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/120307", "https://support.apple.com/en-us/120309" ], "module": "Finder", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 4 and later", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "", "description": "A memory corruption issue was addressed with improved validation.", "id": "CVE-2024-23225", "impact": "An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited.", "links": [ "https://support.apple.com/en-us/120880", "https://support.apple.com/en-us/120881", "https://support.apple.com/en-us/120882", "https://support.apple.com/en-us/120883", "https://support.apple.com/en-us/120884", "https://support.apple.com/en-us/120886", "https://support.apple.com/en-us/120893", "https://support.apple.com/en-us/120895" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "bugzilla": "259694", "credit": "Pwn2car", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2024-23226", "impact": "Processing web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/120881", "https://support.apple.com/en-us/120882", "https://support.apple.com/en-us/120883", "https://support.apple.com/en-us/120893", "https://support.apple.com/en-us/120895" ], "module": "WebKit", "rsr": "", "update": "March 7, 2024, updated February 5, 2025" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Brian McNulty", "description": "This issue was addressed with improved redaction of sensitive information.", "id": "CVE-2024-23227", "impact": "An app may be able to read sensitive location information", "links": [ "https://support.apple.com/en-us/120884", "https://support.apple.com/en-us/120886", "https://support.apple.com/en-us/120895" ], "module": "Airport", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Harsh Tyagi", "description": "This issue was addressed through improved state management.", "id": "CVE-2024-23228", "impact": "Locked Notes content may have been unexpectedly unlocked", "links": [ "https://support.apple.com/en-us/120304" ], "module": "Notes", "rsr": "", "update": "April 24, 2024" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Joshua Jewett (@JoshJewett33)", "description": "This issue was addressed with improved redaction of sensitive information.", "id": "CVE-2024-23229", "impact": "A malicious application may be able to access Find My data", "links": [ "https://support.apple.com/en-us/120886", "https://support.apple.com/en-us/120895", "https://support.apple.com/en-us/120899" ], "module": "Find My", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed with improved file handling.", "id": "CVE-2024-23230", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/120884", "https://support.apple.com/en-us/120886", "https://support.apple.com/en-us/120895" ], "module": "SharedFileList", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 4 and later", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma", "macOS Ventura" ], "credit": "Kirin (@Pwnrin) and luckyu (@uuulucky)", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2024-23231", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/120880", "https://support.apple.com/en-us/120881", "https://support.apple.com/en-us/120886", "https://support.apple.com/en-us/120893", "https://support.apple.com/en-us/120895" ], "module": "Share Sheet", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "Yi\u011fit Can YILMAZ (@yilmazcanyigit)", "description": "A privacy issue was addressed with improved handling of temporary files.", "id": "CVE-2024-23232", "impact": "An app may be able to capture a user's screen", "links": [ "https://support.apple.com/en-us/120895" ], "module": "Screen Capture", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed with improved checks.", "id": "CVE-2024-23233", "impact": "Entitlements and privacy permissions granted to this app may be used by a malicious app", "links": [ "https://support.apple.com/en-us/120895" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Murray Mike", "description": "An out-of-bounds write issue was addressed with improved input validation.", "id": "CVE-2024-23234", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/120884", "https://support.apple.com/en-us/120886", "https://support.apple.com/en-us/120895" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 4 and later", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "", "description": "A race condition was addressed with additional validation.", "id": "CVE-2024-23235", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/120880", "https://support.apple.com/en-us/120881", "https://support.apple.com/en-us/120882", "https://support.apple.com/en-us/120883", "https://support.apple.com/en-us/120893", "https://support.apple.com/en-us/120895" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "Ron Masas of Imperva", "description": "A correctness issue was addressed with improved checks.", "id": "CVE-2024-23236", "impact": "An app may be able to read arbitrary files", "links": [ "https://support.apple.com/en-us/120903" ], "module": "CFNetwork", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)" ], "credit": "Charly Suchanek", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2024-23237", "impact": "An app may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/121238" ], "module": "Wi-Fi", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "", "description": "An access issue was addressed with improved access restrictions.", "id": "CVE-2024-23238", "impact": "An app may be able to edit NVRAM variables", "links": [ "https://support.apple.com/en-us/120895" ], "module": "Sandbox", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "Mickey Jin (@patch1t)", "description": "A race condition was addressed with improved state handling.", "id": "CVE-2024-23239", "impact": "An app may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/120881", "https://support.apple.com/en-us/120882", "https://support.apple.com/en-us/120893", "https://support.apple.com/en-us/120895" ], "module": "Sandbox", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Harsh Tyagi", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-23240", "impact": "Shake-to-undo may allow a deleted photo to be re-surfaced without authentication", "links": [ "https://support.apple.com/en-us/120893" ], "module": "Photos", "rsr": "", "update": "March 7, 2024" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "", "description": "This issue was addressed through improved state management.", "id": "CVE-2024-23241", "impact": "An app may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/120882", "https://support.apple.com/en-us/120893", "https://support.apple.com/en-us/120895" ], "module": "Spotlight", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "", "description": "A privacy issue was addressed by not logging contents of text fields.", "id": "CVE-2024-23242", "impact": "An app may be able to view Mail data", "links": [ "https://support.apple.com/en-us/120893", "https://support.apple.com/en-us/120895" ], "module": "Synapse", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Cristian Dinca of \"Tudor Vianu\" National High School of Computer Science, Romania", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2024-23243", "impact": "An app may be able to read sensitive location information", "links": [ "https://support.apple.com/en-us/120893" ], "module": "Accessibility", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Sonoma" ], "credit": "Csaba Fitzl (@theevilbit) of OffSec", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2024-23244", "impact": "An app from a standard user account may be able to escalate privilege after admin user login", "links": [ "https://support.apple.com/en-us/120884", "https://support.apple.com/en-us/120895" ], "module": "Dock", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "This issue was addressed by adding an additional prompt for user consent.", "id": "CVE-2024-23245", "impact": "Third-party shortcuts may use a legacy action from Automator to send events to apps without user consent", "links": [ "https://support.apple.com/en-us/120884", "https://support.apple.com/en-us/120886", "https://support.apple.com/en-us/120895" ], "module": "Shortcuts", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 4 and later", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "Deutsche Telekom Security GmbH sponsored by Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "description": "This issue was addressed by removing the vulnerable code.", "id": "CVE-2024-23246", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/120880", "https://support.apple.com/en-us/120881", "https://support.apple.com/en-us/120882", "https://support.apple.com/en-us/120883", "https://support.apple.com/en-us/120893", "https://support.apple.com/en-us/120895" ], "module": "UIKit", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "m4yfly with TianGong Team of Legendsec at Qi'anxin Group", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2024-23247", "impact": "Processing a file may lead to unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/120884", "https://support.apple.com/en-us/120886", "https://support.apple.com/en-us/120895" ], "module": "ColorSync", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "m4yfly with TianGong Team of Legendsec at Qi'anxin Group", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2024-23248", "impact": "Processing a file may lead to a denial-of-service or potentially disclose memory contents", "links": [ "https://support.apple.com/en-us/120895" ], "module": "ColorSync", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "m4yfly with TianGong Team of Legendsec at Qi'anxin Group", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2024-23249", "impact": "Processing a file may lead to a denial-of-service or potentially disclose memory contents", "links": [ "https://support.apple.com/en-us/120895" ], "module": "ColorSync", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "Guilherme Rambo of Best Buddy Apps (rambo.codes)", "description": "An access issue was addressed with improved access restrictions.", "id": "CVE-2024-23250", "impact": "An app may be able to access Bluetooth-connected microphones without user permission", "links": [ "https://support.apple.com/en-us/120881", "https://support.apple.com/en-us/120882", "https://support.apple.com/en-us/120893", "https://support.apple.com/en-us/120895" ], "module": "CoreBluetooth - LE", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 4 and later", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "Gil Pedersen", "description": "An authentication issue was addressed with improved state management.", "id": "CVE-2024-23251", "impact": "An attacker with physical access may be able to leak Mail account credentials", "links": [ "https://support.apple.com/en-us/120898", "https://support.apple.com/en-us/120902", "https://support.apple.com/en-us/120903", "https://support.apple.com/en-us/120905" ], "module": "Mail", "rsr": "", "update": "June 10, 2024" }, { "available": [ "macOS Sonoma" ], "credit": "Mickey Jin (@patch1t)", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2024-23253", "impact": "An app may be able to access a user's Photos Library", "links": [ "https://support.apple.com/en-us/120895" ], "module": "Image Capture", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey and macOS Ventura", "macOS Sonoma" ], "bugzilla": "263795", "credit": "James Lee (@Windowsrcer)", "description": "The issue was addressed with improved UI handling.", "id": "CVE-2024-23254", "impact": "A malicious website may exfiltrate audio data cross-origin", "links": [ "https://support.apple.com/en-us/120881", "https://support.apple.com/en-us/120882", "https://support.apple.com/en-us/120883", "https://support.apple.com/en-us/120893", "https://support.apple.com/en-us/120894", "https://support.apple.com/en-us/120895" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "Harsh Tyagi", "description": "An authentication issue was addressed with improved state management.", "id": "CVE-2024-23255", "impact": "Photos in the Hidden Photos Album may be viewed without authentication", "links": [ "https://support.apple.com/en-us/120893", "https://support.apple.com/en-us/120895" ], "module": "Photos", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Om Kothawade", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2024-23256", "impact": "A user's locked tabs may be briefly visible while switching tab groups when Locked Private Browsing is enabled", "links": [ "https://support.apple.com/en-us/120893" ], "module": "Safari Private Browsing", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Junsung Lee working with Trend Micro Zero Day Initiative", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2024-23257", "impact": "Processing an image may result in disclosure of process memory", "links": [ "https://support.apple.com/en-us/120880", "https://support.apple.com/en-us/120883", "https://support.apple.com/en-us/120884", "https://support.apple.com/en-us/120886", "https://support.apple.com/en-us/120895" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro", "macOS Sonoma" ], "credit": "Zhenjiang Zhao of pangu team, Qianxin, and Amir Bazine and Karsten K\u00f6nig of CrowdStrike Counter Adversary Operations", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2024-23258", "impact": "Processing an image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/120883", "https://support.apple.com/en-us/120895" ], "module": "ImageIO", "rsr": "", "update": "May 29, 2024" }, { "available": [ "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "Lyra Rebane (rebane2001)", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-23259", "impact": "Processing web content may lead to a denial-of-service", "links": [ "https://support.apple.com/en-us/120880", "https://support.apple.com/en-us/120893", "https://support.apple.com/en-us/120895" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "Joshua Jewett (@JoshJewett33)", "description": "This issue was addressed by removing additional entitlements.", "id": "CVE-2024-23260", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/120895" ], "module": "TV App", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Matthew Loewen", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2024-23261", "impact": "An attacker may be able to read information belonging to another user", "links": [ "https://support.apple.com/en-us/120895", "https://support.apple.com/en-us/120910", "https://support.apple.com/en-us/120912" ], "module": "Time Zone", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Guilherme Rambo of Best Buddy Apps (rambo.codes)", "description": "This issue was addressed with additional entitlement checks.", "id": "CVE-2024-23262", "impact": "An app may be able to spoof system notifications and UI", "links": [ "https://support.apple.com/en-us/120880", "https://support.apple.com/en-us/120883", "https://support.apple.com/en-us/120893" ], "module": "Accessibility", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 4 and later", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey and macOS Ventura", "macOS Sonoma" ], "bugzilla": "264811", "credit": "Johan Carlsson (joaxcar)", "description": "A logic issue was addressed with improved validation.", "id": "CVE-2024-23263", "impact": "Processing maliciously crafted web content may prevent Content Security Policy from being enforced", "links": [ "https://support.apple.com/en-us/120880", "https://support.apple.com/en-us/120881", "https://support.apple.com/en-us/120882", "https://support.apple.com/en-us/120883", "https://support.apple.com/en-us/120893", "https://support.apple.com/en-us/120894", "https://support.apple.com/en-us/120895" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Meysam Firouzi @R00tkitsmm working with Trend Micro Zero Day Initiative", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2024-23264", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/120880", "https://support.apple.com/en-us/120882", "https://support.apple.com/en-us/120883", "https://support.apple.com/en-us/120884", "https://support.apple.com/en-us/120886", "https://support.apple.com/en-us/120893", "https://support.apple.com/en-us/120895" ], "module": "Metal", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 4 and later", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Xinru Chi of Pangu Lab", "description": "A memory corruption vulnerability was addressed with improved locking.", "id": "CVE-2024-23265", "impact": "An app may be able to cause unexpected system termination or write kernel memory", "links": [ "https://support.apple.com/en-us/120880", "https://support.apple.com/en-us/120881", "https://support.apple.com/en-us/120882", "https://support.apple.com/en-us/120883", "https://support.apple.com/en-us/120884", "https://support.apple.com/en-us/120886", "https://support.apple.com/en-us/120893", "https://support.apple.com/en-us/120895" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Pedro T\u00f4rres (@t0rr3sp3dr0)", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-23266", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/120884", "https://support.apple.com/en-us/120886", "https://support.apple.com/en-us/120895" ], "module": "Kerberos v5 PAM module", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-23267", "impact": "An app may be able to bypass certain Privacy preferences", "links": [ "https://support.apple.com/en-us/120884", "https://support.apple.com/en-us/120886", "https://support.apple.com/en-us/120895" ], "module": "PackageKit", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t), Pedro T\u00f4rres (@t0rr3sp3dr0)", "description": "An injection issue was addressed with improved input validation.", "id": "CVE-2024-23268", "impact": "An app may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/120884", "https://support.apple.com/en-us/120886", "https://support.apple.com/en-us/120895" ], "module": "PackageKit", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions.", "id": "CVE-2024-23269", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/120884", "https://support.apple.com/en-us/120886", "https://support.apple.com/en-us/120895" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2024-23270", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/120882", "https://support.apple.com/en-us/120884", "https://support.apple.com/en-us/120886", "https://support.apple.com/en-us/120893", "https://support.apple.com/en-us/120895" ], "module": "Image Processing", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey and macOS Ventura", "macOS Sonoma" ], "bugzilla": "265812", "credit": "James Lee (@Windowsrcer)", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2024-23271", "impact": "A malicious website may cause unexpected cross-origin behavior", "links": [ "https://support.apple.com/en-us/120304", "https://support.apple.com/en-us/120306", "https://support.apple.com/en-us/120309", "https://support.apple.com/en-us/120311", "https://support.apple.com/en-us/120339" ], "module": "WebKit", "rsr": "", "update": "April 24, 2024" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2024-23272", "impact": "An attacker may gain access to protected parts of the file system", "links": [ "https://support.apple.com/en-us/120884", "https://support.apple.com/en-us/120886", "https://support.apple.com/en-us/120895" ], "module": "Storage Services", "rsr": "", "update": "May 13, 2024" }, { "available": [ "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey and macOS Ventura", "macOS Sonoma" ], "credit": "Matej Rabzelj", "description": "This issue was addressed through improved state management.", "id": "CVE-2024-23273", "impact": "Private Browsing tabs may be accessed without authentication", "links": [ "https://support.apple.com/en-us/120893", "https://support.apple.com/en-us/120894", "https://support.apple.com/en-us/120895" ], "module": "Safari Private Browsing", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Bohdan Stasiuk (@Bohdan_Stasiuk)", "description": "An injection issue was addressed with improved input validation.", "id": "CVE-2024-23274", "impact": "An app may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/120884", "https://support.apple.com/en-us/120886", "https://support.apple.com/en-us/120895" ], "module": "PackageKit", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "A race condition was addressed with additional validation.", "id": "CVE-2024-23275", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/120884", "https://support.apple.com/en-us/120886", "https://support.apple.com/en-us/120895" ], "module": "PackageKit", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Kirin (@Pwnrin)", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2024-23276", "impact": "An app may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/120884", "https://support.apple.com/en-us/120886", "https://support.apple.com/en-us/120895" ], "module": "Admin Framework", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "Marc Newlin of SkySafe", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-23277", "impact": "An attacker in a privileged network position may be able to inject keystrokes by spoofing a keyboard", "links": [ "https://support.apple.com/en-us/120893", "https://support.apple.com/en-us/120895" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-23278", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/120880", "https://support.apple.com/en-us/120881", "https://support.apple.com/en-us/120882", "https://support.apple.com/en-us/120886", "https://support.apple.com/en-us/120893", "https://support.apple.com/en-us/120895" ], "module": "libxpc", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "an anonymous researcher", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2024-23279", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/120895" ], "module": "MediaRemote", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey and macOS Ventura", "macOS Sonoma" ], "bugzilla": "266703", "credit": "an anonymous researcher", "description": "An injection issue was addressed with improved validation.", "id": "CVE-2024-23280", "impact": "A maliciously crafted webpage may be able to fingerprint the user", "links": [ "https://support.apple.com/en-us/120881", "https://support.apple.com/en-us/120882", "https://support.apple.com/en-us/120893", "https://support.apple.com/en-us/120894", "https://support.apple.com/en-us/120895" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "Joshua Jewett (@JoshJewett33)", "description": "This issue was addressed with improved state management.", "id": "CVE-2024-23281", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/120895" ], "module": "System Settings", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 4 and later", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "Dohyun Lee (@l33d0hyun)", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-23282", "impact": "A maliciously crafted email may be able to initiate FaceTime calls without user authorization", "links": [ "https://support.apple.com/en-us/120898", "https://support.apple.com/en-us/120902", "https://support.apple.com/en-us/120903", "https://support.apple.com/en-us/120905" ], "module": "Mail", "rsr": "", "update": "June 10, 2024" }, { "available": [ "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2024-23283", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/120880", "https://support.apple.com/en-us/120884", "https://support.apple.com/en-us/120886", "https://support.apple.com/en-us/120895" ], "module": "Notes", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 4 and later", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey and macOS Ventura", "macOS Sonoma" ], "bugzilla": "267241", "credit": "Georg Felber and Marco Squarcina", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2024-23284", "impact": "Processing maliciously crafted web content may prevent Content Security Policy from being enforced", "links": [ "https://support.apple.com/en-us/120880", "https://support.apple.com/en-us/120881", "https://support.apple.com/en-us/120882", "https://support.apple.com/en-us/120883", "https://support.apple.com/en-us/120893", "https://support.apple.com/en-us/120894", "https://support.apple.com/en-us/120895" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "@08Tc3wBB of Jamf", "description": "This issue was addressed with improved handling of symlinks.", "id": "CVE-2024-23285", "impact": "An app may be able to create symlinks to protected regions of the disk", "links": [ "https://support.apple.com/en-us/120895" ], "module": "Music", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 4 and later", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Junsung Lee working with Trend Micro Zero Day Initiative, Amir Bazine and Karsten K\u00f6nig of CrowdStrike Counter Adversary Operations, Dohyun Lee (@l33d0hyun), and Lyutoon and Mr.R", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2024-23286", "impact": "Processing an image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/120880", "https://support.apple.com/en-us/120881", "https://support.apple.com/en-us/120882", "https://support.apple.com/en-us/120883", "https://support.apple.com/en-us/120884", "https://support.apple.com/en-us/120886", "https://support.apple.com/en-us/120893", "https://support.apple.com/en-us/120895" ], "module": "ImageIO", "rsr": "", "update": "May 29, 2024" }, { "available": [ "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "Kirin (@Pwnrin)", "description": "A privacy issue was addressed with improved handling of temporary files.", "id": "CVE-2024-23287", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/120881", "https://support.apple.com/en-us/120893", "https://support.apple.com/en-us/120895" ], "module": "Messages", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "Wojciech Regula of SecuRing (wojciechregula.blog) and Kirin (@Pwnrin)", "description": "This issue was addressed by removing the vulnerable code.", "id": "CVE-2024-23288", "impact": "An app may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/120881", "https://support.apple.com/en-us/120882", "https://support.apple.com/en-us/120893", "https://support.apple.com/en-us/120895" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 4 and later", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "Lewis Hardy", "description": "A lock screen issue was addressed with improved state management.", "id": "CVE-2024-23289", "impact": "A person with physical access to a device may be able to use Siri to access private calendar information", "links": [ "https://support.apple.com/en-us/120880", "https://support.apple.com/en-us/120881", "https://support.apple.com/en-us/120893", "https://support.apple.com/en-us/120895" ], "module": "Siri", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "Wojciech Regula of SecuRing (wojciechregula.blog)", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2024-23290", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/120881", "https://support.apple.com/en-us/120882", "https://support.apple.com/en-us/120893", "https://support.apple.com/en-us/120895" ], "module": "Sandbox", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2024-23291", "impact": "A malicious app may be able to observe user data in log entries related to accessibility notifications", "links": [ "https://support.apple.com/en-us/120881", "https://support.apple.com/en-us/120882", "https://support.apple.com/en-us/120893", "https://support.apple.com/en-us/120895" ], "module": "Accessibility", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "K\u5b9d and LFY@secsys from Fudan University", "description": "This issue was addressed with improved data protection.", "id": "CVE-2024-23292", "impact": "An app may be able to access information about a user's contacts", "links": [ "https://support.apple.com/en-us/120893", "https://support.apple.com/en-us/120895" ], "module": "Shortcuts", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "Bistrit Dahal", "description": "This issue was addressed through improved state management.", "id": "CVE-2024-23293", "impact": "An attacker with physical access may be able to use Siri to access sensitive user data", "links": [ "https://support.apple.com/en-us/120881", "https://support.apple.com/en-us/120882", "https://support.apple.com/en-us/120893", "https://support.apple.com/en-us/120895" ], "module": "Siri", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "Wojciech Regula of SecuRing (wojciechregula.blog)", "description": "This issue was addressed by removing the vulnerable code.", "id": "CVE-2024-23294", "impact": "Processing malicious input may lead to code execution", "links": [ "https://support.apple.com/en-us/120895" ], "module": "QuartzCore", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro" ], "credit": "Patrick Reardon", "description": "A permissions issue was addressed to help ensure Personas are always protected", "id": "CVE-2024-23295", "impact": "An unauthenticated user may be able to use an unprotected Persona", "links": [ "https://support.apple.com/en-us/120883" ], "module": "Persona", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 4 and later", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "", "description": "A memory corruption issue was addressed with improved validation.", "id": "CVE-2024-23296", "impact": "An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited.", "links": [ "https://support.apple.com/en-us/120881", "https://support.apple.com/en-us/120882", "https://support.apple.com/en-us/120883", "https://support.apple.com/en-us/120893", "https://support.apple.com/en-us/120895", "https://support.apple.com/en-us/120898", "https://support.apple.com/en-us/120900", "https://support.apple.com/en-us/120910" ], "module": "RTKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "scj643", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-23297", "impact": "A malicious application may be able to access private information", "links": [ "https://support.apple.com/en-us/120881", "https://support.apple.com/en-us/120882", "https://support.apple.com/en-us/120893" ], "module": "MediaRemote", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma 14 and later" ], "credit": "Jacopo Carloni", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2024-23298", "impact": "An app may bypass Gatekeeper checks", "links": [ "https://support.apple.com/en-us/120887" ], "module": "Xcode", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-23299", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/120884", "https://support.apple.com/en-us/120886", "https://support.apple.com/en-us/120895" ], "module": "Disk Images", "rsr": "", "update": "May 29, 2024" }, { "available": [ "macOS Ventura and macOS Sonoma" ], "credit": "Marc Schoenefeld, Dr. rer. nat.", "description": "A use-after-free issue was addressed with improved memory management.", "id": "CVE-2024-23300", "impact": "Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/120885" ], "module": "GarageBand", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2024-2379", "impact": "Multiple issues in curl", "links": [ "https://support.apple.com/en-us/120910", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120912" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2024-2398", "impact": "Multiple issues in curl", "links": [ "https://support.apple.com/en-us/120910", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120912" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2024-2466", "impact": "Multiple issues in curl", "links": [ "https://support.apple.com/en-us/120910", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120912" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "Yeto", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2024-24795", "impact": "Multiple issues in apache", "links": [ "https://support.apple.com/en-us/120911" ], "module": "apache", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "Yeto", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2024-27316", "impact": "Multiple issues in apache", "links": [ "https://support.apple.com/en-us/120911" ], "module": "apache", "rsr": "", "update": "" }, { "available": [ "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2024-27789", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/120895", "https://support.apple.com/en-us/120898", "https://support.apple.com/en-us/120899", "https://support.apple.com/en-us/120900" ], "module": "Foundation", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte. Ltd.", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-27791", "impact": "An app may be able to corrupt coprocessor memory", "links": [ "https://support.apple.com/en-us/120304", "https://support.apple.com/en-us/120305", "https://support.apple.com/en-us/120307", "https://support.apple.com/en-us/120309", "https://support.apple.com/en-us/120310", "https://support.apple.com/en-us/120311" ], "module": "Power Manager", "rsr": "", "update": "April 24, 2024" }, { "available": [ "macOS Sonoma" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed by adding an additional prompt for user consent.", "id": "CVE-2024-27792", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/120895" ], "module": "TCC", "rsr": "", "update": "May 29, 2024" }, { "available": [ "Windows 10 and later" ], "credit": "Willy R. Vasquez of The University of Texas at Austin", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-27793", "impact": "Parsing a file may lead to an unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/120897" ], "module": "CoreMedia", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)" ], "credit": "Halle Winkler, Politepix @hallewinkler", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2024-27795", "impact": "A camera extension may be able to access the internet", "links": [ "https://support.apple.com/en-us/121238" ], "module": "AppSandbox", "rsr": "", "update": "" }, { "available": [ "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "ajajfxhj", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-27796", "impact": "An attacker may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/120898", "https://support.apple.com/en-us/120899", "https://support.apple.com/en-us/120900", "https://support.apple.com/en-us/120903", "https://support.apple.com/en-us/120905" ], "module": "Voice Control", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Yann GASCUEL of Alter Solutions", "description": "An authorization issue was addressed with improved state management.", "id": "CVE-2024-27798", "impact": "An attacker may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/120899", "https://support.apple.com/en-us/120900", "https://support.apple.com/en-us/120903" ], "module": "StorageKit", "rsr": "", "update": "" }, { "available": [ "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "This issue was addressed with additional entitlement checks.", "id": "CVE-2024-27799", "impact": "An unprivileged app may be able to log keystrokes in other apps including those using secure input mode", "links": [ "https://support.apple.com/en-us/120898", "https://support.apple.com/en-us/120899", "https://support.apple.com/en-us/120900", "https://support.apple.com/en-us/120903" ], "module": "IOHIDFamily", "rsr": "", "update": "June 10, 2024" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 4 and later", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Daniel Zajork and Joshua Zajork", "description": "This issue was addressed by removing the vulnerable code.", "id": "CVE-2024-27800", "impact": "Processing a maliciously crafted message may lead to a denial-of-service", "links": [ "https://support.apple.com/en-us/120898", "https://support.apple.com/en-us/120899", "https://support.apple.com/en-us/120900", "https://support.apple.com/en-us/120901", "https://support.apple.com/en-us/120902", "https://support.apple.com/en-us/120903", "https://support.apple.com/en-us/120905", "https://support.apple.com/en-us/120906" ], "module": "Messages", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "CertiK SkyFall Team", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-27801", "impact": "An app may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/120901", "https://support.apple.com/en-us/120902", "https://support.apple.com/en-us/120903", "https://support.apple.com/en-us/120905", "https://support.apple.com/en-us/120906" ], "module": "Foundation", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Meysam Firouzi (@R00tkitsmm) working with Trend Micro Zero Day Initiative", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2024-27802", "impact": "Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/120898", "https://support.apple.com/en-us/120899", "https://support.apple.com/en-us/120900", "https://support.apple.com/en-us/120901", "https://support.apple.com/en-us/120903", "https://support.apple.com/en-us/120905", "https://support.apple.com/en-us/120906" ], "module": "Metal", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "an anonymous researcher", "description": "A permissions issue was addressed with improved validation.", "id": "CVE-2024-27803", "impact": "An attacker with physical access may be able to share items from the lock screen", "links": [ "https://support.apple.com/en-us/120905" ], "module": "Screenshots", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "Meysam Firouzi (@R00tkitSMM)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2024-27804", "impact": "An app may be able to cause unexpected system termination", "links": [ "https://support.apple.com/en-us/120901", "https://support.apple.com/en-us/120902", "https://support.apple.com/en-us/120903", "https://support.apple.com/en-us/120905", "https://support.apple.com/en-us/120915" ], "module": "AppleAVD", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Kirin (@Pwnrin) and \u5c0f\u6765\u6765 (@Smi1eSEC)", "description": "An issue was addressed with improved validation of environment variables.", "id": "CVE-2024-27805", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/120898", "https://support.apple.com/en-us/120899", "https://support.apple.com/en-us/120900", "https://support.apple.com/en-us/120901", "https://support.apple.com/en-us/120902", "https://support.apple.com/en-us/120903", "https://support.apple.com/en-us/120905" ], "module": "Core Data", "rsr": "", "update": "June 10, 2024" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "", "description": "This issue was addressed with improved environment sanitization.", "id": "CVE-2024-27806", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/120898", "https://support.apple.com/en-us/120899", "https://support.apple.com/en-us/120900", "https://support.apple.com/en-us/120901", "https://support.apple.com/en-us/120902", "https://support.apple.com/en-us/120903", "https://support.apple.com/en-us/120905" ], "module": "Spotlight", "rsr": "", "update": "June 10, 2024" }, { "available": [ "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Romy R.", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-27807", "impact": "An app may be able to circumvent App Privacy Report logging", "links": [ "https://support.apple.com/en-us/120898", "https://support.apple.com/en-us/120905" ], "module": "Symptom Framework", "rsr": "", "update": "June 10, 2024" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey and macOS Ventura", "macOS Sonoma" ], "bugzilla": "268221", "credit": "Lukas Bernhard of CISPA Helmholtz Center for Information Security", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2024-27808", "impact": "Processing web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/120896", "https://support.apple.com/en-us/120901", "https://support.apple.com/en-us/120902", "https://support.apple.com/en-us/120903", "https://support.apple.com/en-us/120905", "https://support.apple.com/en-us/120906" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "an anonymous researcher", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2024-27809", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/120895" ], "module": "Music", "rsr": "", "update": "July 29, 2024" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "LFY@secsys of Fudan University", "description": "A path handling issue was addressed with improved validation.", "id": "CVE-2024-27810", "impact": "An app may be able to read sensitive location information", "links": [ "https://support.apple.com/en-us/120899", "https://support.apple.com/en-us/120900", "https://support.apple.com/en-us/120901", "https://support.apple.com/en-us/120902", "https://support.apple.com/en-us/120903", "https://support.apple.com/en-us/120905" ], "module": "Maps", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "Nick Wellnhofer", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-27811", "impact": "An app may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/120901", "https://support.apple.com/en-us/120902", "https://support.apple.com/en-us/120903", "https://support.apple.com/en-us/120905", "https://support.apple.com/en-us/120906" ], "module": "libiconv", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro" ], "credit": "Ryan Pickren (ryanpickren.com)", "description": "A logic issue was addressed with improved file handling.", "id": "CVE-2024-27812", "impact": "Processing web content may lead to a denial-of-service", "links": [ "https://support.apple.com/en-us/120906" ], "module": "WebKit", "rsr": "", "update": "June 20, 2024" }, { "available": [ "macOS Sonoma" ], "credit": "an anonymous researcher", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-27813", "impact": "An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges", "links": [ "https://support.apple.com/en-us/120903" ], "module": "PrintCenter", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 4 and later" ], "credit": "Dalibor Milanovic", "description": "This issue was addressed through improved state management.", "id": "CVE-2024-27814", "impact": "A person with physical access to a device may be able to view contact information from the lock screen", "links": [ "https://support.apple.com/en-us/120902" ], "module": "Phone", "rsr": "", "update": "June 10, 2024" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "an anonymous researcher, and Joseph Ravichandran (@0xjprx) of MIT CSAIL", "description": "An out-of-bounds write issue was addressed with improved input validation.", "id": "CVE-2024-27815", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/120901", "https://support.apple.com/en-us/120902", "https://support.apple.com/en-us/120903", "https://support.apple.com/en-us/120905", "https://support.apple.com/en-us/120906" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "Mickey Jin (@patch1t)", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2024-27816", "impact": "An attacker may be able to access user data", "links": [ "https://support.apple.com/en-us/120901", "https://support.apple.com/en-us/120902", "https://support.apple.com/en-us/120903", "https://support.apple.com/en-us/120905" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "pattern-f (@pattern_F_) of Ant Security Light-Year Lab", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-27817", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/120898", "https://support.apple.com/en-us/120899", "https://support.apple.com/en-us/120900", "https://support.apple.com/en-us/120901", "https://support.apple.com/en-us/120903", "https://support.apple.com/en-us/120905", "https://support.apple.com/en-us/120906" ], "module": "CoreMedia", "rsr": "", "update": "" }, { "available": [ "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "pattern-f (@pattern_F_) of Ant Security Light-Year Lab", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2024-27818", "impact": "An attacker may be able to cause unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/120898", "https://support.apple.com/en-us/120903", "https://support.apple.com/en-us/120905" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Srijan Poudel", "description": "The issue was addressed by restricting options offered on a locked device.", "id": "CVE-2024-27819", "impact": "An attacker with physical access may be able to access contacts from the lock screen", "links": [ "https://support.apple.com/en-us/120905" ], "module": "Siri", "rsr": "", "update": "June 10, 2024" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 4 and later", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey and macOS Ventura", "macOS Sonoma" ], "bugzilla": "270139", "credit": "Jeff Johnson of underpassapp.com", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2024-27820", "impact": "Processing web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/120896", "https://support.apple.com/en-us/120898", "https://support.apple.com/en-us/120901", "https://support.apple.com/en-us/120902", "https://support.apple.com/en-us/120903", "https://support.apple.com/en-us/120905", "https://support.apple.com/en-us/120906" ], "module": "WebKit Web Inspector", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "Csaba Fitzl (@theevilbit) of Kandji, Kirin (@Pwnrin), LFY@secsys, \u5c0f\u6765\u6765 (@Smi1eSEC), yulige, Snoolie Keffaber (@0xilis), and Robert Reichel", "description": "A path handling issue was addressed with improved validation.", "id": "CVE-2024-27821", "impact": "A shortcut may output sensitive user data without consent", "links": [ "https://support.apple.com/en-us/120902", "https://support.apple.com/en-us/120903", "https://support.apple.com/en-us/120905" ], "module": "Shortcuts", "rsr": "", "update": "January 15, 2025" }, { "available": [ "macOS Sonoma" ], "credit": "Scott Johnson, Mykola Grymalyuk of RIPEDA Consulting, Jordy Witteman, and Carlos Polop", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2024-27822", "impact": "An app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/120903" ], "module": "PackageKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 4 and later", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Prof. Benny Pinkas of Bar-Ilan University, Prof. Amit Klein of Hebrew University, and EP", "description": "A race condition was addressed with improved locking.", "id": "CVE-2024-27823", "impact": "An attacker in a privileged network position may be able to spoof network packets", "links": [ "https://support.apple.com/en-us/120898", "https://support.apple.com/en-us/120899", "https://support.apple.com/en-us/120900", "https://support.apple.com/en-us/120901", "https://support.apple.com/en-us/120902", "https://support.apple.com/en-us/120903", "https://support.apple.com/en-us/120905", "https://support.apple.com/en-us/120915" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Pedro T\u00f4rres (@t0rr3sp3dr0)", "description": "This issue was addressed by removing the vulnerable code.", "id": "CVE-2024-27824", "impact": "An app may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/120899", "https://support.apple.com/en-us/120900", "https://support.apple.com/en-us/120903" ], "module": "PackageKit", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "Kirin (@Pwnrin)", "description": "A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions.", "id": "CVE-2024-27825", "impact": "An app may be able to bypass certain Privacy preferences", "links": [ "https://support.apple.com/en-us/120903" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 9 and Apple Watch Ultra 2", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Minghao Lin, and Ye Zhang (@VAR10CK) of Baidu Security", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2024-27826", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/120901", "https://support.apple.com/en-us/120902", "https://support.apple.com/en-us/120903", "https://support.apple.com/en-us/120905", "https://support.apple.com/en-us/120910", "https://support.apple.com/en-us/120912", "https://support.apple.com/en-us/120915" ], "module": "Apple Neural Engine", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher and Mickey Jin (@patch1t)", "description": "This issue was addressed through improved state management.", "id": "CVE-2024-27827", "impact": "An app may be able to read arbitrary files", "links": [ "https://support.apple.com/en-us/120900", "https://support.apple.com/en-us/120903" ], "module": "Finder", "rsr": "", "update": "May 16, 2025" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte. Ltd.", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2024-27828", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/120901", "https://support.apple.com/en-us/120902", "https://support.apple.com/en-us/120905", "https://support.apple.com/en-us/120906" ], "module": "IOSurface", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "Amir Bazine and Karsten K\u00f6nig of CrowdStrike Counter Adversary Operations, Pwn2car working with Trend Micro's Zero Day Initiative, and Michael DePlante (@izobashi) of Trend Micro's Zero Day Initiative", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2024-27829", "impact": "Processing a file may lead to unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/120903" ], "module": "AppleVA", "rsr": "", "update": "July 29, 2024" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey and macOS Ventura", "macOS Sonoma" ], "bugzilla": "271159", "credit": "Joe Rutkowski (@Joe12387) of Crawless and @abrahamjuliot", "description": "This issue was addressed through improved state management.", "id": "CVE-2024-27830", "impact": "A maliciously crafted webpage may be able to fingerprint the user", "links": [ "https://support.apple.com/en-us/120896", "https://support.apple.com/en-us/120901", "https://support.apple.com/en-us/120902", "https://support.apple.com/en-us/120903", "https://support.apple.com/en-us/120905", "https://support.apple.com/en-us/120906" ], "module": "WebKit Canvas", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Amir Bazine and Karsten K\u00f6nig of CrowdStrike Counter Adversary Operations", "description": "An out-of-bounds write issue was addressed with improved input validation.", "id": "CVE-2024-27831", "impact": "Processing a file may lead to unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/120898", "https://support.apple.com/en-us/120899", "https://support.apple.com/en-us/120900", "https://support.apple.com/en-us/120901", "https://support.apple.com/en-us/120903", "https://support.apple.com/en-us/120905", "https://support.apple.com/en-us/120906" ], "module": "CoreMedia", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "an anonymous researcher", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-27832", "impact": "An app may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/120901", "https://support.apple.com/en-us/120902", "https://support.apple.com/en-us/120903", "https://support.apple.com/en-us/120905", "https://support.apple.com/en-us/120906" ], "module": "Disk Images", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey and macOS Ventura" ], "bugzilla": "271491", "credit": "Manfred Paul (@_manfp) working with Trend Micro Zero Day Initiative", "description": "An integer overflow was addressed with improved input validation.", "id": "CVE-2024-27833", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/120896", "https://support.apple.com/en-us/120898", "https://support.apple.com/en-us/120901", "https://support.apple.com/en-us/120905", "https://support.apple.com/en-us/120906" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey and macOS Ventura", "macOS Sonoma" ], "bugzilla": "272750", "credit": "Manfred Paul (@_manfp) working with Trend Micro's Zero Day Initiative", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-27834", "impact": "An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication", "links": [ "https://support.apple.com/en-us/120896", "https://support.apple.com/en-us/120898", "https://support.apple.com/en-us/120901", "https://support.apple.com/en-us/120902", "https://support.apple.com/en-us/120903", "https://support.apple.com/en-us/120905" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Andr.Ess", "description": "This issue was addressed through improved state management.", "id": "CVE-2024-27835", "impact": "An attacker with physical access to an iOS device may be able to access notes from the lock screen", "links": [ "https://support.apple.com/en-us/120905" ], "module": "Notes", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "Junsung Lee working with Trend Micro Zero Day Initiative", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-27836", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/120903", "https://support.apple.com/en-us/120905", "https://support.apple.com/en-us/120906" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "Mickey Jin (@patch1t) and ajajfxhj", "description": "A downgrade issue was addressed with additional code-signing restrictions.", "id": "CVE-2024-27837", "impact": "A local attacker may gain access to Keychain items", "links": [ "https://support.apple.com/en-us/120903" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 4 and later", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey and macOS Ventura", "macOS Sonoma" ], "bugzilla": "262337", "credit": "Emilio Cobos of Mozilla", "description": "The issue was addressed by adding additional logic.", "id": "CVE-2024-27838", "impact": "A maliciously crafted webpage may be able to fingerprint the user", "links": [ "https://support.apple.com/en-us/120896", "https://support.apple.com/en-us/120898", "https://support.apple.com/en-us/120901", "https://support.apple.com/en-us/120902", "https://support.apple.com/en-us/120903", "https://support.apple.com/en-us/120905", "https://support.apple.com/en-us/120906" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Alexander Heinrich, SEEMOO, TU Darmstadt (@Sn0wfreeze), and Shai Mishali (@freak4pc)", "description": "A privacy issue was addressed by moving sensitive data to a more secure location.", "id": "CVE-2024-27839", "impact": "A malicious application may be able to determine a user's current location", "links": [ "https://support.apple.com/en-us/120905" ], "module": "Find My", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 4 and later", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2024-27840", "impact": "An attacker that has already achieved kernel code execution may be able to bypass kernel memory protections", "links": [ "https://support.apple.com/en-us/120898", "https://support.apple.com/en-us/120899", "https://support.apple.com/en-us/120900", "https://support.apple.com/en-us/120901", "https://support.apple.com/en-us/120902", "https://support.apple.com/en-us/120905", "https://support.apple.com/en-us/120906" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "an anonymous researcher", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2024-27841", "impact": "An app may be able to disclose kernel memory", "links": [ "https://support.apple.com/en-us/120903", "https://support.apple.com/en-us/120905" ], "module": "AVEVideoEncoder", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "CertiK SkyFall Team", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-27842", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/120903" ], "module": "udf", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2024-27843", "impact": "An app may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/120899", "https://support.apple.com/en-us/120900", "https://support.apple.com/en-us/120903" ], "module": "SharedFileList", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro", "macOS Monterey and macOS Ventura", "macOS Sonoma" ], "credit": "Narendra Bhati of Suma Soft Pvt. Ltd in Pune (India), Shaheen Fazim", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-27844", "impact": "A website's permission dialog may persist after navigation away from the site", "links": [ "https://support.apple.com/en-us/120896", "https://support.apple.com/en-us/120903", "https://support.apple.com/en-us/120906" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Adam Berry", "description": "A privacy issue was addressed with improved handling of temporary files.", "id": "CVE-2024-27845", "impact": "An app may be able to access Notes attachments", "links": [ "https://support.apple.com/en-us/120905" ], "module": "Notes", "rsr": "", "update": "June 10, 2024" }, { "available": [ "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed with improved checks", "id": "CVE-2024-27847", "impact": "An app may be able to bypass Privacy preferences", "links": [ "https://support.apple.com/en-us/120898", "https://support.apple.com/en-us/120899", "https://support.apple.com/en-us/120900", "https://support.apple.com/en-us/120903", "https://support.apple.com/en-us/120905" ], "module": "Sync Services", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "Csaba Fitzl (@theevilbit) of Kandji", "description": "This issue was addressed with improved permissions checking.", "id": "CVE-2024-27848", "impact": "A malicious app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/120903", "https://support.apple.com/en-us/120905" ], "module": "StorageKit", "rsr": "", "update": "June 10, 2024" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)" ], "credit": "Kirin (@Pwnrin), Rodolphe Brunetti (@eisw0lf)", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2024-27849", "impact": "An app may be able to read sensitive location information", "links": [ "https://support.apple.com/en-us/121238" ], "module": "Core Data", "rsr": "", "update": "October 28, 2024" }, { "available": [ "Apple Vision Pro", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey and macOS Ventura", "macOS Sonoma" ], "bugzilla": "270767", "credit": "an anonymous researcher", "description": "This issue was addressed with improvements to the noise injection algorithm.", "id": "CVE-2024-27850", "impact": "A maliciously crafted webpage may be able to fingerprint the user", "links": [ "https://support.apple.com/en-us/120896", "https://support.apple.com/en-us/120903", "https://support.apple.com/en-us/120905", "https://support.apple.com/en-us/120906" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey and macOS Ventura", "macOS Sonoma" ], "bugzilla": "272106", "credit": "Nan Wang (@eternalsakura13) of 360 Vulnerability Research Institute", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2024-27851", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/120896", "https://support.apple.com/en-us/120901", "https://support.apple.com/en-us/120902", "https://support.apple.com/en-us/120903", "https://support.apple.com/en-us/120905", "https://support.apple.com/en-us/120906" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later" ], "credit": "Talal Haj Bakry and Tommy Mysk of Mysk Inc. (@mysk_co)", "description": "A privacy issue was addressed with improved client ID handling for alternative app marketplaces.", "id": "CVE-2024-27852", "impact": "A maliciously crafted webpage may be able to distribute a script that tracks users on other webpages", "links": [ "https://support.apple.com/en-us/120905" ], "module": "MarketplaceKit", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "koocola", "description": "This issue was addressed with improved checks.", "id": "CVE-2024-27853", "impact": "A maliciously crafted ZIP archive may bypass Gatekeeper checks", "links": [ "https://support.apple.com/en-us/120895" ], "module": "libarchive", "rsr": "", "update": "July 29, 2024" }, { "available": [ "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-27855", "impact": "A shortcut may be able to use sensitive data with certain actions without prompting the user", "links": [ "https://support.apple.com/en-us/120898", "https://support.apple.com/en-us/120900", "https://support.apple.com/en-us/120903", "https://support.apple.com/en-us/120905" ], "module": "Shortcuts", "rsr": "", "update": "June 10, 2024" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 4 and later", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey and macOS Ventura", "macOS Sonoma" ], "bugzilla": "268765", "credit": "Maksymilian Motyl of Immunity Systems, Junsung Lee working with Trend Micro Zero Day Initiative, and ajajfxhj", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-27856", "impact": "Processing a file may lead to unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/120896", "https://support.apple.com/en-us/120898", "https://support.apple.com/en-us/120901", "https://support.apple.com/en-us/120902", "https://support.apple.com/en-us/120903", "https://support.apple.com/en-us/120905", "https://support.apple.com/en-us/120906" ], "module": "WebKit", "rsr": "", "update": "January 15, 2025" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative", "description": "An out-of-bounds access issue was addressed with improved bounds checking.", "id": "CVE-2024-27857", "impact": "A remote attacker may be able to cause unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/120901", "https://support.apple.com/en-us/120903", "https://support.apple.com/en-us/120905", "https://support.apple.com/en-us/120906" ], "module": "Metal", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)" ], "credit": "Meng Zhang (\u9cb8\u843d) of NorthSea, Csaba Fitzl (@theevilbit) of Kandji", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2024-27858", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/121238" ], "module": "Music", "rsr": "", "update": "October 28, 2024" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "bugzilla": "263001", "credit": "Pwn2car", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2024-27859", "impact": "Processing web content may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/120881", "https://support.apple.com/en-us/120882", "https://support.apple.com/en-us/120883", "https://support.apple.com/en-us/120893", "https://support.apple.com/en-us/120895" ], "module": "WebKit", "rsr": "", "update": "March 7, 2024, updated February 5, 2025" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)" ], "credit": "Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2024-27860", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/121238" ], "module": "AppleVA", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)" ], "credit": "Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2024-27861", "impact": "An application may be able to read restricted memory", "links": [ "https://support.apple.com/en-us/121238" ], "module": "AppleVA", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "Jiwon Park", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2024-27862", "impact": "Enabling Lockdown Mode while setting up a Mac may cause FileVault to become unexpectedly disabled", "links": [ "https://support.apple.com/en-us/120911" ], "module": "Setup Assistant", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "CertiK SkyFall Team", "description": "An information disclosure issue was addressed with improved private data redaction for log entries.", "id": "CVE-2024-27863", "impact": "A local attacker may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/120909", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120914", "https://support.apple.com/en-us/120915", "https://support.apple.com/en-us/120916" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "AirPods (2nd generation and later), AirPods Pro (all models), AirPods Max, Powerbeats Pro, and Beats Fit Pro" ], "credit": "Jonas Dre\u00dfler", "description": "An authentication issue was addressed with improved state management.", "id": "CVE-2024-27867", "impact": "When your headphones are seeking a connection request to one of your previously paired devices, an attacker in Bluetooth range might be able to spoof the intended source device and gain access to your headphones", "links": [ "https://support.apple.com/en-us/120907" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "an anonymous researcher", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-27869", "impact": "An app may be able to record the screen without an indicator", "links": [ "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121250" ], "module": "Control Center", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "Mickey Jin (@patch1t), Csaba Fitzl (@theevilbit) of Kandji, and Zhongquan Li (@Guluisacat) of Dawn Security Lab of JingDong", "description": "A path handling issue was addressed with improved validation.", "id": "CVE-2024-27871", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/120909", "https://support.apple.com/en-us/120911" ], "module": "Sandbox", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "Zhongquan Li (@Guluisacat) of Dawn Security Lab of JingDong", "description": "This issue was addressed with improved validation of symlinks.", "id": "CVE-2024-27872", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/120911" ], "module": "Security Initialization", "rsr": "", "update": "" }, { "available": [ "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Amir Bazine and Karsten K\u00f6nig of CrowdStrike Counter Adversary Operations", "description": "An out-of-bounds write issue was addressed with improved input validation.", "id": "CVE-2024-27873", "impact": "Processing a maliciously crafted video file may lead to unexpected app termination", "links": [ "https://support.apple.com/en-us/120908", "https://support.apple.com/en-us/120909", "https://support.apple.com/en-us/120910", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120912" ], "module": "CoreMedia", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Tuan D. Hoang", "description": "This issue was addressed through improved state management.", "id": "CVE-2024-27874", "impact": "A remote attacker may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/121250" ], "module": "Cellular", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)" ], "credit": "Yi\u011fit Can YILMAZ (@yilmazcanyigit)", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2024-27875", "impact": "Privacy Indicators for microphone or camera access may be attributed incorrectly", "links": [ "https://support.apple.com/en-us/121238" ], "module": "Control Center", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sonoma", "macOS Ventura" ], "credit": "Snoolie Keffaber (@0xilis)", "description": "A race condition was addressed with improved locking.", "id": "CVE-2024-27876", "impact": "Unpacking a maliciously crafted archive may allow an attacker to write arbitrary files", "links": [ "https://support.apple.com/en-us/121234", "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121246", "https://support.apple.com/en-us/121247", "https://support.apple.com/en-us/121249", "https://support.apple.com/en-us/121250" ], "module": "Compression", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2024-27877", "impact": "Processing a maliciously crafted file may lead to unexpected app termination", "links": [ "https://support.apple.com/en-us/120910", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120912" ], "module": "AppleVA", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "CertiK SkyFall Team", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2024-27878", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/120911" ], "module": "ASP TCP", "rsr": "", "update": "November 13, 2024" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Justin Cohen", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2024-27879", "impact": "An attacker may be able to cause unexpected app termination", "links": [ "https://support.apple.com/en-us/121246", "https://support.apple.com/en-us/121250" ], "module": "UIKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "Junsung Lee", "description": "An out-of-bounds read issue was addressed with improved input validation.", "id": "CVE-2024-27880", "impact": "Processing a maliciously crafted file may lead to unexpected app termination", "links": [ "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121240", "https://support.apple.com/en-us/121246", "https://support.apple.com/en-us/121247", "https://support.apple.com/en-us/121248", "https://support.apple.com/en-us/121249", "https://support.apple.com/en-us/121250" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Kirin (@Pwnrin)", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2024-27881", "impact": "An app may be able to access information about a user\u2019s contacts", "links": [ "https://support.apple.com/en-us/120910", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120912" ], "module": "Scripting Bridge", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2024-27882", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/120910", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120912" ], "module": "PackageKit", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t), and Csaba Fitzl (@theevilbit) of Kandji", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2024-27883", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/120910", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120912" ], "module": "PackageKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed with a new entitlement.", "id": "CVE-2024-27884", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/120901", "https://support.apple.com/en-us/120902", "https://support.apple.com/en-us/120903", "https://support.apple.com/en-us/120905", "https://support.apple.com/en-us/120906" ], "module": "Transparency", "rsr": "", "update": "July 29, 2024" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed with improved validation of symlinks.", "id": "CVE-2024-27885", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/120899", "https://support.apple.com/en-us/120900", "https://support.apple.com/en-us/120903" ], "module": "PackageKit", "rsr": "", "update": "June 10, 2024" }, { "available": [ "macOS Sonoma", "macOS Ventura" ], "credit": "Stephan Casas, an anonymous researcher", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2024-27886", "impact": "An unprivileged app may be able to log keystrokes in other apps including those using secure input mode", "links": [ "https://support.apple.com/en-us/120895", "https://support.apple.com/en-us/121234" ], "module": "AppKit", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "Mickey Jin (@patch1t)", "description": "A path handling issue was addressed with improved validation.", "id": "CVE-2024-27887", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/120895" ], "module": "NSSpellChecker", "rsr": "", "update": "July 29, 2024" }, { "available": [ "macOS Sonoma" ], "credit": "Mickey Jin (@patch1t)", "description": "A permissions issue was addressed by removing vulnerable code and adding additional checks.", "id": "CVE-2024-27888", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/120895" ], "module": "PackageKit", "rsr": "", "update": "July 29, 2024" }, { "available": [ "macOS Sonoma 14.5 and later" ], "credit": "", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2024-32002", "impact": "Cloning a maliciously crafted repository may result in remote code execution", "links": [ "https://support.apple.com/en-us/121239" ], "module": "Git", "rsr": "", "update": "October 28, 2024" }, { "available": [ "" ], "credit": "", "description": "This is a vulnerability in open source code and Apple Software among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2024-38476", "impact": "Multiple issues existed in Apache", "links": [ "https://support.apple.com/en-us/121564" ], "module": "Apache", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "", "description": "This is a vulnerability in open source code and Apple Software among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2024-38477", "impact": "Multiple issues existed in Apache", "links": [ "https://support.apple.com/en-us/121564" ], "module": "Apache", "rsr": "", "update": "" }, { "available": [ "" ], "credit": "", "description": "This is a vulnerability in open source code and Apple Software among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2024-39573", "impact": "Multiple issues existed in Apache", "links": [ "https://support.apple.com/en-us/121564" ], "module": "Apache", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)" ], "credit": "", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2024-39894", "impact": "Multiple issues in OpenSSH", "links": [ "https://support.apple.com/en-us/121238" ], "module": "OpenSSH", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)" ], "credit": "Yi\u011fit Can YILMAZ (@yilmazcanyigit)", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2024-40770", "impact": "A non-privileged user may be able to modify restricted network settings", "links": [ "https://support.apple.com/en-us/121238" ], "module": "Wi-Fi", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 4 and later", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2024-40771", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/120898", "https://support.apple.com/en-us/120899", "https://support.apple.com/en-us/120900", "https://support.apple.com/en-us/120901", "https://support.apple.com/en-us/120902", "https://support.apple.com/en-us/120903", "https://support.apple.com/en-us/120905", "https://support.apple.com/en-us/120906" ], "module": "AVEVideoEncoder", "rsr": "", "update": "January 15, 2025" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "A downgrade issue was addressed with additional code-signing restrictions.", "id": "CVE-2024-40774", "impact": "An app may be able to bypass Privacy preferences", "links": [ "https://support.apple.com/en-us/120909", "https://support.apple.com/en-us/120910", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120912", "https://support.apple.com/en-us/120914", "https://support.apple.com/en-us/120916" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "A downgrade issue was addressed with additional code-signing restrictions.", "id": "CVE-2024-40775", "impact": "An app may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/120910", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120912" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 4 and later", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey and macOS Ventura", "macOS Sonoma" ], "bugzilla": "273176", "credit": "Huang Xilin of Ant Group Light-Year Security Lab", "description": "A use-after-free issue was addressed with improved memory management.", "id": "CVE-2024-40776", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/120908", "https://support.apple.com/en-us/120909", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120913", "https://support.apple.com/en-us/120914", "https://support.apple.com/en-us/120915", "https://support.apple.com/en-us/120916" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "Junsung Lee working with Trend Micro Zero Day Initiative, and Amir Bazine and Karsten K\u00f6nig of CrowdStrike Counter Adversary Operations", "description": "An out-of-bounds access issue was addressed with improved bounds checking.", "id": "CVE-2024-40777", "impact": "Processing a maliciously crafted file may lead to unexpected app termination", "links": [ "https://support.apple.com/en-us/120909", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120914", "https://support.apple.com/en-us/120915", "https://support.apple.com/en-us/120916" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "Mateen Alinaghi", "description": "An authentication issue was addressed with improved state management.", "id": "CVE-2024-40778", "impact": "Photos in the Hidden Photos Album may be viewed without authentication", "links": [ "https://support.apple.com/en-us/120908", "https://support.apple.com/en-us/120909", "https://support.apple.com/en-us/120911" ], "module": "Photos Storage", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 4 and later", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey and macOS Ventura", "macOS Sonoma" ], "bugzilla": "275431", "credit": "Huang Xilin of Ant Group Light-Year Security Lab", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2024-40779", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/120908", "https://support.apple.com/en-us/120909", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120913", "https://support.apple.com/en-us/120914", "https://support.apple.com/en-us/120915", "https://support.apple.com/en-us/120916" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 4 and later", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey and macOS Ventura", "macOS Sonoma" ], "bugzilla": "275273", "credit": "Huang Xilin of Ant Group Light-Year Security Lab", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2024-40780", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/120908", "https://support.apple.com/en-us/120909", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120913", "https://support.apple.com/en-us/120914", "https://support.apple.com/en-us/120915", "https://support.apple.com/en-us/120916" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-40781", "impact": "A local attacker may be able to elevate their privileges", "links": [ "https://support.apple.com/en-us/120910", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120912" ], "module": "PackageKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 4 and later", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey and macOS Ventura", "macOS Sonoma" ], "bugzilla": "268770", "credit": "Maksymilian Motyl", "description": "A use-after-free issue was addressed with improved memory management.", "id": "CVE-2024-40782", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/120908", "https://support.apple.com/en-us/120909", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120913", "https://support.apple.com/en-us/120914", "https://support.apple.com/en-us/120915", "https://support.apple.com/en-us/120916" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Csaba Fitzl (@theevilbit) of Kandji", "description": "The issue was addressed with improved restriction of data container access.", "id": "CVE-2024-40783", "impact": "A malicious application may be able to bypass Privacy preferences", "links": [ "https://support.apple.com/en-us/120910", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120912" ], "module": "APFS", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 4 and later", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma", "macOS Ventura" ], "credit": "Junsung Lee working with Trend Micro Zero Day Initiative, Gandalf4a", "description": "An integer overflow was addressed with improved input validation.", "id": "CVE-2024-40784", "impact": "Processing a maliciously crafted file may lead to unexpected app termination", "links": [ "https://support.apple.com/en-us/120908", "https://support.apple.com/en-us/120909", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120912", "https://support.apple.com/en-us/120914", "https://support.apple.com/en-us/120915", "https://support.apple.com/en-us/120916" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 4 and later", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey and macOS Ventura", "macOS Sonoma" ], "bugzilla": "273805", "credit": "Johan Carlsson (joaxcar)", "description": "This issue was addressed with improved checks.", "id": "CVE-2024-40785", "impact": "Processing maliciously crafted web content may lead to a cross site scripting attack", "links": [ "https://support.apple.com/en-us/120908", "https://support.apple.com/en-us/120909", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120913", "https://support.apple.com/en-us/120914", "https://support.apple.com/en-us/120915", "https://support.apple.com/en-us/120916" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Bistrit Dahal", "description": "This issue was addressed through improved state management.", "id": "CVE-2024-40786", "impact": "An attacker may be able to view sensitive user information", "links": [ "https://support.apple.com/en-us/120908", "https://support.apple.com/en-us/120909", "https://support.apple.com/en-us/120912" ], "module": "Siri", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "This issue was addressed by adding an additional prompt for user consent.", "id": "CVE-2024-40787", "impact": "A shortcut may be able to bypass Internet permission requirements", "links": [ "https://support.apple.com/en-us/120909", "https://support.apple.com/en-us/120910", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120912", "https://support.apple.com/en-us/120916" ], "module": "Shortcuts", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 4 and later", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Minghao Lin and Jiaxun Zhu from Zhejiang University", "description": "A type confusion issue was addressed with improved memory handling.", "id": "CVE-2024-40788", "impact": "A local attacker may be able to cause unexpected system shutdown", "links": [ "https://support.apple.com/en-us/120908", "https://support.apple.com/en-us/120909", "https://support.apple.com/en-us/120910", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120912", "https://support.apple.com/en-us/120914", "https://support.apple.com/en-us/120915", "https://support.apple.com/en-us/120916" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 4 and later", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey and macOS Ventura", "macOS Sonoma" ], "credit": "Seunghyun Lee (@0x10n) of KAIST Hacking Lab working with Trend Micro Zero Day Initiative", "description": "An out-of-bounds access issue was addressed with improved bounds checking.", "id": "CVE-2024-40789", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/120908", "https://support.apple.com/en-us/120909", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120913", "https://support.apple.com/en-us/120914", "https://support.apple.com/en-us/120915", "https://support.apple.com/en-us/120916" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro" ], "credit": "Max Thomas", "description": "The issue was addressed with improved handling of caches.", "id": "CVE-2024-40790", "impact": "An app may be able to read sensitive data from the GPU memory", "links": [ "https://support.apple.com/en-us/121249" ], "module": "Presence", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sonoma", "macOS Ventura" ], "credit": "Rodolphe BRUNETTI (@eisw0lf)", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2024-40791", "impact": "An app may be able to access information about a user's contacts", "links": [ "https://support.apple.com/en-us/121234", "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121246", "https://support.apple.com/en-us/121247", "https://support.apple.com/en-us/121250" ], "module": "Mail Accounts", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)" ], "credit": "Yi\u011fit Can YILMAZ (@yilmazcanyigit)", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2024-40792", "impact": "A malicious app may be able to change network settings", "links": [ "https://support.apple.com/en-us/121238" ], "module": "Airport", "rsr": "", "update": "October 28, 2024" }, { "available": [ "Apple Watch Series 4 and later", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Kirin (@Pwnrin)", "description": "This issue was addressed by removing the vulnerable code.", "id": "CVE-2024-40793", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/120908", "https://support.apple.com/en-us/120909", "https://support.apple.com/en-us/120910", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120912", "https://support.apple.com/en-us/120916" ], "module": "Shortcuts", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey and macOS Ventura", "macOS Sonoma" ], "bugzilla": "275272", "credit": "Matthew Butler", "description": "This issue was addressed through improved state management.", "id": "CVE-2024-40794", "impact": "Private Browsing tabs may be accessed without authentication", "links": [ "https://support.apple.com/en-us/120909", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120913" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "Csaba Fitzl (@theevilbit) of Kandji", "description": "This issue was addressed with improved data protection.", "id": "CVE-2024-40795", "impact": "An app may be able to read sensitive location information", "links": [ "https://support.apple.com/en-us/120909", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120914", "https://support.apple.com/en-us/120916" ], "module": "Family Sharing", "rsr": "", "update": "" }, { "available": [ "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Adam M.", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2024-40796", "impact": "Private browsing may leak some browsing history", "links": [ "https://support.apple.com/en-us/120908", "https://support.apple.com/en-us/120910", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120912" ], "module": "NetworkExtension", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "macOS Sonoma", "macOS Ventura" ], "credit": "Rifa'i Rejal Maynando", "description": "This issue was addressed through improved state management.", "id": "CVE-2024-40797", "impact": "Visiting a malicious website may lead to user interface spoofing", "links": [ "https://support.apple.com/en-us/121234", "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121247" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Adam M.", "description": "This issue was addressed with improved redaction of sensitive information.", "id": "CVE-2024-40798", "impact": "An app may be able to read Safari's browsing history", "links": [ "https://support.apple.com/en-us/120908", "https://support.apple.com/en-us/120910", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120912" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 4 and later", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "D4m0n", "description": "An out-of-bounds read issue was addressed with improved input validation.", "id": "CVE-2024-40799", "impact": "Processing a maliciously crafted file may lead to unexpected app termination", "links": [ "https://support.apple.com/en-us/120908", "https://support.apple.com/en-us/120909", "https://support.apple.com/en-us/120910", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120912", "https://support.apple.com/en-us/120914", "https://support.apple.com/en-us/120915", "https://support.apple.com/en-us/120916" ], "module": "CoreGraphics", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Claudio Bozzato and Francesco Benvenuto of Cisco Talos", "description": "An input validation issue was addressed with improved input validation.", "id": "CVE-2024-40800", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/120910", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120912" ], "module": "Restore Framework", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "macOS Sonoma" ], "credit": "Zhongquan Li (@Guluisacat), Pedro Jos\u00e9 Pereira Vieito (@pvieito), an anonymous researcher", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2024-40801", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121247" ], "module": "Security Initialization", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-40802", "impact": "A local attacker may be able to elevate their privileges", "links": [ "https://support.apple.com/en-us/120910", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120912" ], "module": "PackageKit", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Patrick Wardle of DoubleYou & the Objective-See Foundation", "description": "A type confusion issue was addressed with improved checks.", "id": "CVE-2024-40803", "impact": "An attacker may be able to cause unexpected app termination", "links": [ "https://support.apple.com/en-us/120910", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120912" ], "module": "Keychain Access", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "IES Red Team of ByteDance", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-40804", "impact": "A malicious application may be able to access private information", "links": [ "https://support.apple.com/en-us/120911" ], "module": "Accounts", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2024-40805", "impact": "An app may be able to bypass Privacy preferences", "links": [ "https://support.apple.com/en-us/120909", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120914", "https://support.apple.com/en-us/120916" ], "module": "libxpc", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 4 and later", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Yisumi", "description": "An out-of-bounds read issue was addressed with improved input validation.", "id": "CVE-2024-40806", "impact": "Processing a maliciously crafted file may lead to unexpected app termination", "links": [ "https://support.apple.com/en-us/120908", "https://support.apple.com/en-us/120909", "https://support.apple.com/en-us/120910", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120912", "https://support.apple.com/en-us/120914", "https://support.apple.com/en-us/120915", "https://support.apple.com/en-us/120916" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2024-40807", "impact": "A shortcut may be able to use sensitive data with certain actions without prompting the user", "links": [ "https://support.apple.com/en-us/120910", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120912" ], "module": "Shortcuts", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro", "Apple Watch Series 4 and later", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2024-40809", "impact": "A shortcut may be able to bypass Internet permission requirements", "links": [ "https://support.apple.com/en-us/120908", "https://support.apple.com/en-us/120909", "https://support.apple.com/en-us/120910", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120912", "https://support.apple.com/en-us/120915", "https://support.apple.com/en-us/120916" ], "module": "Shortcuts", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "Ye Zhang (@VAR10CK) of Baidu Security", "description": "An out-of-bounds write issue was addressed with improved input validation.", "id": "CVE-2024-40810", "impact": "An app may be able to cause a coprocessor crash", "links": [ "https://support.apple.com/en-us/120911" ], "module": "IOMobileFrameBuffer", "rsr": "", "update": "October 15, 2024" }, { "available": [ "macOS Sonoma" ], "credit": "Arsenii Kostromin (0x3c3e)", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-40811", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/120911" ], "module": "sudo", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro", "Apple Watch Series 4 and later", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2024-40812", "impact": "A shortcut may be able to bypass Internet permission requirements", "links": [ "https://support.apple.com/en-us/120908", "https://support.apple.com/en-us/120909", "https://support.apple.com/en-us/120910", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120912", "https://support.apple.com/en-us/120915", "https://support.apple.com/en-us/120916" ], "module": "Shortcuts", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Jacob Braun", "description": "A lock screen issue was addressed with improved state management.", "id": "CVE-2024-40813", "impact": "An attacker with physical access may be able to use Siri to access sensitive user data", "links": [ "https://support.apple.com/en-us/120909", "https://support.apple.com/en-us/120916" ], "module": "Phone", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "A downgrade issue was addressed with additional code-signing restrictions.", "id": "CVE-2024-40814", "impact": "An app may be able to bypass Privacy preferences", "links": [ "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/121234" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma", "macOS Ventura" ], "credit": "w0wbox", "description": "A race condition was addressed with additional validation.", "id": "CVE-2024-40815", "impact": "A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication", "links": [ "https://support.apple.com/en-us/120909", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120912", "https://support.apple.com/en-us/120914", "https://support.apple.com/en-us/120916" ], "module": "dyld", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "sqrtpwn", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2024-40816", "impact": "A local attacker may be able to cause unexpected system shutdown", "links": [ "https://support.apple.com/en-us/120910", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120912" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Monterey and macOS Ventura", "macOS Sonoma", "macOS Ventura" ], "credit": "Yadhu Krishna M and Narendra Bhati, Manager of Cyber Security At Suma Soft Pvt. Ltd, Pune (India)", "description": "The issue was addressed with improved UI handling.", "id": "CVE-2024-40817", "impact": "Visiting a website that frames malicious content may lead to UI spoofing", "links": [ "https://support.apple.com/en-us/120910", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120912", "https://support.apple.com/en-us/120913" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 4 and later", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma", "macOS Ventura" ], "credit": "Bistrit Dahal and Srijan Poudel", "description": "This issue was addressed by restricting options offered on a locked device.", "id": "CVE-2024-40818", "impact": "An attacker with physical access may be able to use Siri to access sensitive user data", "links": [ "https://support.apple.com/en-us/120908", "https://support.apple.com/en-us/120909", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120912", "https://support.apple.com/en-us/120916" ], "module": "Siri", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Joshua Jones", "description": "An access issue was addressed with additional sandbox restrictions.", "id": "CVE-2024-40821", "impact": "Third party app extensions may not receive the correct sandbox restrictions", "links": [ "https://support.apple.com/en-us/120910", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120912" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 4 and later", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "Srijan Poudel", "description": "This issue was addressed by restricting options offered on a locked device.", "id": "CVE-2024-40822", "impact": "An attacker with physical access to a device may be able to access contacts from the lock screen", "links": [ "https://support.apple.com/en-us/120908", "https://support.apple.com/en-us/120909", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120916" ], "module": "Siri", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Zhongquan Li (@Guluisacat) from Dawn Security Lab of JingDong", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-40823", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/120910", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120912" ], "module": "PackageKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "Wojciech Regula of SecuRing (wojciechregula.blog), and Zhongquan Li (@Guluisacat) from Dawn Security Lab of JingDong", "description": "This issue was addressed through improved state management.", "id": "CVE-2024-40824", "impact": "An app may be able to bypass Privacy preferences", "links": [ "https://support.apple.com/en-us/120909", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120914", "https://support.apple.com/en-us/120916" ], "module": "Sandbox", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)" ], "credit": "Pedro T\u00f4rres (@t0rr3sp3dr0)", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-40825", "impact": "A malicious app with root privileges may be able to modify the contents of system files", "links": [ "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121249" ], "module": "APFS", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "an anonymous researcher", "description": "A privacy issue was addressed with improved handling of files.", "id": "CVE-2024-40826", "impact": "An unencrypted document may be written to a temporary file when using print preview", "links": [ "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121250" ], "module": "Printing", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-40827", "impact": "An app may be able to overwrite arbitrary files", "links": [ "https://support.apple.com/en-us/120910", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120912" ], "module": "DesktopServices", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-40828", "impact": "A malicious app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/120910", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120912" ], "module": "StorageKit", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 4 and later", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Ventura" ], "credit": "Abhay Kailasia (@abhay_kailasia) of Lakshmi Narain College of Technology Bhopal India", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-40829", "impact": "An attacker may be able to view restricted content from the lock screen", "links": [ "https://support.apple.com/en-us/120908", "https://support.apple.com/en-us/120909", "https://support.apple.com/en-us/120912", "https://support.apple.com/en-us/120916" ], "module": "VoiceOver", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Chloe Surett", "description": "This issue was addressed with improved data protection.", "id": "CVE-2024-40830", "impact": "An app may be able to enumerate a user's installed apps", "links": [ "https://support.apple.com/en-us/121250" ], "module": "Accessibility", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)" ], "credit": "Mickey Jin (@patch1t)", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2024-40831", "impact": "An app may be able to access a user's Photos Library", "links": [ "https://support.apple.com/en-us/121238" ], "module": "Image Capture", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "Rodolphe BRUNETTI (@eisw0lf)", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-40832", "impact": "An app may be able to view a contact's phone number in system logs", "links": [ "https://support.apple.com/en-us/120911" ], "module": "Messages", "rsr": "", "update": "" }, { "available": [ "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2024-40833", "impact": "A shortcut may be able to use sensitive data with certain actions without prompting the user", "links": [ "https://support.apple.com/en-us/120908", "https://support.apple.com/en-us/120910", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120912" ], "module": "Shortcuts", "rsr": "", "update": "" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Marcio Almeida from Tanto Security", "description": "This issue was addressed by adding an additional prompt for user consent.", "id": "CVE-2024-40834", "impact": "A shortcut may be able to bypass sensitive Shortcuts app settings", "links": [ "https://support.apple.com/en-us/120910", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120912" ], "module": "Shortcuts", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 4 and later", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2024-40835", "impact": "A shortcut may be able to use sensitive data with certain actions without prompting the user", "links": [ "https://support.apple.com/en-us/120908", "https://support.apple.com/en-us/120909", "https://support.apple.com/en-us/120910", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120912", "https://support.apple.com/en-us/120916" ], "module": "Shortcuts", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 4 and later", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "an anonymous researcher", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2024-40836", "impact": "A shortcut may be able to use sensitive data with certain actions without prompting the user", "links": [ "https://support.apple.com/en-us/120908", "https://support.apple.com/en-us/120909", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120916" ], "module": "Shortcuts", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)" ], "credit": "Kirin (@Pwnrin)", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2024-40837", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/121238" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)" ], "credit": "Brian McNulty, Cristian Dinca of \"Tudor Vianu\" National High School of Computer Science, Romania, Vaibhav Prajapati", "description": "A privacy issue was addressed by moving sensitive data to a protected location.", "id": "CVE-2024-40838", "impact": "A malicious app may be able to access notifications from the user's device", "links": [ "https://support.apple.com/en-us/121238" ], "module": "Notification Center", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Abhay Kailasia (@abhay_kailasia) of Lakshmi Narain College of Technology Bhopal", "description": "This issue was addressed through improved state management.", "id": "CVE-2024-40839", "impact": "An attacker with physical access to an iOS device may be able to view notification contents from the Lock Screen", "links": [ "https://support.apple.com/en-us/120905" ], "module": "Status Bar", "rsr": "", "update": "January 15, 2025" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Abhay Kailasia (@abhay_kailasia) of Lakshmi Narain College of Technology Bhopal India", "description": "This issue was addressed through improved state management.", "id": "CVE-2024-40840", "impact": "An attacker with physical access may be able to use Siri to access sensitive user data", "links": [ "https://support.apple.com/en-us/121250" ], "module": "Accessibility", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "macOS Sonoma" ], "credit": "Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2024-40841", "impact": "Processing a maliciously crafted video file may lead to unexpected app termination", "links": [ "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121247" ], "module": "AppleVA", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)" ], "credit": "Gergely Kalman (@gergely_kalman)", "description": "An issue was addressed with improved validation of environment variables.", "id": "CVE-2024-40842", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/121238" ], "module": "XProtect", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)" ], "credit": "Koh M. Nakagawa (@tsunek0h)", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-40843", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/121238" ], "module": "XProtect", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma", "macOS Ventura" ], "credit": "Kirin (@Pwnrin) and luckyu (@uuulucky) of NorthSea", "description": "A privacy issue was addressed with improved handling of temporary files.", "id": "CVE-2024-40844", "impact": "An app may be able to observe data displayed to the user by Shortcuts", "links": [ "https://support.apple.com/en-us/121234", "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121246", "https://support.apple.com/en-us/121247" ], "module": "Shortcuts", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "macOS Sonoma" ], "credit": "Pwn2car working with Trend Micro Zero Day Initiative", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2024-40845", "impact": "Processing a maliciously crafted video file may lead to unexpected app termination", "links": [ "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121247" ], "module": "AppleGraphicsControl", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "macOS Sonoma" ], "credit": "Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2024-40846", "impact": "Processing a maliciously crafted video file may lead to unexpected app termination", "links": [ "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121247" ], "module": "AppleGraphicsControl", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "The issue was addressed with additional code-signing restrictions.", "id": "CVE-2024-40847", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/121234", "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121247" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "A downgrade issue was addressed with additional code-signing restrictions.", "id": "CVE-2024-40848", "impact": "An attacker may be able to read sensitive information", "links": [ "https://support.apple.com/en-us/121234", "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121247" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "Arsenii Kostromin (0x3c3e)", "description": "A race condition was addressed with additional validation.", "id": "CVE-2024-40849", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/121564" ], "module": "LaunchServices", "rsr": "", "update": "December 11, 2024" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sonoma", "macOS Ventura" ], "credit": "Denis Tokarev (@illusionofcha0s)", "description": "A file access issue was addressed with improved input validation.", "id": "CVE-2024-40850", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/121234", "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121240", "https://support.apple.com/en-us/121246", "https://support.apple.com/en-us/121247", "https://support.apple.com/en-us/121248", "https://support.apple.com/en-us/121249", "https://support.apple.com/en-us/121250" ], "module": "Game Center", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Abhay Kailasia (@abhay_kailasia) of Lakshmi Narain College of Technology Bhopal India, Srijan Poudel", "description": "This issue was addressed by restricting options offered on a locked device.", "id": "CVE-2024-40851", "impact": "An attacker with physical access may be able to access contact photos from the lock screen", "links": [ "https://support.apple.com/en-us/121563" ], "module": "Siri", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Abhay Kailasia (@abhay_kailasia) of Lakshmi Narain College of Technology Bhopal India", "description": "This issue was addressed by restricting options offered on a locked device.", "id": "CVE-2024-40852", "impact": "An attacker may be able to see recent photos without authentication in Assistive Access", "links": [ "https://support.apple.com/en-us/121250" ], "module": "Accessibility", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Chi Yuan Chang of ZUSO ART and taikosoup", "description": "This issue was addressed by restricting options offered on a locked device.", "id": "CVE-2024-40853", "impact": "An attacker may be able to use Siri to enable Auto-Answer Calls", "links": [ "https://support.apple.com/en-us/121250" ], "module": "Siri", "rsr": "", "update": "October 28, 2024" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Wang Yu of Cyberserval", "description": "A memory initialization issue was addressed with improved memory handling.", "id": "CVE-2024-40854", "impact": "An app may be able to cause unexpected system termination", "links": [ "https://support.apple.com/en-us/121563", "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121567", "https://support.apple.com/en-us/121568", "https://support.apple.com/en-us/121570" ], "module": "GPU Drivers", "rsr": "", "update": "January 15, 2025" }, { "available": [ "Apple Vision Pro", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "macOS Sonoma", "macOS Ventura" ], "credit": "Csaba Fitzl (@theevilbit) of Kandji", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-40855", "impact": "A sandboxed app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121249", "https://support.apple.com/en-us/121568", "https://support.apple.com/en-us/121570" ], "module": "DiskArbitration", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Preet Dsouza (Fleming College, Computer Security & Investigations Program), Domien Schepers", "description": "An integrity issue was addressed with Beacon Protection.", "id": "CVE-2024-40856", "impact": "An attacker may be able to force a device to disconnect from a secure network", "links": [ "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121248", "https://support.apple.com/en-us/121250" ], "module": "Wi-Fi", "rsr": "", "update": "March 3, 2025" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Ventura and macOS Sonoma" ], "bugzilla": "268724", "credit": "Ron Masas", "description": "This issue was addressed through improved state management.", "id": "CVE-2024-40857", "impact": "Processing maliciously crafted web content may lead to universal cross site scripting", "links": [ "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121240", "https://support.apple.com/en-us/121241", "https://support.apple.com/en-us/121248", "https://support.apple.com/en-us/121249", "https://support.apple.com/en-us/121250" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "Csaba Fitzl (@theevilbit) of Kandji", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2024-40858", "impact": "An app may be able to access Contacts without user consent", "links": [ "https://support.apple.com/en-us/121564" ], "module": "Photos", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)" ], "credit": "Csaba Fitzl (@theevilbit) of Kandji", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2024-40859", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/121238" ], "module": "TV App", "rsr": "", "update": "October 28, 2024" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "macOS Sonoma" ], "credit": "Arsenii Kostromin (0x3c3e)", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2024-40860", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121247" ], "module": "sudo", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)" ], "credit": "Mickey Jin (@patch1t)", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-40861", "impact": "An app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/121238" ], "module": "Installer", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma 14.5 and later" ], "credit": "Guilherme Rambo of Best Buddy Apps (rambo.codes)", "description": "A privacy issue was addressed by removing sensitive data.", "id": "CVE-2024-40862", "impact": "An attacker may be able to determine the Apple ID of the owner of the computer", "links": [ "https://support.apple.com/en-us/121239" ], "module": "IDE Tools", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Csaba Fitzl (@theevilbit) of Kandji", "description": "This issue was addressed with improved data protection.", "id": "CVE-2024-40863", "impact": "An app may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/121250" ], "module": "Sandbox", "rsr": "", "update": "October 28, 2024" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia" ], "credit": "Wojciech Regula of SecuRing (wojciechregula.blog)", "description": "The issue was addressed with improved handling of protocols.", "id": "CVE-2024-40864", "impact": "An attacker in a privileged network position may be able to track a user's activity", "links": [ "https://support.apple.com/en-us/121837", "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121843", "https://support.apple.com/en-us/121844" ], "module": "Apple Account", "rsr": "", "update": "April 2, 2025" }, { "available": [ "Apple Vision Pro" ], "credit": "Hanqiu Wang of University of Florida, Zihao Zhan of Texas Tech University, Haoqi Shan of Certik, Siqi Dai of University of Florida, Max Panoff of University of Florida, and Shuo Wang of University of Florida", "description": "The issue was addressed by suspending Persona when the virtual keyboard is active.", "id": "CVE-2024-40865", "impact": "Inputs to the virtual keyboard may be inferred from Persona", "links": [ "https://support.apple.com/en-us/120915" ], "module": "Presence", "rsr": "", "update": "September 5, 2024" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "macOS Ventura and macOS Sonoma" ], "bugzilla": "279451", "credit": "Hafiizh and YoKo Kho (@yokoacc) of HakTrak", "description": "The issue was addressed with improved UI.", "id": "CVE-2024-40866", "impact": "Visiting a malicious website may lead to address bar spoofing", "links": [ "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121241" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Ziyi Zhou (@Shanghai Jiao Tong University), Tianxiao Hou (@Shanghai Jiao Tong University)", "description": "A custom URL scheme handling issue was addressed with improved input validation.", "id": "CVE-2024-40867", "impact": "A remote attacker may be able to break out of Web Content sandbox", "links": [ "https://support.apple.com/en-us/121563" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)" ], "credit": "", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2024-41957", "impact": "Processing a maliciously crafted file may lead to unexpected app termination", "links": [ "https://support.apple.com/en-us/121238" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2024-44122", "impact": "An application may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121250", "https://support.apple.com/en-us/121568", "https://support.apple.com/en-us/121570" ], "module": "LaunchServices", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Wojciech Regula of SecuRing (wojciechregula.blog)", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2024-44123", "impact": "A malicious app with root privileges may be able to access keyboard input and location information without user consent", "links": [ "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121250" ], "module": "Security", "rsr": "", "update": "October 28, 2024" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Daniele Antonioli", "description": "This issue was addressed through improved state management.", "id": "CVE-2024-44124", "impact": "A malicious Bluetooth input device may bypass pairing", "links": [ "https://support.apple.com/en-us/121250" ], "module": "Core Bluetooth", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "macOS Sonoma" ], "credit": "Zhongquan Li (@Guluisacat)", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-44125", "impact": "A malicious application may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121247" ], "module": "Sandbox", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sonoma", "macOS Ventura" ], "credit": "Holger Fuhrmannek", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-44126", "impact": "Processing a maliciously crafted file may lead to heap corruption", "links": [ "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121246", "https://support.apple.com/en-us/121247", "https://support.apple.com/en-us/121249", "https://support.apple.com/en-us/121250", "https://support.apple.com/en-us/121568" ], "module": "ARKit", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Anamika Adhikari", "description": "This issue was addressed through improved state management.", "id": "CVE-2024-44127", "impact": "Private Browsing tabs may be accessed without authentication", "links": [ "https://support.apple.com/en-us/121246", "https://support.apple.com/en-us/121250" ], "module": "Safari Private Browsing", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "macOS Sonoma", "macOS Ventura" ], "credit": "Anton Boegler", "description": "This issue was addressed by adding an additional prompt for user consent.", "id": "CVE-2024-44128", "impact": "An Automator Quick Action workflow may be able to bypass Gatekeeper", "links": [ "https://support.apple.com/en-us/121234", "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121247" ], "module": "Automator", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "macOS Ventura" ], "credit": "", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-44129", "impact": "An app may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/121234", "https://support.apple.com/en-us/121238" ], "module": "Accounts", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)" ], "credit": "", "description": "This issue was addressed with improved data protection.", "id": "CVE-2024-44130", "impact": "An app with root privileges may be able to access private information", "links": [ "https://support.apple.com/en-us/121238" ], "module": "APNs", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "@08Tc3wBB of Jamf", "description": "This issue was addressed with improved validation of symlinks.", "id": "CVE-2024-44131", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121250" ], "module": "FileProvider", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed with improved handling of symlinks.", "id": "CVE-2024-44132", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/121238" ], "module": "ArchiveService", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)" ], "credit": "Jonathan Bar Or (@yo_yo_yo_jbo) of Microsoft", "description": "This issue was addressed by removing the vulnerable code.", "id": "CVE-2024-44133", "impact": "On MDM managed devices, an app may be able to bypass certain Privacy preferences", "links": [ "https://support.apple.com/en-us/121238" ], "module": "TCC", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)" ], "credit": "", "description": "This issue was addressed with improved redaction of sensitive information.", "id": "CVE-2024-44134", "impact": "An app may be able to read sensitive location information", "links": [ "https://support.apple.com/en-us/121238" ], "module": "Wi-Fi", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "macOS Sonoma" ], "credit": "Mickey Jin (@patch1t)", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2024-44135", "impact": "An app may be able to access protected files within an App Sandbox container", "links": [ "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121247" ], "module": "AppSandbox", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Lucas Monteiro, Daniel Monteiro, and Felipe Monteiro", "description": "This issue was addressed through improved state management.", "id": "CVE-2024-44136", "impact": "An attacker with physical access to a device may be able to disable Stolen Device Protection", "links": [ "https://support.apple.com/en-us/120905" ], "module": "Face ID", "rsr": "", "update": "January 15, 2025" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "macOS Sonoma", "macOS Ventura" ], "credit": "Halle Winkler, Politepix @hallewinkler", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-44137", "impact": "An attacker with physical access may be able to share items from the lock screen", "links": [ "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121568", "https://support.apple.com/en-us/121570" ], "module": "Screen Capture", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Srijan Poudel", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-44139", "impact": "An attacker with physical access may be able to access contacts from the lock screen", "links": [ "https://support.apple.com/en-us/121250" ], "module": "Siri", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "Yann Gascuel of Alter Solutions", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-44141", "impact": "A person with physical access to an unlocked Mac may be able to gain root code execution", "links": [ "https://support.apple.com/en-us/120911" ], "module": "DiskArbitration", "rsr": "", "update": "October 15, 2024" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "\ub0e5\ub0e5", "description": "A buffer overflow was addressed with improved size validation.", "id": "CVE-2024-44144", "impact": "Processing a maliciously crafted file may lead to unexpected app termination", "links": [ "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121240", "https://support.apple.com/en-us/121248", "https://support.apple.com/en-us/121249", "https://support.apple.com/en-us/121250", "https://support.apple.com/en-us/121567", "https://support.apple.com/en-us/121570" ], "module": "SceneKit", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Om Kothawade of Zaprico Digital, Omar A. Alanis from the UNTHSC College of Pharmacy", "description": "This issue was addressed through improved state management.", "id": "CVE-2024-44145", "impact": "An attacker with physical access to a macOS device with Sidecar enabled may be able to bypass the Lock Screen", "links": [ "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121250" ], "module": "Sidecar", "rsr": "", "update": "October 28, 2024" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)" ], "credit": "an anonymous researcher", "description": "A logic issue was addressed with improved file handling.", "id": "CVE-2024-44146", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/121238" ], "module": "copyfile", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Alexander Heinrich, SEEMOO, DistriNet, KU Leuven (@vanhoefm), TU Darmstadt (@Sn0wfreeze) and Mathy Vanhoef", "description": "This issue was addressed through improved state management.", "id": "CVE-2024-44147", "impact": "An app may gain unauthorized access to Local Network", "links": [ "https://support.apple.com/en-us/121250" ], "module": "NetworkExtension", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)" ], "credit": "an anonymous researcher", "description": "This issue was addressed with improved validation of file attributes.", "id": "CVE-2024-44148", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/121238" ], "module": "Disk Images", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)" ], "credit": "Wojciech Regula of SecuRing (wojciechregula.blog), Csaba Fitzl (@theevilbit) of Kandji", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2024-44149", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/121238" ], "module": "Quick Look", "rsr": "", "update": "October 28, 2024" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2024-44151", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/121234", "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121247" ], "module": "bless", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)" ], "credit": "Kirin (@Pwnrin)", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2024-44152", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/121238" ], "module": "System Settings", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "macOS Sonoma" ], "credit": "Mickey Jin (@patch1t)", "description": "The issue was addressed with improved permissions logic.", "id": "CVE-2024-44153", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121247" ], "module": "Accounts", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "macOS Sonoma" ], "credit": "Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative", "description": "A memory initialization issue was addressed with improved memory handling.", "id": "CVE-2024-44154", "impact": "Processing a maliciously crafted file may lead to unexpected app termination", "links": [ "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121247" ], "module": "AppleGraphicsControl", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 6 and later", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Ventura and macOS Sonoma" ], "credit": "Narendra Bhati, Manager of Cyber Security at Suma Soft Pvt. Ltd, Pune (India)", "description": "A custom URL scheme handling issue was addressed with improved input validation.", "id": "CVE-2024-44155", "impact": "Maliciously crafted web content may violate iframe sandboxing policy", "links": [ "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121240", "https://support.apple.com/en-us/121241", "https://support.apple.com/en-us/121250", "https://support.apple.com/en-us/121567" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Arsenii Kostromin (0x3c3e)", "description": "A path deletion vulnerability was addressed by preventing vulnerable code from running with privileges.", "id": "CVE-2024-44156", "impact": "An app may be able to bypass Privacy preferences", "links": [ "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121568", "https://support.apple.com/en-us/121570" ], "module": "PackageKit", "rsr": "", "update": "" }, { "available": [ "Windows 10 22H2 and later", "Windows 10 and later" ], "credit": "Willy R. Vasquez of The University of Texas at Austin and Srikanth Narayanaraju", "description": "A stack buffer overflow was addressed through improved input validation.", "id": "CVE-2024-44157", "impact": "Parsing a maliciously crafted video file may lead to unexpected system termination", "links": [ "https://support.apple.com/en-us/121328", "https://support.apple.com/en-us/121441" ], "module": "Video Playback", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma", "macOS Ventura" ], "credit": "Kirin (@Pwnrin)", "description": "This issue was addressed with improved redaction of sensitive information.", "id": "CVE-2024-44158", "impact": "A shortcut may output sensitive user data without consent", "links": [ "https://support.apple.com/en-us/121234", "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121246", "https://support.apple.com/en-us/121247" ], "module": "Shortcuts", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "A path deletion vulnerability was addressed by preventing vulnerable code from running with privileges.", "id": "CVE-2024-44159", "impact": "An app may be able to bypass Privacy preferences", "links": [ "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121568", "https://support.apple.com/en-us/121570" ], "module": "PackageKit", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "macOS Sonoma", "macOS Ventura" ], "credit": "Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2024-44160", "impact": "Processing a maliciously crafted texture may lead to unexpected app termination", "links": [ "https://support.apple.com/en-us/121234", "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121247" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "macOS Sonoma", "macOS Ventura" ], "credit": "Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2024-44161", "impact": "Processing a maliciously crafted texture may lead to unexpected app termination", "links": [ "https://support.apple.com/en-us/121234", "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121247" ], "module": "Intel Graphics Driver", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma 14.5 and later" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed by enabling hardened runtime.", "id": "CVE-2024-44162", "impact": "A malicious application may gain access to a user's Keychain items", "links": [ "https://support.apple.com/en-us/121239" ], "module": "IDE Documentation", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "macOS Sonoma", "macOS Ventura" ], "credit": "Zhongquan Li (@Guluisacat)", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-44163", "impact": "A malicious application may be able to access private information", "links": [ "https://support.apple.com/en-us/121234", "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121247" ], "module": "Sandbox", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed with improved checks.", "id": "CVE-2024-44164", "impact": "An app may be able to bypass Privacy preferences", "links": [ "https://support.apple.com/en-us/121234", "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121246", "https://support.apple.com/en-us/121247" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sonoma", "macOS Ventura" ], "credit": "Andrew Lytvynov", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2024-44165", "impact": "Network traffic may leak outside a VPN tunnel", "links": [ "https://support.apple.com/en-us/121234", "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121246", "https://support.apple.com/en-us/121247", "https://support.apple.com/en-us/121249", "https://support.apple.com/en-us/121250" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "macOS Sonoma", "macOS Ventura" ], "credit": "Kirin (@Pwnrin) and LFY (@secsys) from Fudan University", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2024-44166", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/121234", "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121247" ], "module": "System Settings", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sonoma", "macOS Ventura" ], "credit": "ajajfxhj", "description": "This issue was addressed by removing the vulnerable code.", "id": "CVE-2024-44167", "impact": "An app may be able to overwrite arbitrary files", "links": [ "https://support.apple.com/en-us/121234", "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121247", "https://support.apple.com/en-us/121249", "https://support.apple.com/en-us/121250" ], "module": "Notes", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "macOS Sonoma", "macOS Ventura" ], "credit": "Claudio Bozzato and Francesco Benvenuto of Cisco Talos", "description": "A library injection issue was addressed with additional restrictions.", "id": "CVE-2024-44168", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/121234", "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121247" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sonoma", "macOS Ventura" ], "credit": "Antonio Zeki\u0107", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2024-44169", "impact": "An app may be able to cause unexpected system termination", "links": [ "https://support.apple.com/en-us/121234", "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121240", "https://support.apple.com/en-us/121246", "https://support.apple.com/en-us/121247", "https://support.apple.com/en-us/121248", "https://support.apple.com/en-us/121249", "https://support.apple.com/en-us/121250" ], "module": "IOSurfaceAccelerator", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 6 and later", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "K\u5b9d, LFY (@secsys), Smi1e, yulige, Cristian Dinca (icmd.tech), Rodolphe BRUNETTI (@eisw0lf)", "description": "A privacy issue was addressed by moving sensitive data to a more secure location.", "id": "CVE-2024-44170", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121240", "https://support.apple.com/en-us/121250" ], "module": "Siri", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Jake Derouin (jakederouin.com)", "description": "This issue was addressed through improved state management.", "id": "CVE-2024-44171", "impact": "An attacker with physical access to a locked device may be able to Control Nearby Devices via accessibility features", "links": [ "https://support.apple.com/en-us/121240", "https://support.apple.com/en-us/121246", "https://support.apple.com/en-us/121250" ], "module": "Accessibility", "rsr": "", "update": "March 3, 2025" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)" ], "credit": "Kirin (@Pwnrin)", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2024-44172", "impact": "An app may be able to access contacts", "links": [ "https://support.apple.com/en-us/121238" ], "module": "Contacts", "rsr": "", "update": "January 27, 2025" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)" ], "credit": "Vivek Dhar, working as Assistant Sub-Inspector (RM) in Border Security Force (Frontier Headquarter BSF Kashmir)", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-44174", "impact": "An attacker may be able to view restricted content from the lock screen", "links": [ "https://support.apple.com/en-us/121238" ], "module": "Screen Capture", "rsr": "", "update": "October 28, 2024, updated March 3, 2025" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "macOS Sonoma" ], "credit": "Csaba Fitzl (@theevilbit) of Kandji", "description": "This issue was addressed with improved validation of symlinks.", "id": "CVE-2024-44175", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121570" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sonoma", "macOS Ventura" ], "credit": "dw0r of ZeroPointer Lab working with Trend Micro Zero Day Initiative and an anonymous researcher", "description": "An out-of-bounds access issue was addressed with improved bounds checking.", "id": "CVE-2024-44176", "impact": "Processing an image may lead to a denial-of-service", "links": [ "https://support.apple.com/en-us/121234", "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121240", "https://support.apple.com/en-us/121246", "https://support.apple.com/en-us/121247", "https://support.apple.com/en-us/121248", "https://support.apple.com/en-us/121249", "https://support.apple.com/en-us/121250" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "A privacy issue was addressed by removing sensitive data.", "id": "CVE-2024-44177", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/121234", "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121247" ], "module": "Dock", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed with improved validation of symlinks.", "id": "CVE-2024-44178", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/121234", "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121247" ], "module": "PackageKit", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Bistrit Dahal, Matej Moravec (@MacejkoMoravec)", "description": "This issue was addressed by restricting options offered on a locked device.", "id": "CVE-2024-44179", "impact": "An attacker with physical access to a device may be able to read contact numbers from the lock screen", "links": [ "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121246", "https://support.apple.com/en-us/121250" ], "module": "Siri", "rsr": "", "update": "March 3, 2025" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Bistrit Dahal", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-44180", "impact": "An attacker with physical access may be able to access contacts from the lock screen", "links": [ "https://support.apple.com/en-us/121250" ], "module": "Siri", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "macOS Sonoma", "macOS Ventura" ], "credit": "Kirin(@Pwnrin) and LFY(@secsys) from Fudan University", "description": "An issue was addressed with improved handling of temporary files.", "id": "CVE-2024-44181", "impact": "An app may be able to read sensitive location information", "links": [ "https://support.apple.com/en-us/121234", "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121247" ], "module": "Maps", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "macOS Sonoma", "macOS Ventura" ], "credit": "Kirin (@Pwnrin)", "description": "This issue was addressed with improved redaction of sensitive information.", "id": "CVE-2024-44182", "impact": "An app may be able to access sensitive data logged when a shortcut fails to launch another app", "links": [ "https://support.apple.com/en-us/121234", "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121247" ], "module": "App Intents", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sonoma", "macOS Ventura" ], "credit": "Olivier Levon", "description": "A logic error was addressed with improved error handling.", "id": "CVE-2024-44183", "impact": "An app may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/121234", "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121240", "https://support.apple.com/en-us/121246", "https://support.apple.com/en-us/121247", "https://support.apple.com/en-us/121248", "https://support.apple.com/en-us/121249", "https://support.apple.com/en-us/121250" ], "module": "mDNSResponder", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sonoma", "macOS Ventura" ], "credit": "Bohdan Stasiuk (@Bohdan_Stasiuk)", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2024-44184", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/121234", "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121246", "https://support.apple.com/en-us/121247", "https://support.apple.com/en-us/121250" ], "module": "Transparency", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey and macOS Ventura", "macOS Sonoma" ], "bugzilla": "276097", "credit": "Gary Kwong", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-44185", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/120909", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120913", "https://support.apple.com/en-us/120914", "https://support.apple.com/en-us/120915", "https://support.apple.com/en-us/120916" ], "module": "WebKit", "rsr": "", "update": "October 15, 2024" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)" ], "credit": "an anonymous researcher", "description": "An access issue was addressed with additional sandbox restrictions.", "id": "CVE-2024-44186", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/121238" ], "module": "NSColor", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Ventura and macOS Sonoma" ], "bugzilla": "279452", "credit": "Narendra Bhati, Manager of Cyber Security at Suma Soft Pvt. Ltd, Pune (India)", "description": "A cross-origin issue existed with \"iframe\" elements. This was addressed with improved tracking of security origins.", "id": "CVE-2024-44187", "impact": "A malicious website may exfiltrate data cross-origin", "links": [ "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121240", "https://support.apple.com/en-us/121241", "https://support.apple.com/en-us/121248", "https://support.apple.com/en-us/121249", "https://support.apple.com/en-us/121250" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)" ], "credit": "Bohdan Stasiuk (@Bohdan_Stasiuk)", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2024-44188", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/121238" ], "module": "Accounts", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)" ], "credit": "Tim Clem", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-44189", "impact": "A logic issue existed where a process may be able to capture screen contents without user consent", "links": [ "https://support.apple.com/en-us/121238" ], "module": "WindowServer", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "macOS Sonoma", "macOS Ventura" ], "credit": "Rodolphe BRUNETTI (@eisw0lf)", "description": "A path handling issue was addressed with improved validation.", "id": "CVE-2024-44190", "impact": "An app may be able to read arbitrary files", "links": [ "https://support.apple.com/en-us/121234", "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121247" ], "module": "System Settings", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sonoma 14.5 and later" ], "credit": "Alexander Heinrich, SEEMOO, DistriNet, KU Leuven (@vanhoefm), TU Darmstadt (@Sn0wfreeze) and Mathy Vanhoef", "description": "This issue was addressed through improved state management.", "id": "CVE-2024-44191", "impact": "An app may gain unauthorized access to Bluetooth", "links": [ "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121239", "https://support.apple.com/en-us/121240", "https://support.apple.com/en-us/121246", "https://support.apple.com/en-us/121248", "https://support.apple.com/en-us/121249", "https://support.apple.com/en-us/121250" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Ventura and macOS Sonoma" ], "bugzilla": "268770", "credit": "Tashita Software Security", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-44192", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121240", "https://support.apple.com/en-us/121241", "https://support.apple.com/en-us/121248", "https://support.apple.com/en-us/121249", "https://support.apple.com/en-us/121250" ], "module": "WebKit", "rsr": "", "update": "March 3, 2025" }, { "available": [ "Windows 10 and later" ], "credit": "Mads Ball, Bocheng Xiang with Fudan University", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2024-44193", "impact": "A local attacker may be able to elevate their privileges", "links": [ "https://support.apple.com/en-us/121328" ], "module": "iTunes", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia" ], "credit": "Rodolphe Brunetti (@eisw0lf)", "description": "This issue was addressed with improved redaction of sensitive information.", "id": "CVE-2024-44194", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/121563", "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121565", "https://support.apple.com/en-us/121566" ], "module": "Siri", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "an anonymous researcher", "description": "A logic issue was addressed with improved validation.", "id": "CVE-2024-44195", "impact": "An app may be able to read arbitrary files", "links": [ "https://support.apple.com/en-us/121564" ], "module": "Quick Look", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Csaba Fitzl (@theevilbit) of Kandji", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2024-44196", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121568", "https://support.apple.com/en-us/121570" ], "module": "PackageKit", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Wang Yu of Cyberserval", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2024-44197", "impact": "An app may be able to cause unexpected system termination or corrupt kernel memory", "links": [ "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121568", "https://support.apple.com/en-us/121570" ], "module": "IOGPUFamily", "rsr": "", "update": "August 28, 2025" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "OSS-Fuzz, Ned Williamson of Google Project Zero", "description": "An integer overflow was addressed through improved input validation.", "id": "CVE-2024-44198", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121240", "https://support.apple.com/en-us/121248", "https://support.apple.com/en-us/121249", "https://support.apple.com/en-us/121250" ], "module": "libxml2", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "Wang Yu of Cyberserval", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2024-44199", "impact": "An app may be able to cause unexpected system termination or read kernel memory", "links": [ "https://support.apple.com/en-us/120911" ], "module": "IOMobileFrameBuffer", "rsr": "", "update": "March 20, 2025" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia" ], "credit": "Cristian Dinca (icmd.tech)", "description": "This issue was addressed with improved redaction of sensitive information.", "id": "CVE-2024-44200", "impact": "An app may be able to read sensitive location information", "links": [ "https://support.apple.com/en-us/121563", "https://support.apple.com/en-us/121564" ], "module": "Siri", "rsr": "", "update": "December 11, 2024" }, { "available": [ "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Ben Roeder", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2024-44201", "impact": "Processing a malicious crafted file may lead to a denial-of-service", "links": [ "https://support.apple.com/en-us/121563", "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121838", "https://support.apple.com/en-us/121840", "https://support.apple.com/en-us/121842" ], "module": "libarchive", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Ventura and macOS Sonoma" ], "credit": "Kenneth Chew", "description": "An authentication issue was addressed with improved state management.", "id": "CVE-2024-44202", "impact": "Private Browsing tabs may be accessed without authentication", "links": [ "https://support.apple.com/en-us/121241", "https://support.apple.com/en-us/121250" ], "module": "Safari Private Browsing", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)" ], "credit": "Yi\u011fit Can YILMAZ (@yilmazcanyigit), Wojciech Regula of SecuRing (wojciechregula.blog), Kirin (@Pwnrin) of NorthSea", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2024-44203", "impact": "An app may be able to access a user's Photos Library", "links": [ "https://support.apple.com/en-us/121238" ], "module": "Sandbox", "rsr": "", "update": "October 28, 2024" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Bistrit Dahal", "description": "A logic issue was addressed with improved validation.", "id": "CVE-2024-44204", "impact": "A user's saved passwords may be read aloud by VoiceOver", "links": [ "https://support.apple.com/en-us/121373" ], "module": "Passwords", "rsr": "", "update": "" }, { "available": [ "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "Jiahui Hu (\u6885\u96f6\u843d) and Meng Zhang (\u9cb8\u843d) of NorthSea", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2024-44205", "impact": "A sandboxed app may be able to access sensitive user data in system logs", "links": [ "https://support.apple.com/en-us/120908", "https://support.apple.com/en-us/120909", "https://support.apple.com/en-us/120910", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120912" ], "module": "Siri", "rsr": "", "update": "October 15, 2024" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey and macOS Ventura", "macOS Sonoma" ], "bugzilla": "280765", "credit": "Andreas Jaegersberger and Ro Achterberg", "description": "An issue in the handling of URL protocols was addressed with improved logic.", "id": "CVE-2024-44206", "impact": "A user may be able to bypass some web content restrictions", "links": [ "https://support.apple.com/en-us/120909", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120913", "https://support.apple.com/en-us/120914", "https://support.apple.com/en-us/120915", "https://support.apple.com/en-us/120916" ], "module": "WebKit", "rsr": "", "update": "October 15, 2024" }, { "available": [ "iPhone 16 (all models)" ], "credit": "Michael Jimenez and an anonymous researcher", "description": "This issue was addressed with improved checks.", "id": "CVE-2024-44207", "impact": "Audio messages in Messages may be able to capture a few seconds of audio before the microphone indicator is activated", "links": [ "https://support.apple.com/en-us/121373" ], "module": "Media Session", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)" ], "credit": "an anonymous researcher", "description": "This issue was addressed through improved state management.", "id": "CVE-2024-44208", "impact": "An app may be able to bypass certain Privacy preferences", "links": [ "https://support.apple.com/en-us/121238" ], "module": "WindowServer", "rsr": "", "update": "October 28, 2024" }, { "available": [ "macOS Sequoia" ], "credit": "Mickey Jin (@patch1t), Csaba Fitzl (@theevilbit) of Kandji", "description": "This issue was addressed with improved permissions checking.", "id": "CVE-2024-44210", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/121564" ], "module": "StorageKit", "rsr": "", "update": "January 16, 2026" }, { "available": [ "macOS Sequoia" ], "credit": "Gergely Kalman (@gergely_kalman) and Csaba Fitzl (@theevilbit)", "description": "This issue was addressed with improved validation of symlinks.", "id": "CVE-2024-44211", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/121564" ], "module": "Sandbox", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "bugzilla": "279226", "credit": "Wojciech Regula of SecuRing (wojciechregula.blog)", "description": "A cookie management issue was addressed with improved state management.", "id": "CVE-2024-44212", "impact": "Cookies belonging to one origin may be sent to another origin", "links": [ "https://support.apple.com/en-us/121563", "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121565", "https://support.apple.com/en-us/121566", "https://support.apple.com/en-us/121569", "https://support.apple.com/en-us/121571" ], "module": "WebKit", "rsr": "", "update": "December 11, 2024" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Alexandre Bedard", "description": "An issue existed in the parsing of URLs. This issue was addressed with improved input validation.", "id": "CVE-2024-44213", "impact": "An attacker in a privileged network position may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121568", "https://support.apple.com/en-us/121570" ], "module": "CUPS", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Junsung Lee working with Trend Micro Zero Day Initiative", "description": "This issue was addressed with improved checks.", "id": "CVE-2024-44215", "impact": "Processing an image may result in disclosure of process memory", "links": [ "https://support.apple.com/en-us/121563", "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121565", "https://support.apple.com/en-us/121566", "https://support.apple.com/en-us/121567", "https://support.apple.com/en-us/121568", "https://support.apple.com/en-us/121569", "https://support.apple.com/en-us/121570" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Zhongquan Li (@Guluisacat)", "description": "An access issue was addressed with additional sandbox restrictions.", "id": "CVE-2024-44216", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121568", "https://support.apple.com/en-us/121570" ], "module": "Installer", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Bistrit Dahal, Joshua Keller, Lukas, and an anonymous researcher", "description": "A permissions issue was addressed by removing vulnerable code and adding additional checks.", "id": "CVE-2024-44217", "impact": "Password autofill may fill in passwords after failing authentication", "links": [ "https://support.apple.com/en-us/121250" ], "module": "Passwords", "rsr": "", "update": "October 28, 2024, updated March 3, 2025" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma" ], "credit": "Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative", "description": "This issue was addressed with improved checks.", "id": "CVE-2024-44218", "impact": "Processing a maliciously crafted file may lead to heap corruption", "links": [ "https://support.apple.com/en-us/121563", "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121567", "https://support.apple.com/en-us/121570" ], "module": "SceneKit", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "Ryan Dowd (@_rdowd)", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2024-44219", "impact": "A malicious application with root privileges may be able to access private information", "links": [ "https://support.apple.com/en-us/121564" ], "module": "Sandbox", "rsr": "", "update": "December 11, 2024" }, { "available": [ "macOS Sequoia", "macOS Sonoma" ], "credit": "D4m0n", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2024-44220", "impact": "Parsing a maliciously crafted video file may lead to unexpected system termination", "links": [ "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121840" ], "module": "AppleGraphicsControl", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Kirin (@Pwnrin)", "description": "This issue was addressed with improved redaction of sensitive information.", "id": "CVE-2024-44222", "impact": "An app may be able to read sensitive location information", "links": [ "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121568", "https://support.apple.com/en-us/121570" ], "module": "Maps", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "Jaime Bertran", "description": "This issue was addressed through improved state management.", "id": "CVE-2024-44223", "impact": "An attacker with physical access to a Mac may be able to view protected content from the Login Window", "links": [ "https://support.apple.com/en-us/121564" ], "module": "Login Window", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Amy (@asentientbot)", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2024-44224", "impact": "A malicious app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121840", "https://support.apple.com/en-us/121842" ], "module": "StorageKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "\u98ce\u6c90\u4e91\u70df(@binary_fmyy)", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2024-44225", "impact": "An app may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/121837", "https://support.apple.com/en-us/121838", "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121840", "https://support.apple.com/en-us/121842", "https://support.apple.com/en-us/121843", "https://support.apple.com/en-us/121844" ], "module": "libxpc", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Tim Michaud (@TimGMichaud) of Moveworks.ai", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2024-44227", "impact": "An app may be able to cause unexpected system termination or corrupt kernel memory", "links": [ "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121250" ], "module": "Wi-Fi", "rsr": "", "update": "March 3, 2025" }, { "available": [ "macOS Sonoma 14.5 and later" ], "credit": "Wojciech Regula of SecuRing (wojciechregula.blog)", "description": "This issue was addressed with improved permissions checking.", "id": "CVE-2024-44228", "impact": "An app may be able to inherit Xcode permissions and access user data", "links": [ "https://support.apple.com/en-us/121239" ], "module": "Playgrounds", "rsr": "", "update": "October 28, 2024" }, { "available": [ "Apple Vision Pro", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "credit": "Lucas Di Tomase", "description": "An information leakage was addressed with additional validation.", "id": "CVE-2024-44229", "impact": "Private browsing may leak some browsing history", "links": [ "https://support.apple.com/en-us/121563", "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121566", "https://support.apple.com/en-us/121571" ], "module": "Safari Private Browsing", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "Toomas R\u00f6mer", "description": "This issue was addressed through improved state management.", "id": "CVE-2024-44231", "impact": "A person with physical access to a Mac may be able to bypass Login Window during a software update", "links": [ "https://support.apple.com/en-us/121564" ], "module": "Login Window", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Ivan Fratric of Google Project Zero", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2024-44232", "impact": "Parsing a maliciously crafted video file may lead to unexpected system termination", "links": [ "https://support.apple.com/en-us/121563", "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121565", "https://support.apple.com/en-us/121566", "https://support.apple.com/en-us/121567", "https://support.apple.com/en-us/121568", "https://support.apple.com/en-us/121569", "https://support.apple.com/en-us/121570" ], "module": "AppleAVD", "rsr": "", "update": "November 1, 2024" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Ivan Fratric of Google Project Zero", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2024-44233", "impact": "Parsing a maliciously crafted video file may lead to unexpected system termination", "links": [ "https://support.apple.com/en-us/121563", "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121565", "https://support.apple.com/en-us/121566", "https://support.apple.com/en-us/121567", "https://support.apple.com/en-us/121568", "https://support.apple.com/en-us/121569", "https://support.apple.com/en-us/121570" ], "module": "AppleAVD", "rsr": "", "update": "November 1, 2024" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Ivan Fratric of Google Project Zero", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2024-44234", "impact": "Parsing a maliciously crafted video file may lead to unexpected system termination", "links": [ "https://support.apple.com/en-us/121563", "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121565", "https://support.apple.com/en-us/121566", "https://support.apple.com/en-us/121567", "https://support.apple.com/en-us/121568", "https://support.apple.com/en-us/121569", "https://support.apple.com/en-us/121570" ], "module": "AppleAVD", "rsr": "", "update": "November 1, 2024" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Rizki Maulana (rmrizki.my.id), Dalibor Milanovic, Richard Hyunho Im (@richeeta) with Route Zero Security", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-44235", "impact": "An attacker may be able to view restricted content from the lock screen", "links": [ "https://support.apple.com/en-us/121563" ], "module": "Spotlight", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative", "description": "An out-of-bounds access issue was addressed with improved bounds checking.", "id": "CVE-2024-44236", "impact": "Processing a maliciously crafted file may lead to unexpected app termination", "links": [ "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121568", "https://support.apple.com/en-us/121570" ], "module": "sips", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative", "description": "An out-of-bounds access issue was addressed with improved bounds checking.", "id": "CVE-2024-44237", "impact": "Processing a maliciously crafted file may lead to unexpected app termination", "links": [ "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121568", "https://support.apple.com/en-us/121570" ], "module": "sips", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia" ], "credit": "Ye Zhang (@VAR10CK) of Baidu Security", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2024-44238", "impact": "An app may be able to corrupt coprocessor memory", "links": [ "https://support.apple.com/en-us/121563", "https://support.apple.com/en-us/121564" ], "module": "IOMobileFrameBuffer", "rsr": "", "update": "January 16, 2026" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Mateusz Krzywicki (@krzywix)", "description": "An information disclosure issue was addressed with improved private data redaction for log entries.", "id": "CVE-2024-44239", "impact": "An app may be able to leak sensitive kernel state", "links": [ "https://support.apple.com/en-us/121563", "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121565", "https://support.apple.com/en-us/121566", "https://support.apple.com/en-us/121567", "https://support.apple.com/en-us/121568", "https://support.apple.com/en-us/121569", "https://support.apple.com/en-us/121570" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-44240", "impact": "Processing a maliciously crafted font may result in the disclosure of process memory", "links": [ "https://support.apple.com/en-us/121563", "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121565", "https://support.apple.com/en-us/121566", "https://support.apple.com/en-us/121567", "https://support.apple.com/en-us/121568", "https://support.apple.com/en-us/121569", "https://support.apple.com/en-us/121570" ], "module": "CoreText", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia" ], "credit": "Ye Zhang (@VAR10CK) of Baidu Security", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2024-44241", "impact": "An attacker may be able to cause unexpected system termination or arbitrary code execution in DCP firmware", "links": [ "https://support.apple.com/en-us/121563", "https://support.apple.com/en-us/121564" ], "module": "IOMobileFrameBuffer", "rsr": "", "update": "December 11, 2024" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia" ], "credit": "Ye Zhang (@VAR10CK) of Baidu Security", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2024-44242", "impact": "An attacker may be able to cause unexpected system termination or arbitrary code execution in DCP firmware", "links": [ "https://support.apple.com/en-us/121563", "https://support.apple.com/en-us/121564" ], "module": "IOMobileFrameBuffer", "rsr": "", "update": "December 11, 2024" }, { "available": [ "macOS Sequoia" ], "credit": "Mickey Jin (@patch1t), Jonathan Bar Or (@yo_yo_yo_jbo) of Microsoft", "description": "A configuration issue was addressed with additional restrictions.", "id": "CVE-2024-44243", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/121839" ], "module": "StorageKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "bugzilla": "279780", "credit": "an anonymous researcher, Q1IQ (@q1iqF) and P1umer (@p1umer)", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2024-44244", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/121563", "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121565", "https://support.apple.com/en-us/121566", "https://support.apple.com/en-us/121569", "https://support.apple.com/en-us/121571" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma" ], "credit": "an anonymous researcher", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2024-44245", "impact": "An app may be able to cause unexpected system termination or corrupt kernel memory", "links": [ "https://support.apple.com/en-us/121837", "https://support.apple.com/en-us/121838", "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121840", "https://support.apple.com/en-us/121845" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "credit": "Jacob Braun", "description": "The issue was addressed with improved routing of Safari-originated requests.", "id": "CVE-2024-44246", "impact": "On a device with Private Relay enabled, adding a website to the Safari Reading List may reveal the originating IP address to the website", "links": [ "https://support.apple.com/en-us/121837", "https://support.apple.com/en-us/121838", "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121846" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Un3xploitable of CW Research Inc", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-44247", "impact": "A malicious application may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121568", "https://support.apple.com/en-us/121570" ], "module": "PackageKit", "rsr": "", "update": "December 11, 2024" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Halle Winkler, Politepix (theoffcuts.org)", "description": "This issue was addressed through improved state management.", "id": "CVE-2024-44248", "impact": "A user with screen sharing access may be able to view another user's screen", "links": [ "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121840", "https://support.apple.com/en-us/121842" ], "module": "Screen Sharing Server", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "Mickey Jin (@patch1t)", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2024-44250", "impact": "An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges", "links": [ "https://support.apple.com/en-us/121564" ], "module": "XPC", "rsr": "", "update": "January 15, 2025" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Abhay Kailasia (@abhay_kailasia) of Lakshmi Narain College of Technology Bhopal India", "description": "This issue was addressed through improved state management.", "id": "CVE-2024-44251", "impact": "An attacker may be able to view restricted content from the lock screen", "links": [ "https://support.apple.com/en-us/121563" ], "module": "Spotlight", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Nimrat Khalsa, James Gill (@jjtech@infosec.exchange), Dragon Fruit Security (Davis Dai, ORAC Luoyun, Frank Du cooperative discovery)", "description": "A logic issue was addressed with improved file handling.", "id": "CVE-2024-44252", "impact": "Restoring a maliciously crafted backup file may lead to modification of protected system files", "links": [ "https://support.apple.com/en-us/121563", "https://support.apple.com/en-us/121566", "https://support.apple.com/en-us/121567", "https://support.apple.com/en-us/121569" ], "module": "MobileBackup", "rsr": "", "update": "January 16, 2026" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t), Csaba Fitzl (@theevilbit) of Kandji", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-44253", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121568", "https://support.apple.com/en-us/121570" ], "module": "PackageKit", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Kirin (@Pwnrin)", "description": "This issue was addressed with improved redaction of sensitive information.", "id": "CVE-2024-44254", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/121563", "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121565", "https://support.apple.com/en-us/121568", "https://support.apple.com/en-us/121570" ], "module": "Shortcuts", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "A path handling issue was addressed with improved logic.", "id": "CVE-2024-44255", "impact": "A malicious app may be able to run arbitrary shortcuts without user consent", "links": [ "https://support.apple.com/en-us/121563", "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121565", "https://support.apple.com/en-us/121566", "https://support.apple.com/en-us/121568", "https://support.apple.com/en-us/121569", "https://support.apple.com/en-us/121570" ], "module": "App Support", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "The issue was addressed with improved input sanitization.", "id": "CVE-2024-44256", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121568", "https://support.apple.com/en-us/121570" ], "module": "Messages", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Bohdan Stasiuk (@Bohdan_Stasiuk)", "description": "This issue was addressed with improved redaction of sensitive information.", "id": "CVE-2024-44257", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121568", "https://support.apple.com/en-us/121570" ], "module": "WindowServer", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Hichem Maloufi, Christian Mina, Ismail Amzdak", "description": "This issue was addressed with improved handling of symlinks.", "id": "CVE-2024-44258", "impact": "Restoring a maliciously crafted backup file may lead to modification of protected system files", "links": [ "https://support.apple.com/en-us/121563", "https://support.apple.com/en-us/121566", "https://support.apple.com/en-us/121567", "https://support.apple.com/en-us/121569" ], "module": "Managed Configuration", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "credit": "Narendra Bhati, Manager of Cyber Security at Suma Soft Pvt. Ltd, Pune (India)", "description": "This issue was addressed through improved state management.", "id": "CVE-2024-44259", "impact": "An attacker may be able to misuse a trust relationship to download malicious content", "links": [ "https://support.apple.com/en-us/121563", "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121566", "https://support.apple.com/en-us/121567", "https://support.apple.com/en-us/121571" ], "module": "Safari Downloads", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed by removing the vulnerable code.", "id": "CVE-2024-44260", "impact": "A malicious app with root privileges may be able to modify the contents of system files", "links": [ "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121568", "https://support.apple.com/en-us/121570" ], "module": "Assets", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Braylon (@softwarescool)", "description": "This issue was addressed by restricting options offered on a locked device.", "id": "CVE-2024-44261", "impact": "An attacker may be able to view restricted content from the lock screen", "links": [ "https://support.apple.com/en-us/121563", "https://support.apple.com/en-us/121567" ], "module": "VoiceOver", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro" ], "credit": "Justin Saboo", "description": "This issue was addressed with improved redaction of sensitive information.", "id": "CVE-2024-44262", "impact": "A user may be able to view sensitive user information", "links": [ "https://support.apple.com/en-us/121566" ], "module": "Lock Screen", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Kirin (@Pwnrin) and 7feilee", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2024-44263", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/121563" ], "module": "Siri", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed with improved validation of symlinks.", "id": "CVE-2024-44264", "impact": "A malicious app may be able to create symlinks to protected regions of the disk", "links": [ "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121568", "https://support.apple.com/en-us/121570" ], "module": "SystemMigration", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Ronny Stiftel", "description": "The issue was addressed by restricting options offered on a locked device.", "id": "CVE-2024-44265", "impact": "An attacker with physical access can input Game Controller events to apps running on a locked device", "links": [ "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121568", "https://support.apple.com/en-us/121570" ], "module": "Game Controllers", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Bohdan Stasiuk (@Bohdan_Stasiuk), Un3xploitable of CW Research Inc, Pedro T\u00f4rres (@t0rr3sp3dr0)", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-44267", "impact": "A malicious application may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121568", "https://support.apple.com/en-us/121570" ], "module": "PackageKit", "rsr": "", "update": "December 11, 2024" }, { "available": [ "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Kirin (@Pwnrin) and an anonymous researcher", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2024-44269", "impact": "A malicious app may use shortcuts to access restricted files", "links": [ "https://support.apple.com/en-us/121563", "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121565", "https://support.apple.com/en-us/121566", "https://support.apple.com/en-us/121567", "https://support.apple.com/en-us/121568", "https://support.apple.com/en-us/121570" ], "module": "Shortcuts", "rsr": "", "update": "December 11, 2024" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "A logic issue was addressed with improved validation.", "id": "CVE-2024-44270", "impact": "A sandboxed process may be able to circumvent sandbox restrictions", "links": [ "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121568", "https://support.apple.com/en-us/121570" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "an anonymous researcher", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-44271", "impact": "An app may be able to record the screen without an indicator", "links": [ "https://support.apple.com/en-us/121839" ], "module": "Control Center", "rsr": "", "update": "August 28, 2025" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma" ], "credit": "pattern-f (@pattern_F_), Hikerell of Loadshine Lab", "description": "This issue was addressed with improved handling of symlinks.", "id": "CVE-2024-44273", "impact": "A malicious app may be able to access private information", "links": [ "https://support.apple.com/en-us/121563", "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121565", "https://support.apple.com/en-us/121566", "https://support.apple.com/en-us/121569", "https://support.apple.com/en-us/121570" ], "module": "CoreMedia Playback", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 6 and later", "iPhone XS and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later" ], "credit": "Rizki Maulana (rmrizki.my.id), Matthew Butler, Jake Derouin", "description": "The issue was addressed with improved authentication.", "id": "CVE-2024-44274", "impact": "An attacker with physical access to a locked device may be able to view sensitive user information", "links": [ "https://support.apple.com/en-us/121563", "https://support.apple.com/en-us/121565", "https://support.apple.com/en-us/121567" ], "module": "Accessibility", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Arsenii Kostromin (0x3c3e)", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-44275", "impact": "A malicious application may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121568", "https://support.apple.com/en-us/121570" ], "module": "PackageKit", "rsr": "", "update": "December 11, 2024" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Talal Haj Bakry and Tommy Mysk of Mysk Inc. @mysk_co", "description": "This issue was addressed by using HTTPS when sending information over the network.", "id": "CVE-2024-44276", "impact": "A user in a privileged network position may be able to leak sensitive information", "links": [ "https://support.apple.com/en-us/121837" ], "module": "Passwords", "rsr": "", "update": "March 17, 2025" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia" ], "credit": "an anonymous researcher and Yinyi Wu(@_3ndy1) from Dawn Security Lab of JD.com, Inc.", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2024-44277", "impact": "An app may be able to cause unexpected system termination or corrupt kernel memory", "links": [ "https://support.apple.com/en-us/121563", "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121566", "https://support.apple.com/en-us/121569" ], "module": "Pro Res", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Kirin (@Pwnrin)", "description": "An information disclosure issue was addressed with improved private data redaction for log entries.", "id": "CVE-2024-44278", "impact": "A sandboxed app may be able to access sensitive user data in system logs", "links": [ "https://support.apple.com/en-us/121563", "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121565", "https://support.apple.com/en-us/121566", "https://support.apple.com/en-us/121567", "https://support.apple.com/en-us/121568", "https://support.apple.com/en-us/121570" ], "module": "Siri", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2024-44279", "impact": "Parsing a file may lead to disclosure of user information", "links": [ "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121568", "https://support.apple.com/en-us/121570" ], "module": "sips", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions.", "id": "CVE-2024-44280", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121568", "https://support.apple.com/en-us/121570" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2024-44281", "impact": "Parsing a file may lead to disclosure of user information", "links": [ "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121568", "https://support.apple.com/en-us/121570" ], "module": "sips", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2024-44282", "impact": "Parsing a file may lead to disclosure of user information", "links": [ "https://support.apple.com/en-us/121563", "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121565", "https://support.apple.com/en-us/121566", "https://support.apple.com/en-us/121567", "https://support.apple.com/en-us/121568", "https://support.apple.com/en-us/121569", "https://support.apple.com/en-us/121570" ], "module": "Foundation", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2024-44283", "impact": "Parsing a maliciously crafted file may lead to an unexpected app termination", "links": [ "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121568", "https://support.apple.com/en-us/121570" ], "module": "sips", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Junsung Lee, dw0r! working with Trend Micro Zero Day Initiative", "description": "An out-of-bounds write issue was addressed with improved input validation.", "id": "CVE-2024-44284", "impact": "Parsing a maliciously crafted file may lead to an unexpected app termination", "links": [ "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121568", "https://support.apple.com/en-us/121570" ], "module": "sips", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia" ], "credit": "an anonymous researcher", "description": "A use-after-free issue was addressed with improved memory management.", "id": "CVE-2024-44285", "impact": "An app may be able to cause unexpected system termination or corrupt kernel memory", "links": [ "https://support.apple.com/en-us/121563", "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121565", "https://support.apple.com/en-us/121566", "https://support.apple.com/en-us/121569" ], "module": "IOSurface", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "Garrett Moon of Excited Pixel LLC", "description": "This issue was addressed through improved state management.", "id": "CVE-2024-44286", "impact": "An attacker with physical access can input keyboard events to apps running on a locked device", "links": [ "https://support.apple.com/en-us/121564" ], "module": "LaunchServices", "rsr": "", "update": "January 15, 2025" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-44287", "impact": "A malicious application may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121568", "https://support.apple.com/en-us/121570" ], "module": "Installer", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Kirin (@Pwnrin)", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2024-44289", "impact": "An app may be able to read sensitive location information", "links": [ "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121568", "https://support.apple.com/en-us/121570" ], "module": "Find My", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia" ], "credit": "Kirin (@Pwnrin)", "description": "This issue was addressed with improved redaction of sensitive information.", "id": "CVE-2024-44290", "impact": "An app may be able to determine a user\u2019s current location", "links": [ "https://support.apple.com/en-us/121563", "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121565" ], "module": "Weather", "rsr": "", "update": "December 11, 2024" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Arsenii Kostromin (0x3c3e)", "description": "A logic issue was addressed with improved file handling.", "id": "CVE-2024-44291", "impact": "A malicious app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121840", "https://support.apple.com/en-us/121842" ], "module": "Foundation", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "Kirin (@Pwnrin)", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2024-44292", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/121564" ], "module": "Notification Center", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "Kirin (@Pwnrin) and 7feilee", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2024-44293", "impact": "A user may be able to view sensitive user information", "links": [ "https://support.apple.com/en-us/121564" ], "module": "Notification Center", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "A path deletion vulnerability was addressed by preventing vulnerable code from running with privileges.", "id": "CVE-2024-44294", "impact": "An attacker with root privileges may be able to delete protected system files", "links": [ "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121568", "https://support.apple.com/en-us/121570" ], "module": "PackageKit", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "This issue was addressed with additional entitlement checks.", "id": "CVE-2024-44295", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121568", "https://support.apple.com/en-us/121570" ], "module": "CoreServicesUIAgent", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "bugzilla": "278765", "credit": "Narendra Bhati, Manager of Cyber Security at Suma Soft Pvt. Ltd, Pune (India)", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-44296", "impact": "Processing maliciously crafted web content may prevent Content Security Policy from being enforced", "links": [ "https://support.apple.com/en-us/121563", "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121565", "https://support.apple.com/en-us/121566", "https://support.apple.com/en-us/121567", "https://support.apple.com/en-us/121569", "https://support.apple.com/en-us/121571" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Jex Amro", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2024-44297", "impact": "Processing a maliciously crafted message may lead to a denial-of-service", "links": [ "https://support.apple.com/en-us/121563", "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121565", "https://support.apple.com/en-us/121566", "https://support.apple.com/en-us/121567", "https://support.apple.com/en-us/121568", "https://support.apple.com/en-us/121569", "https://support.apple.com/en-us/121570" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "Kirin (@Pwnrin) and 7feilee", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2024-44298", "impact": "An app may be able to access information about a user's contacts", "links": [ "https://support.apple.com/en-us/121564" ], "module": "Contacts", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia" ], "credit": "Ye Zhang (@VAR10CK) of Baidu Security", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2024-44299", "impact": "An attacker may be able to cause unexpected system termination or arbitrary code execution in DCP firmware", "links": [ "https://support.apple.com/en-us/121563", "https://support.apple.com/en-us/121564" ], "module": "IOMobileFrameBuffer", "rsr": "", "update": "December 11, 2024" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "A logic issue was addressed with improved file handling.", "id": "CVE-2024-44300", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121840", "https://support.apple.com/en-us/121842" ], "module": "Crash Reporter", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Bohdan Stasiuk (@Bohdan_Stasiuk), Un3xploitable of CW Research Inc, Pedro T\u00f4rres (@t0rr3sp3dr0)", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-44301", "impact": "A malicious application may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121568", "https://support.apple.com/en-us/121570" ], "module": "PackageKit", "rsr": "", "update": "December 11, 2024" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-44302", "impact": "Processing a maliciously crafted font may result in the disclosure of process memory", "links": [ "https://support.apple.com/en-us/121563", "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121565", "https://support.apple.com/en-us/121566", "https://support.apple.com/en-us/121567", "https://support.apple.com/en-us/121568", "https://support.apple.com/en-us/121569", "https://support.apple.com/en-us/121570" ], "module": "CoreText", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "Pedro T\u00f4rres (@t0rr3sp3dr0)", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-44303", "impact": "A malicious application may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/121564" ], "module": "PackageKit", "rsr": "", "update": "December 11, 2024" }, { "available": [ "macOS Sonoma" ], "credit": "Mickey Jin (@patch1t), Pedro T\u00f4rres (@t0rr3sp3dr0)", "description": "This issue was addressed by removing the vulnerable code.", "id": "CVE-2024-44305", "impact": "An app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/120911" ], "module": "PackageKit", "rsr": "", "update": "March 20, 2025" }, { "available": [ "macOS Sonoma" ], "credit": "CertiK SkyFall Team", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2024-44306", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/120911" ], "module": "ASP TCP", "rsr": "", "update": "November 13, 2024" }, { "available": [ "macOS Sonoma" ], "credit": "CertiK SkyFall Team", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2024-44307", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/120911" ], "module": "ASP TCP", "rsr": "", "update": "November 13, 2024" }, { "available": [ "Apple Vision Pro", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "bugzilla": "283063", "credit": "Cl\u00e9ment Lecigne and Beno\u00eet Sevens of Google's Threat Analysis Group", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-44308", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited on Intel-based Mac systems.", "links": [ "https://support.apple.com/en-us/121752", "https://support.apple.com/en-us/121753", "https://support.apple.com/en-us/121754", "https://support.apple.com/en-us/121755", "https://support.apple.com/en-us/121756" ], "module": "JavaScriptCore", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "bugzilla": "283095", "credit": "Cl\u00e9ment Lecigne and Beno\u00eet Sevens of Google's Threat Analysis Group", "description": "A cookie management issue was addressed with improved state management.", "id": "CVE-2024-44309", "impact": "Processing maliciously crafted web content may lead to a cross site scripting attack. Apple is aware of a report that this issue may have been actively exploited on Intel-based Mac systems.", "links": [ "https://support.apple.com/en-us/121752", "https://support.apple.com/en-us/121753", "https://support.apple.com/en-us/121754", "https://support.apple.com/en-us/121755", "https://support.apple.com/en-us/121756" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2024-45306", "impact": "Processing a maliciously crafted file may lead to heap corruption", "links": [ "https://support.apple.com/en-us/121837", "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121840", "https://support.apple.com/en-us/121842", "https://support.apple.com/en-us/121843", "https://support.apple.com/en-us/121844", "https://support.apple.com/en-us/121845" ], "module": "Vim", "rsr": "", "update": "January 27, 2025" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2024-45490", "impact": "A remote attacker may cause an unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/121837", "https://support.apple.com/en-us/121838", "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121840", "https://support.apple.com/en-us/121842", "https://support.apple.com/en-us/121843", "https://support.apple.com/en-us/121844", "https://support.apple.com/en-us/121845" ], "module": "libexpat", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey and macOS Ventura", "macOS Sonoma" ], "bugzilla": "274165", "credit": "", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2024-4558", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/120909", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120913" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)" ], "credit": "Yi\u011fit Can YILMAZ (@yilmazcanyigit)", "description": "This issue was addressed with improved entitlements.", "id": "CVE-2024-54463", "impact": "An app may be able to access removable volumes without user consent", "links": [ "https://support.apple.com/en-us/121238" ], "module": "Image Capture", "rsr": "", "update": "March 3, 2025" }, { "available": [ "macOS Sequoia" ], "credit": "an anonymous researcher", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2024-54465", "impact": "An app may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/121839" ], "module": "LaunchServices", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Michael Cohen", "description": "An authorization issue was addressed with improved state management.", "id": "CVE-2024-54466", "impact": "An encrypted volume may be accessed by a different user without prompting for the password", "links": [ "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121840", "https://support.apple.com/en-us/121842" ], "module": "DiskArbitration", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Ventura and macOS Sonoma" ], "bugzilla": "287874", "credit": "Narendra Bhati, Manager of Cyber Security At Suma Soft Pvt. Ltd, Pune (India)", "description": "A cookie management issue was addressed with improved state management.", "id": "CVE-2024-54467", "impact": "A malicious website may exfiltrate data cross-origin", "links": [ "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121240", "https://support.apple.com/en-us/121241", "https://support.apple.com/en-us/121248", "https://support.apple.com/en-us/121249", "https://support.apple.com/en-us/121250" ], "module": "WebKit", "rsr": "", "update": "March 3, 2025" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-54468", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/121837", "https://support.apple.com/en-us/121838", "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121840", "https://support.apple.com/en-us/121842", "https://support.apple.com/en-us/121843", "https://support.apple.com/en-us/121844" ], "module": "Kernel", "rsr": "", "update": "January 27, 2025" }, { "available": [ "Apple Vision Pro", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sonoma", "macOS Ventura" ], "credit": "Csaba Fitzl (@theevilbit) of Kandji", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-54469", "impact": "A local user may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/121234", "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121247", "https://support.apple.com/en-us/121249", "https://support.apple.com/en-us/121250" ], "module": "FileProvider", "rsr": "", "update": "March 3, 2025" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Bistrit Dahal and Kenneth Chew", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2024-54470", "impact": "An attacker with physical access may be able to access contacts from the lock screen", "links": [ "https://support.apple.com/en-us/121563", "https://support.apple.com/en-us/121567" ], "module": "Siri", "rsr": "", "update": "January 15, 2025" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Noah Gregory (wts.dev)", "description": "This issue was addressed with additional entitlement checks.", "id": "CVE-2024-54471", "impact": "A malicious application may be able to leak a user's credentials", "links": [ "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121568", "https://support.apple.com/en-us/121570" ], "module": "NetAuth", "rsr": "", "update": "December 11, 2024" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)" ], "credit": "Kirin (@Pwnrin)", "description": "This issue was addressed with improved redaction of sensitive information.", "id": "CVE-2024-54473", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/121238" ], "module": "Maps", "rsr": "", "update": "March 3, 2025" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-54474", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121840", "https://support.apple.com/en-us/121842" ], "module": "PackageKit", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Kirin (@Pwnrin)", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2024-54475", "impact": "An app may be able to determine a user\u2019s current location", "links": [ "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121840", "https://support.apple.com/en-us/121842" ], "module": "System Settings", "rsr": "", "update": "January 27, 2025" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t), Bohdan Stasiuk (@Bohdan_Stasiuk)", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-54476", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121840", "https://support.apple.com/en-us/121842" ], "module": "PackageKit", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t), Csaba Fitzl (@theevilbit) of Kandji", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-54477", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121840", "https://support.apple.com/en-us/121842" ], "module": "Apple Software Restore", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma" ], "credit": "Gary Kwong", "description": "An out-of-bounds access issue was addressed with improved bounds checking.", "id": "CVE-2024-54478", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/121837", "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121840", "https://support.apple.com/en-us/121843", "https://support.apple.com/en-us/121844", "https://support.apple.com/en-us/121845" ], "module": "ICU", "rsr": "", "update": "January 27, 2025" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "bugzilla": "278497", "credit": "Seunghyun Lee", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-54479", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/121837", "https://support.apple.com/en-us/121838", "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121843", "https://support.apple.com/en-us/121844", "https://support.apple.com/en-us/121845", "https://support.apple.com/en-us/121846" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "Meng Zhang (\u9cb8\u843d) of NorthSea", "description": "The issue was resolved by sanitizing logging.", "id": "CVE-2024-54484", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/121839" ], "module": "MediaRemote", "rsr": "", "update": "" }, { "available": [ "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia" ], "credit": "Abhay Kailasia (@abhay_kailasia) from C-DAC Thiruvananthapuram India", "description": "The issue was addressed by adding additional logic.", "id": "CVE-2024-54485", "impact": "An attacker with physical access to an iOS device may be able to view notification content from the lock screen", "links": [ "https://support.apple.com/en-us/121837", "https://support.apple.com/en-us/121838", "https://support.apple.com/en-us/121839" ], "module": "VoiceOver", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-54486", "impact": "Processing a maliciously crafted font may result in the disclosure of process memory", "links": [ "https://support.apple.com/en-us/121837", "https://support.apple.com/en-us/121838", "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121840", "https://support.apple.com/en-us/121842", "https://support.apple.com/en-us/121843", "https://support.apple.com/en-us/121844", "https://support.apple.com/en-us/121845" ], "module": "FontParser", "rsr": "", "update": "" }, { "available": [ "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Benjamin Hornbeck, Skadz (@skadz108), Chi Yuan Chang of ZUSO ART and taikosoup", "description": "A logic issue was addressed with improved file handling.", "id": "CVE-2024-54488", "impact": "Photos in the Hidden Photos Album may be viewed without authentication", "links": [ "https://support.apple.com/en-us/121837", "https://support.apple.com/en-us/121838", "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121840", "https://support.apple.com/en-us/121842" ], "module": "Accounts", "rsr": "", "update": "January 27, 2025" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "D\u2019Angelo Gonzalez of CrowdStrike", "description": "A path handling issue was addressed with improved validation.", "id": "CVE-2024-54489", "impact": "Running a mount command may unexpectedly execute arbitrary code", "links": [ "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121840", "https://support.apple.com/en-us/121842" ], "module": "Disk Utility", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed by enabling hardened runtime.", "id": "CVE-2024-54490", "impact": "A local attacker may gain access to user's Keychain items", "links": [ "https://support.apple.com/en-us/121839" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "Kirin (@Pwnrin)", "description": "The issue was resolved by sanitizing logging", "id": "CVE-2024-54491", "impact": "A malicious application may be able to determine a user's current location", "links": [ "https://support.apple.com/en-us/121839" ], "module": "Logging", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia" ], "credit": "Talal Haj Bakry and Tommy Mysk of Mysk Inc. (@mysk_co)", "description": "This issue was addressed by using HTTPS when sending information over the network.", "id": "CVE-2024-54492", "impact": "An attacker in a privileged network position may be able to alter network traffic", "links": [ "https://support.apple.com/en-us/121837", "https://support.apple.com/en-us/121838", "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121845" ], "module": "Passwords", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "Yokesh Muthu K", "description": "This issue was addressed through improved state management.", "id": "CVE-2024-54493", "impact": "Privacy indicators for microphone access may be attributed incorrectly", "links": [ "https://support.apple.com/en-us/121839" ], "module": "Shortcuts", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "sohybbyk", "description": "A race condition was addressed with additional validation.", "id": "CVE-2024-54494", "impact": "An attacker may be able to create a read-only memory mapping that can be written to", "links": [ "https://support.apple.com/en-us/121837", "https://support.apple.com/en-us/121838", "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121840", "https://support.apple.com/en-us/121842", "https://support.apple.com/en-us/121843", "https://support.apple.com/en-us/121844", "https://support.apple.com/en-us/121845" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma" ], "credit": "Claudio Bozzato and Francesco Benvenuto of Cisco Talos, Arsenii Kostromin (0x3c3e)", "description": "The issue was addressed with improved permissions logic.", "id": "CVE-2024-54495", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121840" ], "module": "Swift", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia" ], "credit": "Anonymous working with Trend Micro Zero Day Initiative", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-54497", "impact": "Processing web content may lead to a denial-of-service", "links": [ "https://support.apple.com/en-us/121837", "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121843", "https://support.apple.com/en-us/121844", "https://support.apple.com/en-us/121845" ], "module": "QuartzCore", "rsr": "", "update": "January 27, 2025" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "A path handling issue was addressed with improved validation.", "id": "CVE-2024-54498", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121840", "https://support.apple.com/en-us/121842" ], "module": "SharedFileList", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia" ], "credit": "Anonymous working with Trend Micro Zero Day Initiative", "description": "A use-after-free issue was addressed with improved memory management.", "id": "CVE-2024-54499", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/121837", "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121843", "https://support.apple.com/en-us/121844", "https://support.apple.com/en-us/121845" ], "module": "ImageIO", "rsr": "", "update": "January 27, 2025" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Junsung Lee working with Trend Micro Zero Day Initiative", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-54500", "impact": "Processing a maliciously crafted image may result in disclosure of process memory", "links": [ "https://support.apple.com/en-us/121837", "https://support.apple.com/en-us/121838", "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121840", "https://support.apple.com/en-us/121842", "https://support.apple.com/en-us/121843", "https://support.apple.com/en-us/121844", "https://support.apple.com/en-us/121845" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Michael DePlante (@izobashi) of Trend Micro's Zero Day Initiative", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-54501", "impact": "Processing a maliciously crafted file may lead to a denial of service", "links": [ "https://support.apple.com/en-us/121837", "https://support.apple.com/en-us/121838", "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121840", "https://support.apple.com/en-us/121842", "https://support.apple.com/en-us/121843", "https://support.apple.com/en-us/121844", "https://support.apple.com/en-us/121845" ], "module": "SceneKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "bugzilla": "281912", "credit": "Brendon Tiszka of Google Project Zero", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-54502", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/121837", "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121843", "https://support.apple.com/en-us/121844", "https://support.apple.com/en-us/121845", "https://support.apple.com/en-us/121846" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Micheal Chukwu and an anonymous researcher", "description": "An inconsistent user interface issue was addressed with improved state management.", "id": "CVE-2024-54503", "impact": "Muting a call while ringing may not result in mute being enabled", "links": [ "https://support.apple.com/en-us/121837" ], "module": "Audio", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "\u795e\u7f5a(@Pwnrin)", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2024-54504", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/121839" ], "module": "Notification Center", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "bugzilla": "282661", "credit": "Gary Kwong", "description": "A type confusion issue was addressed with improved memory handling.", "id": "CVE-2024-54505", "impact": "Processing maliciously crafted web content may lead to memory corruption", "links": [ "https://support.apple.com/en-us/121837", "https://support.apple.com/en-us/121838", "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121843", "https://support.apple.com/en-us/121844", "https://support.apple.com/en-us/121845", "https://support.apple.com/en-us/121846" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "Ye Zhang (@VAR10CK) of Baidu Security", "description": "An out-of-bounds access issue was addressed with improved bounds checking.", "id": "CVE-2024-54506", "impact": "An attacker may be able to cause unexpected system termination or arbitrary code execution in DCP firmware", "links": [ "https://support.apple.com/en-us/121839" ], "module": "IOMobileFrameBuffer", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia" ], "credit": "Joseph Ravichandran (@0xjprx) of MIT CSAIL", "description": "A type confusion issue was addressed with improved memory handling.", "id": "CVE-2024-54507", "impact": "An attacker with user privileges may be able to read kernel memory", "links": [ "https://support.apple.com/en-us/121837", "https://support.apple.com/en-us/121839" ], "module": "Kernel", "rsr": "", "update": "January 27, 2025" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "bugzilla": "282180", "credit": "linjy of HKUS3Lab and chluo of WHUSecLab, Xiangwei Zhang of Tencent Security YUNDING LAB", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2024-54508", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/121837", "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121843", "https://support.apple.com/en-us/121844", "https://support.apple.com/en-us/121845", "https://support.apple.com/en-us/121846" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma" ], "credit": "CertiK SkyFall Team", "description": "An out-of-bounds write issue was addressed with improved input validation.", "id": "CVE-2024-54509", "impact": "An app may be able to cause unexpected system termination or write kernel memory", "links": [ "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121840" ], "module": "ASP TCP", "rsr": "", "update": "January 27, 2025" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Joseph Ravichandran (@0xjprx) of MIT CSAIL", "description": "A race condition was addressed with improved locking.", "id": "CVE-2024-54510", "impact": "An app may be able to leak sensitive kernel state", "links": [ "https://support.apple.com/en-us/121837", "https://support.apple.com/en-us/121838", "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121840", "https://support.apple.com/en-us/121842", "https://support.apple.com/en-us/121843", "https://support.apple.com/en-us/121844" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Bistrit Dahal", "description": "The issue was addressed by removing the relevant flags.", "id": "CVE-2024-54512", "impact": "A system binary could be used to fingerprint a user's Apple Account", "links": [ "https://support.apple.com/en-us/121837", "https://support.apple.com/en-us/121843" ], "module": "Face Gallery", "rsr": "", "update": "January 27, 2025" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia" ], "credit": "an anonymous researcher", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2024-54513", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/121837", "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121843", "https://support.apple.com/en-us/121844", "https://support.apple.com/en-us/121845" ], "module": "Crash Reporter", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-54514", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/121837", "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121840", "https://support.apple.com/en-us/121842", "https://support.apple.com/en-us/121843", "https://support.apple.com/en-us/121844" ], "module": "libxpc", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "an anonymous researcher", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2024-54515", "impact": "A malicious app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/121839" ], "module": "SharedFileList", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma" ], "credit": "Arsenii Kostromin (0x3c3e) and an anonymous researcher", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2024-54516", "impact": "An app may be able to approve a launch daemon without user consent", "links": [ "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121840" ], "module": "SharedFileList", "rsr": "", "update": "January 27, 2025" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia" ], "credit": "Ye Zhang (@VAR10CK) of Baidu Security", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2024-54517", "impact": "An app may be able to corrupt coprocessor memory", "links": [ "https://support.apple.com/en-us/121837", "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121843", "https://support.apple.com/en-us/121844" ], "module": "IOMobileFrameBuffer", "rsr": "", "update": "January 27, 2025" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia" ], "credit": "Ye Zhang (@VAR10CK) of Baidu Security", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2024-54518", "impact": "An app may be able to corrupt coprocessor memory", "links": [ "https://support.apple.com/en-us/121837", "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121843", "https://support.apple.com/en-us/121844" ], "module": "IOMobileFrameBuffer", "rsr": "", "update": "January 27, 2025" }, { "available": [ "macOS Sequoia", "macOS Sonoma" ], "credit": "Kirin (@Pwnrin) and 7feilee", "description": "The issue was resolved by sanitizing logging.", "id": "CVE-2024-54519", "impact": "An app may be able to read sensitive location information", "links": [ "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121840" ], "module": "Find My", "rsr": "", "update": "January 27, 2025" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Rodolphe BRUNETTI (@eisw0lf)", "description": "A path handling issue was addressed with improved validation.", "id": "CVE-2024-54520", "impact": "An app may be able to overwrite arbitrary files", "links": [ "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121840", "https://support.apple.com/en-us/121842" ], "module": "System Settings", "rsr": "", "update": "January 27, 2025" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia" ], "credit": "Ye Zhang (@VAR10CK) of Baidu Security", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2024-54522", "impact": "An app may be able to corrupt coprocessor memory", "links": [ "https://support.apple.com/en-us/121837", "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121843", "https://support.apple.com/en-us/121844" ], "module": "IOMobileFrameBuffer", "rsr": "", "update": "January 27, 2025" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia" ], "credit": "Ye Zhang (@VAR10CK) of Baidu Security", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2024-54523", "impact": "An app may be able to corrupt coprocessor memory", "links": [ "https://support.apple.com/en-us/121837", "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121843", "https://support.apple.com/en-us/121844" ], "module": "IOMobileFrameBuffer", "rsr": "", "update": "January 27, 2025" }, { "available": [ "macOS Sequoia" ], "credit": "an anonymous researcher", "description": "A logic issue was addressed with improved file handling.", "id": "CVE-2024-54524", "impact": "A malicious app may be able to access arbitrary files", "links": [ "https://support.apple.com/en-us/121839" ], "module": "SharedFileList", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia" ], "credit": "Andrew James Gonzalez, Dragon Fruit Security (Davis Dai, ORAC \u843d\u4e91, Frank Du cooperative discovery)", "description": "A logic issue was addressed with improved file handling.", "id": "CVE-2024-54525", "impact": "Restoring a maliciously crafted backup file may lead to modification of protected system files", "links": [ "https://support.apple.com/en-us/121837", "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121843", "https://support.apple.com/en-us/121844", "https://support.apple.com/en-us/121845" ], "module": "MobileBackup", "rsr": "", "update": "March 17, 2025" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t), Arsenii Kostromin (0x3c3e)", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-54526", "impact": "A malicious app may be able to access private information", "links": [ "https://support.apple.com/en-us/121837", "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121840", "https://support.apple.com/en-us/121842", "https://support.apple.com/en-us/121843", "https://support.apple.com/en-us/121844" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed with improved checks.", "id": "CVE-2024-54527", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/121837", "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121840", "https://support.apple.com/en-us/121842", "https://support.apple.com/en-us/121843", "https://support.apple.com/en-us/121844" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2024-54528", "impact": "An app may be able to overwrite arbitrary files", "links": [ "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121840", "https://support.apple.com/en-us/121842" ], "module": "SharedFileList", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Dillon Franke working with Google Project Zero", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2024-54529", "impact": "An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges", "links": [ "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121840", "https://support.apple.com/en-us/121842" ], "module": "Audio", "rsr": "", "update": "May 28, 2025" }, { "available": [ "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia" ], "credit": "Abhay Kailasia (@abhay_kailasia) from C-DAC Thiruvananthapuram India, Rakeshkumar Talaviya, Tomomasa Hiraiwa", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-54530", "impact": "Password autofill may fill in passwords after failing authentication", "links": [ "https://support.apple.com/en-us/121837", "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121843", "https://support.apple.com/en-us/121845" ], "module": "Passkeys", "rsr": "", "update": "January 27, 2025, updated March 17, 2025" }, { "available": [ "macOS Sequoia" ], "credit": "Hyerean Jang, Taehun Kim, and Youngjoo Shin", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2024-54531", "impact": "An app may be able to bypass kASLR", "links": [ "https://support.apple.com/en-us/121839" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "Csaba Fitzl (@theevilbit) of OffSec", "description": "A permissions issue was addressed with additional sandbox restrictions.", "id": "CVE-2024-54533", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/121839" ], "module": "Spotlight", "rsr": "", "update": "April 2, 2025" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "bugzilla": "277967", "credit": "Tashita Software Security", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2024-54534", "impact": "Processing maliciously crafted web content may lead to memory corruption", "links": [ "https://support.apple.com/en-us/121837", "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121843", "https://support.apple.com/en-us/121844", "https://support.apple.com/en-us/121845", "https://support.apple.com/en-us/121846" ], "module": "WebKit", "rsr": "", "update": "January 27, 2025" }, { "available": [ "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia" ], "credit": "K\u5b9d(@Pwnrin)", "description": "A path handling issue was addressed with improved logic.", "id": "CVE-2024-54535", "impact": "An attacker with access to calendar data could also read reminders", "links": [ "https://support.apple.com/en-us/121563", "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121565", "https://support.apple.com/en-us/121566" ], "module": "Calendar", "rsr": "", "update": "January 15, 2025" }, { "available": [ "macOS Sequoia" ], "credit": "Claudio Bozzato and Francesco Benvenuto of Cisco Talos", "description": "The issue was addressed with improved validation of environment variables.", "id": "CVE-2024-54536", "impact": "An app may be able to edit NVRAM variables", "links": [ "https://support.apple.com/en-us/121839" ], "module": "MobileAccessoryUpdater", "rsr": "", "update": "January 27, 2025" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed with additional entitlement checks.", "id": "CVE-2024-54537", "impact": "An app may be able to read and write files outside of its sandbox", "links": [ "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121840", "https://support.apple.com/en-us/121842" ], "module": "QuickTime Player", "rsr": "", "update": "January 27, 2025" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Bing Shi, Wenchao Li and Xiaolong Bai of Alibaba Group, and Luyi Xing of Indiana University Bloomington", "description": "A denial-of-service issue was addressed with improved input validation.", "id": "CVE-2024-54538", "impact": "A remote attacker may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/121563", "https://support.apple.com/en-us/121564", "https://support.apple.com/en-us/121565", "https://support.apple.com/en-us/121566", "https://support.apple.com/en-us/121567", "https://support.apple.com/en-us/121568", "https://support.apple.com/en-us/121569", "https://support.apple.com/en-us/121570" ], "module": "Security", "rsr": "", "update": "December 19, 2024" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Halle Winkler, Politepix theoffcuts.org, and Trent @lathiat Lloyd", "description": "This issue was addressed through improved state management.", "id": "CVE-2024-54539", "impact": "An app may be able to capture keyboard events from the lock screen", "links": [ "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121840", "https://support.apple.com/en-us/121842" ], "module": "WindowServer", "rsr": "", "update": "January 27, 2025" }, { "available": [ "Windows 10 22H2 and later for Intel machines, Windows 11 24H2 and later for Arm machines" ], "credit": "Dominik Penner (zer0pwn)", "description": "The issue was addressed with improved input sanitization.", "id": "CVE-2024-54540", "impact": "Processing maliciously crafted web content may disclose internal states of the app", "links": [ "https://support.apple.com/en-us/122043" ], "module": "Music", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Arsenii Kostromin (0x3c3e) and an anonymous researcher", "description": "This issue was addressed through improved state management.", "id": "CVE-2024-54541", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/121837", "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121840", "https://support.apple.com/en-us/121842", "https://support.apple.com/en-us/121843", "https://support.apple.com/en-us/121844", "https://support.apple.com/en-us/121845" ], "module": "APFS", "rsr": "", "update": "January 27, 2025" }, { "available": [ "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "credit": "Rei (@reizydev), Kenneth Chew", "description": "An authentication issue was addressed with improved state management.", "id": "CVE-2024-54542", "impact": "Private Browsing tabs may be accessed without authentication", "links": [ "https://support.apple.com/en-us/121837", "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121843", "https://support.apple.com/en-us/121846" ], "module": "Safari Private Browsing", "rsr": "", "update": "January 27, 2025" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "bugzilla": "282450", "credit": "Lukas Bernhard, Gary Kwong, and an anonymous researcher", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2024-54543", "impact": "Processing maliciously crafted web content may lead to memory corruption", "links": [ "https://support.apple.com/en-us/121837", "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121843", "https://support.apple.com/en-us/121844", "https://support.apple.com/en-us/121845", "https://support.apple.com/en-us/121846" ], "module": "WebKit", "rsr": "", "update": "January 27, 2025" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)" ], "credit": "Antonio Zekic (@antoniozekic) and ant4g0nist", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2024-54546", "impact": "An app may be able to cause unexpected system termination or corrupt kernel memory", "links": [ "https://support.apple.com/en-us/121238" ], "module": "Wi-Fi", "rsr": "", "update": "March 3, 2025" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Rodolphe BRUNETTI (@eisw0lf) of Lupus Nova", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-54547", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121840", "https://support.apple.com/en-us/121842" ], "module": "Dock", "rsr": "", "update": "January 27, 2025" }, { "available": [ "macOS Sequoia" ], "credit": "Kirin (@Pwnrin)", "description": "This issue was addressed with improved redaction of sensitive information.", "id": "CVE-2024-54549", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/121839" ], "module": "Sync Services", "rsr": "", "update": "January 27, 2025" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia" ], "credit": "Smi1e (@Smi1eSEC)", "description": "This issue was addressed with improved redaction of sensitive information.", "id": "CVE-2024-54550", "impact": "An app may be able to view autocompleted contact information from Messages and Mail in system logs", "links": [ "https://support.apple.com/en-us/121837", "https://support.apple.com/en-us/121839" ], "module": "Contacts", "rsr": "", "update": "January 27, 2025" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey and macOS Ventura", "macOS Sonoma" ], "bugzilla": "275117", "credit": "ajajfxhj", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2024-54551", "impact": "Processing web content may lead to a denial-of-service", "links": [ "https://support.apple.com/en-us/120909", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120913", "https://support.apple.com/en-us/120914", "https://support.apple.com/en-us/120915", "https://support.apple.com/en-us/120916" ], "module": "WebKit", "rsr": "", "update": "March 20, 2025" }, { "available": [ "macOS Sequoia" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed with improved handling of symlinks.", "id": "CVE-2024-54554", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/121564" ], "module": "Dock", "rsr": "", "update": "August 28, 2025" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Abhay Kailasia (@abhay_kailasia) from C-DAC Thiruvananthapuram India", "description": "This issue was addressed through improved state management.", "id": "CVE-2024-54556", "impact": "A user may be able to view restricted content from the lock screen", "links": [ "https://support.apple.com/en-us/121563" ], "module": "WidgetKit", "rsr": "", "update": "January 16, 2026" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2024-54557", "impact": "An attacker may gain access to protected parts of the file system", "links": [ "https://support.apple.com/en-us/121839", "https://support.apple.com/en-us/121840", "https://support.apple.com/en-us/121842" ], "module": "SharedFileList", "rsr": "", "update": "January 27, 2025" }, { "available": [ "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Ron Masas of BreakPoint.sh and an anonymous researcher", "description": "A clickjacking issue was addressed with improved out-of-process view handling.", "id": "CVE-2024-54558", "impact": "An app may be able to trick a user into granting access to photos from the user's photo library", "links": [ "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121250" ], "module": "TCC", "rsr": "", "update": "March 3, 2025" }, { "available": [ "macOS Sequoia" ], "credit": "Zhongquan Li (@Guluisacat) and an anonymous researcher", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-54559", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/121839" ], "module": "Sandbox", "rsr": "", "update": "March 17, 2025, updated August 28, 2025" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 6 and later", "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later)", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Kirin (@Pwnrin), Jeff Johnson (underpassapp.com)", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2024-54560", "impact": "A malicious app may be able to modify other apps without having App Management permission", "links": [ "https://support.apple.com/en-us/121238", "https://support.apple.com/en-us/121240", "https://support.apple.com/en-us/121248", "https://support.apple.com/en-us/121250" ], "module": "LaunchServices", "rsr": "", "update": "March 3, 2025" }, { "available": [ "Apple Vision Pro", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "Linwz of DEVCORE", "description": "This issue was addressed through improved state management.", "id": "CVE-2024-54564", "impact": "A file received from AirDrop may not have the quarantine flag applied", "links": [ "https://support.apple.com/en-us/120909", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120915" ], "module": "AirDrop", "rsr": "", "update": "March 20, 2025" }, { "available": [ "macOS Sequoia" ], "credit": "Mickey Jin (@patch1t)", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-54565", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/121839" ], "module": "XProtect", "rsr": "", "update": "March 17, 2025" }, { "available": [ "macOS Sequoia" ], "credit": "Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2024-54568", "impact": "Parsing a maliciously crafted file may lead to an unexpected app termination", "links": [ "https://support.apple.com/en-us/121839" ], "module": "ATS", "rsr": "", "update": "August 28, 2025" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 4 and later", "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", "macOS Monterey and macOS Ventura", "macOS Sonoma" ], "bugzilla": "263758", "credit": "anbu1024 of SecANT", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2024-54658", "impact": "Processing web content may lead to a denial-of-service", "links": [ "https://support.apple.com/en-us/120881", "https://support.apple.com/en-us/120882", "https://support.apple.com/en-us/120883", "https://support.apple.com/en-us/120893", "https://support.apple.com/en-us/120894", "https://support.apple.com/en-us/120895" ], "module": "WebKit", "rsr": "", "update": "February 5, 2025" }, { "available": [ "macOS Monterey", "macOS Sonoma", "macOS Ventura" ], "credit": "", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2024-6387", "impact": "A remote attacker may be able to cause arbitrary code execution", "links": [ "https://support.apple.com/en-us/120910", "https://support.apple.com/en-us/120911", "https://support.apple.com/en-us/120912" ], "module": "OpenSSH", "rsr": "", "update": "" }, { "available": [ "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation" ], "credit": "Guilherme Rambo of Best Buddy Apps (rambo.codes)", "description": "An app could impersonate system notifications. Sensitive notifications now require restricted entitlements.", "id": "CVE-2025-24091", "impact": "An app may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/121838" ], "module": "Libnotify", "rsr": "", "update": "April 30, 2025" } ] ================================================ FILE: 2024/README.md ================================================ # Apple CVE 2024 * data source: https://support.apple.com/en-us/HT201222 * [2024.json](2024.json) ## ITW | Index | CVE ID | Module | |:-----:|:------:|:------------------ | | 1 | CVE-2023-42916 | WebKit | | 2 | CVE-2023-42917 | WebKit | | 3 | CVE-2024-23222 | WebKit | | 4 | CVE-2024-23225 | Kernel | | 5 | CVE-2024-23296 | RTKit | | 6 | CVE-2024-44308 | JavaScriptCore | | 7 | CVE-2024-44309 | WebKit | ## Modules | Index | Module Name | CVE Count | |:-----:|:------------------ |:---------:| | 1 | WebKit | 48 | | 2 | PackageKit | 30 | | 3 | Shortcuts | 21 | | 4 | Kernel | 21 | | 5 | AppleMobileFileIntegrity | 19 | | 6 | Siri | 18 | | 7 | ImageIO | 16 | | 8 | Sandbox | 12 | | 9 | IOMobileFrameBuffer | 11 | | 10 | Safari | 9 | | 11 | Accessibility | 9 | | 12 | SharedFileList | 8 | | 13 | curl | 7 | | 14 | libxpc | 6 | | 15 | Wi-Fi | 6 | | 16 | Safari Private Browsing | 6 | | 17 | System Settings | 6 | | 18 | StorageKit | 6 | | 19 | sips | 6 | | 20 | Perl | 5 | | 21 | OpenSSH | 5 | | 22 | Notes | 5 | | 23 | Spotlight | 5 | | 24 | AppleVA | 5 | | 25 | Accounts | 5 | | 26 | LaunchServices | 5 | | 27 | MediaRemote | 4 | | 28 | TCC | 4 | | 29 | Find My | 4 | | 30 | Dock | 4 | | 31 | Music | 4 | | 32 | Messages | 4 | | 33 | Foundation | 4 | | 34 | CoreMedia | 4 | | 35 | AppleAVD | 4 | | 36 | Maps | 4 | | 37 | ASP TCP | 4 | | 38 | Security | 4 | | 39 | Notification Center | 4 | | 40 | AppleGraphicsControl | 4 | | 41 | WindowServer | 4 | | 42 | Passwords | 4 | | 43 | apache | 3 | | 44 | Transparency | 3 | | 45 | Core Data | 3 | | 46 | Login Window | 3 | | 47 | Bluetooth | 3 | | 48 | Screen Capture | 3 | | 49 | Intel Graphics Driver | 3 | | 50 | Photos | 3 | | 51 | ColorSync | 3 | | 52 | Image Capture | 3 | | 53 | Metal | 3 | | 54 | Disk Images | 3 | | 55 | Control Center | 3 | | 56 | Apache | 3 | | 57 | APFS | 3 | | 58 | VoiceOver | 3 | | 59 | XProtect | 3 | | 60 | DiskArbitration | 3 | | 61 | Installer | 3 | | 62 | SceneKit | 3 | | 63 | Contacts | 3 | | 64 | CUPS | 2 | | 65 | Time Zone | 2 | | 66 | Apple Neural Engine | 2 | | 67 | NSSpellChecker | 2 | | 68 | Finder | 2 | | 69 | Airport | 2 | | 70 | UIKit | 2 | | 71 | Mail | 2 | | 72 | TV App | 2 | | 73 | QuartzCore | 2 | | 74 | AppSandbox | 2 | | 75 | Phone | 2 | | 76 | IOSurface | 2 | | 77 | AVEVideoEncoder | 2 | | 78 | Sync Services | 2 | | 79 | libarchive | 2 | | 80 | Security Initialization | 2 | | 81 | Presence | 2 | | 82 | NetworkExtension | 2 | | 83 | sudo | 2 | | 84 | iTunes | 2 | | 85 | Vim | 2 | | 86 | FileProvider | 2 | | 87 | Quick Look | 2 | | 88 | CoreText | 2 | | 89 | MobileBackup | 2 | | 90 | Crash Reporter | 2 | | 91 | Audio | 2 | | 92 | file | 1 | | 93 | NSOpenPanel | 1 | | 94 | Libsystem | 1 | | 95 | LoginWindow | 1 | | 96 | Model I/O | 1 | | 97 | WebRTC | 1 | | 98 | ExtensionKit | 1 | | 99 | Mail Search | 1 | | 100 | LLVM | 1 | | 101 | CoreCrypto | 1 | | 102 | Reset Services | 1 | | 103 | Share Sheet | 1 | | 104 | CFNetwork | 1 | | 105 | Synapse | 1 | | 106 | CoreBluetooth - LE | 1 | | 107 | Kerberos v5 PAM module | 1 | | 108 | Image Processing | 1 | | 109 | Storage Services | 1 | | 110 | Admin Framework | 1 | | 111 | Persona | 1 | | 112 | RTKit | 1 | | 113 | Xcode | 1 | | 114 | GarageBand | 1 | | 115 | Power Manager | 1 | | 116 | Voice Control | 1 | | 117 | IOHIDFamily | 1 | | 118 | Screenshots | 1 | | 119 | Symptom Framework | 1 | | 120 | libiconv | 1 | | 121 | PrintCenter | 1 | | 122 | WebKit Web Inspector | 1 | | 123 | WebKit Canvas | 1 | | 124 | udf | 1 | | 125 | MarketplaceKit | 1 | | 126 | Setup Assistant | 1 | | 127 | Cellular | 1 | | 128 | Compression | 1 | | 129 | Scripting Bridge | 1 | | 130 | AppKit | 1 | | 131 | Git | 1 | | 132 | Photos Storage | 1 | | 133 | Mail Accounts | 1 | | 134 | Family Sharing | 1 | | 135 | CoreGraphics | 1 | | 136 | Restore Framework | 1 | | 137 | Keychain Access | 1 | | 138 | dyld | 1 | | 139 | Printing | 1 | | 140 | DesktopServices | 1 | | 141 | Status Bar | 1 | | 142 | Game Center | 1 | | 143 | GPU Drivers | 1 | | 144 | IDE Tools | 1 | | 145 | Apple Account | 1 | | 146 | Core Bluetooth | 1 | | 147 | ARKit | 1 | | 148 | Automator | 1 | | 149 | APNs | 1 | | 150 | ArchiveService | 1 | | 151 | Face ID | 1 | | 152 | Sidecar | 1 | | 153 | copyfile | 1 | | 154 | bless | 1 | | 155 | Video Playback | 1 | | 156 | IDE Documentation | 1 | | 157 | IOSurfaceAccelerator | 1 | | 158 | App Intents | 1 | | 159 | mDNSResponder | 1 | | 160 | NSColor | 1 | | 161 | IOGPUFamily | 1 | | 162 | libxml2 | 1 | | 163 | Media Session | 1 | | 164 | Playgrounds | 1 | | 165 | Screen Sharing Server | 1 | | 166 | XPC | 1 | | 167 | App Support | 1 | | 168 | Managed Configuration | 1 | | 169 | Safari Downloads | 1 | | 170 | Assets | 1 | | 171 | Lock Screen | 1 | | 172 | SystemMigration | 1 | | 173 | Game Controllers | 1 | | 174 | CoreMedia Playback | 1 | | 175 | Pro Res | 1 | | 176 | Weather | 1 | | 177 | CoreServicesUIAgent | 1 | | 178 | JavaScriptCore | 1 | | 179 | libexpat | 1 | | 180 | NetAuth | 1 | | 181 | Apple Software Restore | 1 | | 182 | ICU | 1 | | 183 | FontParser | 1 | | 184 | Disk Utility | 1 | | 185 | Logging | 1 | | 186 | Swift | 1 | | 187 | Face Gallery | 1 | | 188 | Passkeys | 1 | | 189 | Calendar | 1 | | 190 | MobileAccessoryUpdater | 1 | | 191 | QuickTime Player | 1 | | 192 | WidgetKit | 1 | | 193 | AirDrop | 1 | | 194 | ATS | 1 | | 195 | Libnotify | 1 | ================================================ FILE: 2025/2025.json ================================================ [ { "available": [ "macOS Sequoia" ], "credit": "", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2023-27043", "impact": "A remote attacker may be able to bypass sender policy checks and deliver malicious content via email", "links": [ "https://support.apple.com/en-us/122373" ], "module": "Python", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "macOS Sequoia", "macOS Sonoma" ], "credit": "", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2024-27280", "impact": "Processing a file may lead to a denial-of-service or potentially disclose memory contents", "links": [ "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125111", "https://support.apple.com/en-us/125112" ], "module": "Ruby", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma", "macOS Ventura" ], "credit": "Wojciech Regula of SecuRing (wojciechregula.blog)", "description": "The issue was addressed with improved handling of protocols.", "id": "CVE-2024-40864", "impact": "An attacker in a privileged network position may be able to track a user's activity", "links": [ "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "Apple Account", "rsr": "", "update": "April 2, 2025" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2024-43398", "impact": "Multiple issues in ruby", "links": [ "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635", "https://support.apple.com/en-us/125636" ], "module": "Ruby", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma 14.4 and later" ], "credit": "Marc Schoenefeld, Dr. rer. nat.", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2024-44142", "impact": "Processing a maliciously crafted image may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/121866" ], "module": "GarageBand", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma", "macOS Ventura" ], "credit": "Kirin (@Pwnrin)", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2024-44172", "impact": "An app may be able to access contacts", "links": [ "https://support.apple.com/en-us/122069", "https://support.apple.com/en-us/122070" ], "module": "Contacts", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "Jonathan Bar Or (@yo_yo_yo_jbo) of Microsoft, Mickey Jin (@patch1t)", "description": "A configuration issue was addressed with additional restrictions.", "id": "CVE-2024-44243", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/122069" ], "module": "StorageKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia" ], "credit": "", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2024-48958", "impact": "An input validation issue was addressed", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122376", "https://support.apple.com/en-us/122377", "https://support.apple.com/en-us/122378" ], "module": "libarchive", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2024-49761", "impact": "Multiple issues in ruby", "links": [ "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635", "https://support.apple.com/en-us/125636" ], "module": "Ruby", "rsr": "", "update": "" }, { "available": [ "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation" ], "credit": "Gary Kwong", "description": "An out-of-bounds access issue was addressed with improved bounds checking.", "id": "CVE-2024-54478", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/122067" ], "module": "ICU", "rsr": "", "update": "" }, { "available": [ "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "macOS Sonoma", "macOS Ventura" ], "credit": "Anonymous working with Trend Micro Zero Day Initiative", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-54497", "impact": "Processing web content may lead to a denial-of-service", "links": [ "https://support.apple.com/en-us/122067", "https://support.apple.com/en-us/122069", "https://support.apple.com/en-us/122070" ], "module": "QuartzCore", "rsr": "", "update": "" }, { "available": [ "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation" ], "bugzilla": "281912", "credit": "Brendon Tiszka of Google Project Zero", "description": "The issue was addressed with improved checks.", "id": "CVE-2024-54502", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/122372" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation" ], "bugzilla": "282180", "credit": "Xiangwei Zhang of Tencent Security YUNDING LAB, linjy of HKUS3Lab and chluo of WHUSecLab, and an anonymous researcher", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2024-54508", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/122372" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "CertiK SkyFall Team", "description": "An out-of-bounds write issue was addressed with improved input validation.", "id": "CVE-2024-54509", "impact": "An app may be able to cause unexpected system termination or write kernel memory", "links": [ "https://support.apple.com/en-us/122069" ], "module": "ASP TCP", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma", "macOS Ventura" ], "credit": "Csaba Fitzl (@theevilbit) of OffSec", "description": "A permissions issue was addressed with additional sandbox restrictions.", "id": "CVE-2024-54533", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "Spotlight", "rsr": "", "update": "" }, { "available": [ "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation" ], "bugzilla": "277967", "credit": "Tashita Software Security", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2024-54534", "impact": "Processing maliciously crafted web content may lead to memory corruption", "links": [ "https://support.apple.com/en-us/122372" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation" ], "bugzilla": "282450", "credit": "Lukas Bernhard, Gary Kwong, and an anonymous researcher", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2024-54543", "impact": "Processing maliciously crafted web content may lead to memory corruption", "links": [ "https://support.apple.com/en-us/122372" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Ivan Fratric of Google Project Zero", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2024-55549", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/122066", "https://support.apple.com/en-us/122067", "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122069", "https://support.apple.com/en-us/122070", "https://support.apple.com/en-us/122071", "https://support.apple.com/en-us/122072", "https://support.apple.com/en-us/122073" ], "module": "libxslt", "rsr": "", "update": "May 16, 2025" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2024-56171", "impact": "Parsing a file may lead to an unexpected app termination", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122372", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375", "https://support.apple.com/en-us/122376", "https://support.apple.com/en-us/122377", "https://support.apple.com/en-us/122378" ], "module": "libxml2", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2024-7264", "impact": "Multiple issues in curl", "links": [ "https://support.apple.com/en-us/125884", "https://support.apple.com/en-us/125885", "https://support.apple.com/en-us/125886", "https://support.apple.com/en-us/125887", "https://support.apple.com/en-us/125888", "https://support.apple.com/en-us/125889", "https://support.apple.com/en-us/125890", "https://support.apple.com/en-us/125891" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2024-8176", "impact": "Multiple issues in libexpat, including unexpected app termination or arbitrary code execution", "links": [ "https://support.apple.com/en-us/122404", "https://support.apple.com/en-us/122405", "https://support.apple.com/en-us/122716", "https://support.apple.com/en-us/122717", "https://support.apple.com/en-us/122718", "https://support.apple.com/en-us/122720", "https://support.apple.com/en-us/122721", "https://support.apple.com/en-us/122722" ], "module": "libexpat", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma and macOS Sequoia", "macOS Tahoe" ], "credit": "@retsew0x01", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2024-8906", "impact": "A download's origin may be incorrectly associated", "links": [ "https://support.apple.com/en-us/125886", "https://support.apple.com/en-us/125892" ], "module": "Safari Downloads", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2024-9681", "impact": "An input validation issue was addressed", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122372", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375", "https://support.apple.com/en-us/122376", "https://support.apple.com/en-us/122377", "https://support.apple.com/en-us/122378" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "mastersplinter", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2024-9956", "impact": "An app may gain unauthorized access to Bluetooth", "links": [ "https://support.apple.com/en-us/122066" ], "module": "Passkeys", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sonoma and macOS Sequoia", "macOS Tahoe" ], "bugzilla": "303614", "credit": "Apple and Google Threat Analysis Group", "description": "A memory corruption issue was addressed with improved validation.", "id": "CVE-2025-14174", "impact": "Processing maliciously crafted web content may lead to memory corruption. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26. CVE-2025-43529 was also issued in response to this report.", "links": [ "https://support.apple.com/en-us/125884", "https://support.apple.com/en-us/125885", "https://support.apple.com/en-us/125886", "https://support.apple.com/en-us/125889", "https://support.apple.com/en-us/125890", "https://support.apple.com/en-us/125891", "https://support.apple.com/en-us/125892" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2025-24085", "impact": "A malicious application may be able to elevate privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 17.2.", "links": [ "https://support.apple.com/en-us/122066", "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122071", "https://support.apple.com/en-us/122072", "https://support.apple.com/en-us/122073", "https://support.apple.com/en-us/122372", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "CoreMedia", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "DongJun Kim (@smlijun) and JongSeong Kim (@nevul37) in Enki WhiteHat, D4m0n", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2025-24086", "impact": "Processing an image may lead to a denial-of-service", "links": [ "https://support.apple.com/en-us/122066", "https://support.apple.com/en-us/122067", "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122069", "https://support.apple.com/en-us/122070", "https://support.apple.com/en-us/122071", "https://support.apple.com/en-us/122072", "https://support.apple.com/en-us/122073" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "Mickey Jin (@patch1t)", "description": "The issue was addressed with additional permissions checks.", "id": "CVE-2025-24087", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/122068" ], "module": "AppKit", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)" ], "credit": "Csaba Fitzl (@theevilbit) of Kandji", "description": "The issue was addressed by adding additional logic.", "id": "CVE-2025-24088", "impact": "An app may be able to override MDM-enforced settings from profiles", "links": [ "https://support.apple.com/en-us/125110" ], "module": "CoreServices", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Denis Tokarev (@illusionofcha0s), Zikan Wang (@Lakr233)", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-24089", "impact": "An app may be able to enumerate a user's installed apps", "links": [ "https://support.apple.com/en-us/122066" ], "module": "Icons", "rsr": "", "update": "January 16, 2026" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Denis Tokarev (@illusionofcha0s)", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-24090", "impact": "An app may be able to enumerate a user's installed apps", "links": [ "https://support.apple.com/en-us/122066" ], "module": "Icons", "rsr": "", "update": "January 16, 2026" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Guilherme Rambo of Best Buddy Apps (rambo.codes)", "description": "An app could impersonate system notifications. Sensitive notifications now require restricted entitlements.", "id": "CVE-2025-24091", "impact": "An app may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/122066" ], "module": "Libnotify", "rsr": "", "update": "April 30, 2025" }, { "available": [ "macOS Sequoia", "macOS Sonoma" ], "credit": "Adam M.", "description": "This issue was addressed with improved data protection.", "id": "CVE-2025-24092", "impact": "An app may be able to read sensitive location information", "links": [ "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122069" ], "module": "TV App", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Yi\u011fit Can YILMAZ (@yilmazcanyigit)", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-24093", "impact": "An app may be able to access removable volumes without user consent", "links": [ "https://support.apple.com/en-us/122069", "https://support.apple.com/en-us/122070", "https://support.apple.com/en-us/122373" ], "module": "Sandbox", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "A race condition was addressed with additional validation.", "id": "CVE-2025-24094", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122069", "https://support.apple.com/en-us/122070" ], "module": "LaunchServices", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed with additional entitlement checks.", "id": "CVE-2025-24095", "impact": "An app may be able to bypass Privacy preferences", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122378" ], "module": "RepairKit", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "an anonymous researcher", "description": "This issue was addressed through improved state management.", "id": "CVE-2025-24096", "impact": "A malicious app may be able to access arbitrary files", "links": [ "https://support.apple.com/en-us/122068" ], "module": "NSDocument", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma" ], "credit": "Ron Masas of BREAKPOINT.SH", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-24097", "impact": "An app may be able to read arbitrary file metadata", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122376", "https://support.apple.com/en-us/122377", "https://support.apple.com/en-us/122405" ], "module": "AirDrop", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "The issue was addressed with improved checks.", "id": "CVE-2025-24099", "impact": "A local attacker may be able to elevate their privileges", "links": [ "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122069", "https://support.apple.com/en-us/122070" ], "module": "PackageKit", "rsr": "", "update": "January 29, 2025" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Kirin (@Pwnrin)", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2025-24100", "impact": "An app may be able to access information about a user's contacts", "links": [ "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122069", "https://support.apple.com/en-us/122070" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "Kirin (@Pwnrin)", "description": "This issue was addressed with improved redaction of sensitive information.", "id": "CVE-2025-24101", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/122068" ], "module": "Messages", "rsr": "", "update": "" }, { "available": [ "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Kirin (@Pwnrin)", "description": "The issue was addressed with improved checks.", "id": "CVE-2025-24102", "impact": "An app may be able to determine a user\u2019s current location", "links": [ "https://support.apple.com/en-us/122067", "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122069", "https://support.apple.com/en-us/122070" ], "module": "CoreRoutine", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Zhongquan Li (@Guluisacat)", "description": "This issue was addressed with improved validation of symlinks.", "id": "CVE-2025-24103", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122069", "https://support.apple.com/en-us/122070" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Hichem Maloufi, Hakim Boukhadra", "description": "This issue was addressed with improved handling of symlinks.", "id": "CVE-2025-24104", "impact": "Restoring a maliciously crafted backup file may lead to modification of protected system files", "links": [ "https://support.apple.com/en-us/122066", "https://support.apple.com/en-us/122067" ], "module": "Managed Configuration", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Wang Yu of Cyberserval", "description": "This issue was addressed with additional entitlement checks.", "id": "CVE-2025-24106", "impact": "An app may be able to cause unexpected system termination", "links": [ "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122069", "https://support.apple.com/en-us/122070" ], "module": "Audio", "rsr": "", "update": "August 28, 2025" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia" ], "credit": "an anonymous researcher", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-24107", "impact": "A malicious app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/122066", "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122071", "https://support.apple.com/en-us/122072" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "an anonymous researcher", "description": "An access issue was addressed with additional sandbox restrictions.", "id": "CVE-2025-24108", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/122068" ], "module": "SharedFileList", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Bohdan Stasiuk (@Bohdan_Stasiuk)", "description": "A downgrade issue was addressed with additional code-signing restrictions.", "id": "CVE-2025-24109", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122069", "https://support.apple.com/en-us/122070" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Wang Yu of Cyberserval", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2025-24111", "impact": "An app may be able to cause unexpected system termination", "links": [ "https://support.apple.com/en-us/122066", "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122071", "https://support.apple.com/en-us/122072", "https://support.apple.com/en-us/122073", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375", "https://support.apple.com/en-us/122405" ], "module": "Display", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma" ], "credit": "D4m0n", "description": "The issue was addressed with improved checks.", "id": "CVE-2025-24112", "impact": "Parsing a file may lead to an unexpected app termination", "links": [ "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122069" ], "module": "AppleGraphicsControl", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "credit": "@RenwaX23", "description": "The issue was addressed with improved UI.", "id": "CVE-2025-24113", "impact": "Visiting a malicious website may lead to user interface spoofing", "links": [ "https://support.apple.com/en-us/122066", "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122073", "https://support.apple.com/en-us/122074", "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122372", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122376", "https://support.apple.com/en-us/122378", "https://support.apple.com/en-us/122379" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-24114", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122069", "https://support.apple.com/en-us/122070" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "A path handling issue was addressed with improved validation.", "id": "CVE-2025-24115", "impact": "An app may be able to read files outside of its sandbox", "links": [ "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122069", "https://support.apple.com/en-us/122070" ], "module": "LaunchServices", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "An access issue was addressed with additional sandbox restrictions.", "id": "CVE-2025-24116", "impact": "An app may be able to bypass Privacy preferences", "links": [ "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122069", "https://support.apple.com/en-us/122070" ], "module": "LaunchServices", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia" ], "credit": "Michael (Biscuit) Thomas (@biscuit@social.lol)", "description": "This issue was addressed with improved redaction of sensitive information.", "id": "CVE-2025-24117", "impact": "An app may be able to fingerprint the user", "links": [ "https://support.apple.com/en-us/122066", "https://support.apple.com/en-us/122067", "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122071", "https://support.apple.com/en-us/122073" ], "module": "LaunchServices", "rsr": "", "update": "" }, { "available": [ "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "macOS Sequoia", "macOS Sonoma" ], "credit": "Joseph Ravichandran (@0xjprx) of MIT CSAIL", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2025-24118", "impact": "An app may be able to cause unexpected system termination or write kernel memory", "links": [ "https://support.apple.com/en-us/122067", "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122069" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "This issue was addressed through improved state management.", "id": "CVE-2025-24119", "impact": "An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges", "links": [ "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/124150", "https://support.apple.com/en-us/124151" ], "module": "Finder", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "PixiePoint Security", "description": "This issue was addressed by improved management of object lifetimes.", "id": "CVE-2025-24120", "impact": "An attacker may be able to cause unexpected app termination", "links": [ "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122069", "https://support.apple.com/en-us/122070" ], "module": "WindowServer", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2025-24121", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122069", "https://support.apple.com/en-us/122070" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions.", "id": "CVE-2025-24122", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122069", "https://support.apple.com/en-us/122070" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Desmond working with Trend Micro Zero Day Initiative", "description": "The issue was addressed with improved checks.", "id": "CVE-2025-24123", "impact": "Parsing a file may lead to an unexpected app termination", "links": [ "https://support.apple.com/en-us/122066", "https://support.apple.com/en-us/122067", "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122069", "https://support.apple.com/en-us/122070", "https://support.apple.com/en-us/122071", "https://support.apple.com/en-us/122072", "https://support.apple.com/en-us/122073" ], "module": "CoreMedia", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Pwn2car & Rotiple (HyeongSeok Jang) working with Trend Micro Zero Day Initiative", "description": "The issue was addressed with improved checks.", "id": "CVE-2025-24124", "impact": "Parsing a file may lead to an unexpected app termination", "links": [ "https://support.apple.com/en-us/122066", "https://support.apple.com/en-us/122067", "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122069", "https://support.apple.com/en-us/122070", "https://support.apple.com/en-us/122071", "https://support.apple.com/en-us/122072", "https://support.apple.com/en-us/122073" ], "module": "CoreMedia", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Uri Katz (Oligo Security)", "description": "An input validation issue was addressed.", "id": "CVE-2025-24126", "impact": "An attacker on the local network may be able to corrupt process memory", "links": [ "https://support.apple.com/en-us/122066", "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122072", "https://support.apple.com/en-us/122073", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "AirPlay", "rsr": "", "update": "April 28, 2025" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Minghao Lin (@Y1nKoc), babywu, and Xingwei Lin of Zhejiang University", "description": "The issue was addressed with improved checks.", "id": "CVE-2025-24127", "impact": "Parsing a file may lead to an unexpected app termination", "links": [ "https://support.apple.com/en-us/122066", "https://support.apple.com/en-us/122067", "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122069", "https://support.apple.com/en-us/122070", "https://support.apple.com/en-us/122072", "https://support.apple.com/en-us/122073" ], "module": "ARKit", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "credit": "@RenwaX23", "description": "The issue was addressed by adding additional logic.", "id": "CVE-2025-24128", "impact": "Visiting a malicious website may lead to address bar spoofing", "links": [ "https://support.apple.com/en-us/122066", "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122074" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Uri Katz (Oligo Security)", "description": "A type confusion issue was addressed with improved checks.", "id": "CVE-2025-24129", "impact": "An attacker on the local network may cause an unexpected app termination", "links": [ "https://support.apple.com/en-us/122066", "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122072", "https://support.apple.com/en-us/122073", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "AirPlay", "rsr": "", "update": "April 28, 2025" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Pedro T\u00f4rres (@t0rr3sp3dr0)", "description": "The issue was addressed with improved checks.", "id": "CVE-2025-24130", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122069", "https://support.apple.com/en-us/122070" ], "module": "PackageKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Uri Katz (Oligo Security)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2025-24131", "impact": "An attacker on the local network may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/122066", "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122072", "https://support.apple.com/en-us/122073", "https://support.apple.com/en-us/122372", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "AirPlay", "rsr": "", "update": "April 28, 2025" }, { "available": [ "MFi Program" ], "credit": "Oligo Security Research Team", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2025-24132", "impact": "An attacker on the local network may cause an unexpected app termination", "links": [ "https://support.apple.com/en-us/122403" ], "module": "SDK", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "Kirin (@Pwnrin)", "description": "An information disclosure issue was addressed with improved privacy controls.", "id": "CVE-2025-24134", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/122068" ], "module": "FaceTime", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "Arsenii Kostromin (0x3c3e)", "description": "This issue was addressed with improved message validation.", "id": "CVE-2025-24135", "impact": "An app may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/122068" ], "module": "System Extensions", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "\u98ce(binary_fmyy) and Minghao Lin@(Y1nKoc)", "description": "This issue was addressed with improved validation of symlinks.", "id": "CVE-2025-24136", "impact": "A malicious app may be able to create symlinks to protected regions of the disk", "links": [ "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122069", "https://support.apple.com/en-us/122070" ], "module": "Login Window", "rsr": "", "update": "May 16, 2025" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma" ], "credit": "Uri Katz (Oligo Security)", "description": "A type confusion issue was addressed with improved checks.", "id": "CVE-2025-24137", "impact": "An attacker on the local network may corrupt process memory", "links": [ "https://support.apple.com/en-us/122066", "https://support.apple.com/en-us/122067", "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122069", "https://support.apple.com/en-us/122072", "https://support.apple.com/en-us/122073" ], "module": "AirPlay", "rsr": "", "update": "April 28, 2025" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Rodolphe BRUNETTI (@eisw0lf) of Lupus Nova", "description": "This issue was addressed through improved state management.", "id": "CVE-2025-24138", "impact": "A malicious application may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122069", "https://support.apple.com/en-us/122070" ], "module": "Spotlight", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Junsung <3, Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative", "description": "The issue was addressed with improved checks.", "id": "CVE-2025-24139", "impact": "Parsing a maliciously crafted file may lead to an unexpected app termination", "links": [ "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122069", "https://support.apple.com/en-us/122070", "https://support.apple.com/en-us/122375" ], "module": "sips", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "Matej Moravec (@MacejkoMoravec)", "description": "This issue was addressed through improved state management.", "id": "CVE-2025-24140", "impact": "Files downloaded from the internet may not have the quarantine flag applied", "links": [ "https://support.apple.com/en-us/122068" ], "module": "iCloud", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Abhay Kailasia (@abhay_kailasia) from C-DAC Thiruvananthapuram India", "description": "An authentication issue was addressed with improved state management.", "id": "CVE-2025-24141", "impact": "An attacker with physical access to an unlocked device may be able to access Photos while the app is locked", "links": [ "https://support.apple.com/en-us/122066" ], "module": "Accessibility", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "LFY@secsys from Fudan University", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2025-24142", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/122716", "https://support.apple.com/en-us/122717", "https://support.apple.com/en-us/122718" ], "module": "Notification Center", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "bugzilla": "283117", "credit": "an anonymous researcher", "description": "The issue was addressed with improved access restrictions to the file system.", "id": "CVE-2025-24143", "impact": "A maliciously crafted webpage may be able to fingerprint the user", "links": [ "https://support.apple.com/en-us/122066", "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122073", "https://support.apple.com/en-us/122074" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Mateusz Krzywicki (@krzywix)", "description": "An information disclosure issue was addressed by removing the vulnerable code.", "id": "CVE-2025-24144", "impact": "An app may be able to leak sensitive kernel state", "links": [ "https://support.apple.com/en-us/122066", "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122071", "https://support.apple.com/en-us/122072", "https://support.apple.com/en-us/122073", "https://support.apple.com/en-us/122405", "https://support.apple.com/en-us/122717", "https://support.apple.com/en-us/122718" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia" ], "credit": "Kirin (@Pwnrin)", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2025-24145", "impact": "An app may be able to view a contact's phone number in system logs", "links": [ "https://support.apple.com/en-us/122066", "https://support.apple.com/en-us/122068" ], "module": "Time Zone", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "\u795e\u7f5a(@Pwnrin)", "description": "This issue was addressed with improved redaction of sensitive information.", "id": "CVE-2025-24146", "impact": "Deleting a conversation in Messages may expose user contact information in system logging", "links": [ "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122069", "https://support.apple.com/en-us/122070" ], "module": "Photos Storage", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Kenneth Chew", "description": "This issue was addressed with improved handling of executable types.", "id": "CVE-2025-24148", "impact": "A malicious JAR file may bypass Gatekeeper checks", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "LaunchServices", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2025-24149", "impact": "Parsing a file may lead to disclosure of user information", "links": [ "https://support.apple.com/en-us/122066", "https://support.apple.com/en-us/122067", "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122069", "https://support.apple.com/en-us/122070", "https://support.apple.com/en-us/122071", "https://support.apple.com/en-us/122072", "https://support.apple.com/en-us/122073" ], "module": "SceneKit", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "bugzilla": "283718", "credit": "Johan Carlsson (joaxcar)", "description": "A privacy issue was addressed with improved handling of files.", "id": "CVE-2025-24150", "impact": "Copying a URL from Web Inspector may lead to command injection", "links": [ "https://support.apple.com/en-us/122066", "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122074" ], "module": "WebKit Web Inspector", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2025-24151", "impact": "An app may be able to cause unexpected system termination or corrupt kernel memory", "links": [ "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122069", "https://support.apple.com/en-us/122070" ], "module": "SMB", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "an anonymous researcher", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2025-24152", "impact": "An app may be able to cause unexpected system termination or corrupt kernel memory", "links": [ "https://support.apple.com/en-us/122068" ], "module": "SMB", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "an anonymous researcher", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2025-24153", "impact": "An app with root privileges may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/122068" ], "module": "SMB", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "An out-of-bounds write was addressed with improved input validation.", "id": "CVE-2025-24154", "impact": "An attacker may be able to cause unexpected system termination or corrupt kernel memory", "links": [ "https://support.apple.com/en-us/122066", "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122069", "https://support.apple.com/en-us/122070", "https://support.apple.com/en-us/122073" ], "module": "WebContentFilter", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2025-24155", "impact": "An app may be able to disclose kernel memory", "links": [ "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122717", "https://support.apple.com/en-us/122718" ], "module": "WebContentFilter", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "An integer overflow was addressed through improved input validation.", "id": "CVE-2025-24156", "impact": "An app may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122069", "https://support.apple.com/en-us/122070" ], "module": "Xsan", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2025-24157", "impact": "An app may be able to cause unexpected system termination or corrupt kernel memory", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "Xsan", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "bugzilla": "283889", "credit": "Q1IQ (@q1iqF) of NUS CuriOSity and P1umer (@p1umer) of Imperial Global Singapore", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2025-24158", "impact": "Processing web content may lead to a denial-of-service", "links": [ "https://support.apple.com/en-us/122066", "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122071", "https://support.apple.com/en-us/122072", "https://support.apple.com/en-us/122073", "https://support.apple.com/en-us/122074" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma" ], "credit": "pattern-f (@pattern_F_)", "description": "A validation issue was addressed with improved logic.", "id": "CVE-2025-24159", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/122066", "https://support.apple.com/en-us/122067", "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122069", "https://support.apple.com/en-us/122071", "https://support.apple.com/en-us/122072", "https://support.apple.com/en-us/122073" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma" ], "credit": "Google Threat Analysis Group", "description": "The issue was addressed with improved checks.", "id": "CVE-2025-24160", "impact": "Parsing a file may lead to an unexpected app termination", "links": [ "https://support.apple.com/en-us/122066", "https://support.apple.com/en-us/122067", "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122069", "https://support.apple.com/en-us/122071", "https://support.apple.com/en-us/122072", "https://support.apple.com/en-us/122073" ], "module": "CoreAudio", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma" ], "credit": "Google Threat Analysis Group", "description": "The issue was addressed with improved checks.", "id": "CVE-2025-24161", "impact": "Parsing a file may lead to an unexpected app termination", "links": [ "https://support.apple.com/en-us/122066", "https://support.apple.com/en-us/122067", "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122069", "https://support.apple.com/en-us/122071", "https://support.apple.com/en-us/122072", "https://support.apple.com/en-us/122073" ], "module": "CoreAudio", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "bugzilla": "284159", "credit": "linjy of HKUS3Lab and chluo of WHUSecLab", "description": "This issue was addressed through improved state management.", "id": "CVE-2025-24162", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/122066", "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122071", "https://support.apple.com/en-us/122072", "https://support.apple.com/en-us/122073", "https://support.apple.com/en-us/122074" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma" ], "credit": "Google Threat Analysis Group", "description": "The issue was addressed with improved checks.", "id": "CVE-2025-24163", "impact": "Parsing a file may lead to an unexpected app termination", "links": [ "https://support.apple.com/en-us/122066", "https://support.apple.com/en-us/122067", "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122069", "https://support.apple.com/en-us/122071", "https://support.apple.com/en-us/122072", "https://support.apple.com/en-us/122073", "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122376", "https://support.apple.com/en-us/122377", "https://support.apple.com/en-us/122378" ], "module": "CoreAudio", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2025-24164", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "PackageKit", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "credit": "Syarif Muhammad Sajjad", "description": "This issue was addressed through improved state management.", "id": "CVE-2025-24167", "impact": "A download's origin may be incorrectly associated", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122376", "https://support.apple.com/en-us/122379" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "credit": "Josh Parnham (@joshparnham)", "description": "A logging issue was addressed with improved data redaction.", "id": "CVE-2025-24169", "impact": "A malicious app may be able to bypass browser extension authentication", "links": [ "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122074" ], "module": "Passwords", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma", "macOS Ventura" ], "credit": "YingQi Shi (@Mas0nShi) of DBAppSecurity's WeBin lab and Minghao Lin (@Y1nKoc), Stephan Casas", "description": "A logic issue was addressed with improved file handling.", "id": "CVE-2025-24170", "impact": "An app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "CoreServices", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "A permissions issue was addressed with additional sandbox restrictions.", "id": "CVE-2025-24172", "impact": "\"Block All Remote Content\" may not apply for all mail previews", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "Mail", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed with additional entitlement checks.", "id": "CVE-2025-24173", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122372", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375", "https://support.apple.com/en-us/122376", "https://support.apple.com/en-us/122377", "https://support.apple.com/en-us/122378" ], "module": "Power Services", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Arsenii Kostromin (0x3c3e), Joshua Jones", "description": "The issue was addressed with improved checks.", "id": "CVE-2025-24174", "impact": "An app may be able to bypass Privacy preferences", "links": [ "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122069", "https://support.apple.com/en-us/122070" ], "module": "iCloud Photo Library", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Yann GASCUEL of Alter Solutions", "description": "A permissions issue was addressed with improved validation.", "id": "CVE-2025-24176", "impact": "A local attacker may be able to elevate their privileges", "links": [ "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122069", "https://support.apple.com/en-us/122070" ], "module": "StorageKit", "rsr": "", "update": "" }, { "available": [ "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Uri Katz (Oligo Security)", "description": "A null pointer dereference was addressed with improved input validation.", "id": "CVE-2025-24177", "impact": "An attacker on the local network may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/122066", "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122372", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "AirPlay", "rsr": "", "update": "April 28, 2025" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "This issue was addressed through improved state management.", "id": "CVE-2025-24178", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122372", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375", "https://support.apple.com/en-us/122376", "https://support.apple.com/en-us/122377" ], "module": "libxpc", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Uri Katz (Oligo Security)", "description": "A null pointer dereference was addressed with improved input validation.", "id": "CVE-2025-24179", "impact": "An attacker on the local network may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/122066", "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122072", "https://support.apple.com/en-us/122073", "https://support.apple.com/en-us/122372", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "AirPlay", "rsr": "", "update": "April 28, 2025" }, { "available": [ "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "credit": "Martin Kreichgauer of Google Chrome", "description": "The issue was addressed with improved input validation.", "id": "CVE-2025-24180", "impact": "A malicious website may be able to claim WebAuthn credentials from another website that shares a registrable suffix", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122376", "https://support.apple.com/en-us/122378", "https://support.apple.com/en-us/122379" ], "module": "Authentication Services", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Arsenii Kostromin (0x3c3e)", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-24181", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "Sandbox", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia" ], "credit": "Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative", "description": "An out-of-bounds read issue was addressed with improved input validation.", "id": "CVE-2025-24182", "impact": "Processing a maliciously crafted font may result in the disclosure of process memory", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122376", "https://support.apple.com/en-us/122377", "https://support.apple.com/en-us/122378" ], "module": "CoreText", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Arsenii Kostromin (0x3c3e)", "description": "The issue was addressed with improved checks.", "id": "CVE-2025-24183", "impact": "A local user may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122069", "https://support.apple.com/en-us/122070" ], "module": "Perl", "rsr": "", "update": "May 16, 2025" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia" ], "credit": "Song Hyun Bae (@bshyuunn) and Lee Dong Ha (Who4mI)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2025-24184", "impact": "An app may be able to cause unexpected system termination", "links": [ "https://support.apple.com/en-us/122066", "https://support.apple.com/en-us/122067", "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122071", "https://support.apple.com/en-us/122072", "https://support.apple.com/en-us/122073" ], "module": "CoreMedia Playback", "rsr": "", "update": "May 16, 2025" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative", "description": "An out-of-bounds write issue was addressed with improved input validation.", "id": "CVE-2025-24185", "impact": "Parsing a maliciously crafted file may lead to an unexpected app termination", "links": [ "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122069", "https://support.apple.com/en-us/122070" ], "module": "sips", "rsr": "", "update": "March 17, 2025" }, { "available": [ "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "credit": "Andreas Jaegersberger & Ro Achterberg of Nosebeard Labs", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2025-24188", "impact": "Processing maliciously crafted web content may lead to an unexpected Safari crash", "links": [ "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124152" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "bugzilla": "284332", "credit": "an anonymous researcher", "description": "The issue was addressed with improved checks.", "id": "CVE-2025-24189", "impact": "Processing maliciously crafted web content may lead to memory corruption", "links": [ "https://support.apple.com/en-us/122066", "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122071", "https://support.apple.com/en-us/122072", "https://support.apple.com/en-us/122073", "https://support.apple.com/en-us/122074" ], "module": "WebKit", "rsr": "", "update": "May 16, 2025" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2025-24190", "impact": "Processing a maliciously crafted video file may lead to unexpected app termination or corrupt process memory", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122372", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375", "https://support.apple.com/en-us/122376", "https://support.apple.com/en-us/122377", "https://support.apple.com/en-us/122378" ], "module": "CoreMedia", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "Claudio Bozzato and Francesco Benvenuto of Cisco Talos", "description": "The issue was addressed with improved validation of environment variables.", "id": "CVE-2025-24191", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/122373" ], "module": "RPAC", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "credit": "Vsevolod Kokorin (Slonser) of Solidlab", "description": "A script imports issue was addressed with improved isolation.", "id": "CVE-2025-24192", "impact": "Visiting a website may leak sensitive data", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122378", "https://support.apple.com/en-us/122379" ], "module": "Web Extensions", "rsr": "", "update": "" }, { "available": [ "iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 4th generation and later, iPad 10th generation and later, and iPad mini 6th generation and later" ], "credit": "Florian Draschbacher", "description": "This issue was addressed with improved authentication.", "id": "CVE-2025-24193", "impact": "An attacker with a USB-C connection to an unlocked device may be able to programmatically access photos", "links": [ "https://support.apple.com/en-us/122371" ], "module": "MobileLockdown", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia" ], "credit": "an anonymous researcher", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2025-24194", "impact": "Processing maliciously crafted web content may result in the disclosure of process memory", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122376", "https://support.apple.com/en-us/122377", "https://support.apple.com/en-us/122378" ], "module": "libnetcore", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Pawe\u0142 P\u0142atek (Trail of Bits)", "description": "An integer overflow was addressed with improved input validation.", "id": "CVE-2025-24195", "impact": "A user may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "Libinfo", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma" ], "credit": "Joseph Ravichandran (@0xjprx) of MIT CSAIL", "description": "A type confusion issue was addressed with improved memory handling.", "id": "CVE-2025-24196", "impact": "An attacker with user privileges may be able to read kernel memory", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "macOS Sequoia", "macOS Sonoma" ], "credit": "Rodolphe Brunetti (@eisw0lf) of Lupus Nova", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2025-24197", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125111", "https://support.apple.com/en-us/125112" ], "module": "Spotlight", "rsr": "", "update": "" }, { "available": [ "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Richard Hyunho Im (@richeeta) with routezero.security", "description": "This issue was addressed by restricting options offered on a locked device.", "id": "CVE-2025-24198", "impact": "An attacker with physical access may be able to use Siri to access sensitive user data", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122372", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "Siri", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Manuel Fernandez (Stackhopper Security)", "description": "An uncontrolled format string issue was addressed with improved input validation.", "id": "CVE-2025-24199", "impact": "An app may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "Foundation", "rsr": "", "update": "" }, { "available": [ "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Bill Marczak of The Citizen Lab at The University of Toronto\u2019s Munk School", "description": "An authorization issue was addressed with improved state management.", "id": "CVE-2025-24200", "impact": "A physical attack may disable USB Restricted Mode on a locked device. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.", "links": [ "https://support.apple.com/en-us/122173", "https://support.apple.com/en-us/122174", "https://support.apple.com/en-us/122345", "https://support.apple.com/en-us/122346" ], "module": "Accessibility", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "bugzilla": "285858", "credit": "Apple", "description": "An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions.", "id": "CVE-2025-24201", "impact": "Maliciously crafted web content may be able to break out of Web Content sandbox. This is a supplementary fix for an attack that was blocked in iOS 17.2. (Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 17.2.)", "links": [ "https://support.apple.com/en-us/122281", "https://support.apple.com/en-us/122283", "https://support.apple.com/en-us/122284", "https://support.apple.com/en-us/122285", "https://support.apple.com/en-us/122345", "https://support.apple.com/en-us/122346", "https://support.apple.com/en-us/122372", "https://support.apple.com/en-us/122376" ], "module": "WebKit", "rsr": "", "update": "April 9, 2025" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia" ], "credit": "Zhongcheng Li from IES Red Team of ByteDance", "description": "A logging issue was addressed with improved data redaction.", "id": "CVE-2025-24202", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122373" ], "module": "Accessibility", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Ian Beer of Google Project Zero", "description": "The issue was addressed with improved checks.", "id": "CVE-2025-24203", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122372", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375", "https://support.apple.com/en-us/122376", "https://support.apple.com/en-us/122377", "https://support.apple.com/en-us/122378" ], "module": "Kernel", "rsr": "", "update": "November 11, 2025" }, { "available": [ "macOS Sequoia" ], "credit": "Koh M. Nakagawa (@tsunek0h) of FFRI Security, Inc.", "description": "The issue was addressed with improved checks.", "id": "CVE-2025-24204", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/122373" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "YingQi Shi(@Mas0nShi) of DBAppSecurity's WeBin lab and Minghao Lin (@Y1nKoc)", "description": "An authorization issue was addressed with improved state management.", "id": "CVE-2025-24205", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122372", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "Siri", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Uri Katz (Oligo Security)", "description": "An authentication issue was addressed with improved state management.", "id": "CVE-2025-24206", "impact": "An attacker on the local network may be able to bypass authentication policy", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122372", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375", "https://support.apple.com/en-us/122377", "https://support.apple.com/en-us/122378" ], "module": "AirPlay", "rsr": "", "update": "April 28, 2025" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "YingQi Shi (@Mas0nShi) of DBAppSecurity's WeBin lab, \u98ce\u6c90\u4e91\u70df (binary_fmyy) and Minghao Lin (@Y1nKoc)", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-24207", "impact": "An app may be able to enable iCloud storage features without user consent", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "Storage Management", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Ventura and macOS Sonoma" ], "bugzilla": "286381", "credit": "Muhammad Zaid Ghifari (Mr.ZheeV) and Kalimantan Utara", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-24208", "impact": "Loading a malicious iframe may lead to a cross-site scripting attack", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122379" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "bugzilla": "286462", "credit": "Francisco Alonso (@revskills), and an anonymous researcher", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2025-24209", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122372", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122376", "https://support.apple.com/en-us/122377", "https://support.apple.com/en-us/122379" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Anonymous working with Trend Micro Zero Day Initiative", "description": "A logic error was addressed with improved error handling.", "id": "CVE-2025-24210", "impact": "Parsing an image may lead to disclosure of user information", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122372", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375", "https://support.apple.com/en-us/122376", "https://support.apple.com/en-us/122377", "https://support.apple.com/en-us/122378" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative", "description": "This issue was addressed with improved memory handling.", "id": "CVE-2025-24211", "impact": "Processing a maliciously crafted video file may lead to unexpected app termination or corrupt process memory", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122372", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375", "https://support.apple.com/en-us/122377", "https://support.apple.com/en-us/122378" ], "module": "CoreMedia", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Denis Tokarev (@illusionofcha0s)", "description": "This issue was addressed with improved checks.", "id": "CVE-2025-24212", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122372", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375", "https://support.apple.com/en-us/122376", "https://support.apple.com/en-us/122377", "https://support.apple.com/en-us/122378" ], "module": "Calendar", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "bugzilla": "286694", "credit": "Google V8 Security Team", "description": "This issue was addressed with improved handling of floats.", "id": "CVE-2025-24213", "impact": "A type confusion issue could lead to memory corruption", "links": [ "https://support.apple.com/en-us/122404", "https://support.apple.com/en-us/122405", "https://support.apple.com/en-us/122716", "https://support.apple.com/en-us/122719", "https://support.apple.com/en-us/122720", "https://support.apple.com/en-us/122721", "https://support.apple.com/en-us/122722" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia" ], "credit": "Kirin (@Pwnrin)", "description": "A privacy issue was addressed by not logging contents of text fields.", "id": "CVE-2025-24214", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122376", "https://support.apple.com/en-us/122377", "https://support.apple.com/en-us/122378" ], "module": "Siri", "rsr": "", "update": "" }, { "available": [ "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Kirin (@Pwnrin)", "description": "The issue was addressed with improved checks.", "id": "CVE-2025-24215", "impact": "A malicious app may be able to access private information", "links": [ "https://support.apple.com/en-us/122372", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "CloudKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "bugzilla": "284055", "credit": "Paul Bakker of ParagonERP", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2025-24216", "impact": "Processing maliciously crafted web content may lead to an unexpected Safari crash", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122372", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122376", "https://support.apple.com/en-us/122377", "https://support.apple.com/en-us/122378", "https://support.apple.com/en-us/122379" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia" ], "credit": "Kirin (@Pwnrin)", "description": "This issue was addressed with improved redaction of sensitive information.", "id": "CVE-2025-24217", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122376", "https://support.apple.com/en-us/122377" ], "module": "Siri", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "Kirin and FlowerCode, Bohdan Stasiuk (@bohdan_stasiuk)", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2025-24218", "impact": "An app may be able to access information about a user's contacts", "links": [ "https://support.apple.com/en-us/122373" ], "module": "Summarization Services", "rsr": "", "update": "" }, { "available": [ "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Wojciech Regula of SecuRing (wojciechregula.blog)", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-24220", "impact": "An app may be able to read a persistent device identifier", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/124148" ], "module": "Sandbox Profiles", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Lehan Dilusha (@zafer), and an anonymous researcher", "description": "This issue was addressed with improved data access restriction.", "id": "CVE-2025-24221", "impact": "Sensitive keychain data may be accessible from an iOS backup", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122372", "https://support.apple.com/en-us/122378" ], "module": "Accounts", "rsr": "", "update": "May 28, 2025" }, { "available": [ "macOS Sequoia" ], "credit": "wac working with Trend Micro Zero Day Initiative", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2025-24222", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/122716" ], "module": "BOM", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "bugzilla": "287577", "credit": "rheza (@ginggilBesel), Edouard Bochin (@le_douds) and Tao Yan (@Ga1ois) of Palo Alto Networks", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2025-24223", "impact": "Processing maliciously crafted web content may lead to memory corruption", "links": [ "https://support.apple.com/en-us/122404", "https://support.apple.com/en-us/122716", "https://support.apple.com/en-us/122719", "https://support.apple.com/en-us/122720", "https://support.apple.com/en-us/122721", "https://support.apple.com/en-us/122722" ], "module": "WebKit", "rsr": "", "update": "November 21, 2025" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura" ], "credit": "Tony Iskow (@Tybbow)", "description": "The issue was addressed with improved checks.", "id": "CVE-2025-24224", "impact": "A remote attacker may be able to cause unexpected system termination", "links": [ "https://support.apple.com/en-us/122404", "https://support.apple.com/en-us/122716", "https://support.apple.com/en-us/122720", "https://support.apple.com/en-us/122721", "https://support.apple.com/en-us/122722", "https://support.apple.com/en-us/124148", "https://support.apple.com/en-us/124151" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Richard Hyunho Im (@richeeta)", "description": "An injection issue was addressed with improved input validation.", "id": "CVE-2025-24225", "impact": "Processing an email may lead to user interface spoofing", "links": [ "https://support.apple.com/en-us/122404", "https://support.apple.com/en-us/122405" ], "module": "Mail Addressing", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia 15.2 and later" ], "credit": "Mickey Jin (@patch1t)", "description": "The issue was addressed with improved checks.", "id": "CVE-2025-24226", "impact": "A malicious app may be able to access private information", "links": [ "https://support.apple.com/en-us/122380" ], "module": "IDE Assets", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Joseph Ravichandran (@0xjprx) of MIT CSAIL", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2025-24228", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "SMB", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2025-24229", "impact": "A sandboxed app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "Installer", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative", "description": "An out-of-bounds read issue was addressed with improved input validation.", "id": "CVE-2025-24230", "impact": "Playing a malicious audio file may lead to an unexpected app termination", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122372", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375", "https://support.apple.com/en-us/122376", "https://support.apple.com/en-us/122377", "https://support.apple.com/en-us/122378" ], "module": "CoreAudio", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Claudio Bozzato and Francesco Benvenuto of Cisco Talos", "description": "The issue was addressed with improved checks.", "id": "CVE-2025-24231", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "Software Update", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "This issue was addressed through improved state management.", "id": "CVE-2025-24232", "impact": "A malicious app may be able to access arbitrary files", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "NSDocument", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Claudio Bozzato and Francesco Benvenuto of Cisco Talos.", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-24233", "impact": "A malicious app may be able to read or write to protected files", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "This issue was addressed by removing the vulnerable code.", "id": "CVE-2025-24234", "impact": "A malicious app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "AccountPolicy", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Dave G. of Supernetworks", "description": "A memory initialization issue was addressed with improved memory handling.", "id": "CVE-2025-24235", "impact": "A remote attacker may be able to cause unexpected app termination or heap corruption", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "Kerberos Helper", "rsr": "", "update": "May 28, 2025" }, { "available": [ "macOS Sequoia", "macOS Sonoma" ], "credit": "Csaba Fitzl (@theevilbit) and Nolan Astrein of Kandji", "description": "An access issue was addressed with additional sandbox restrictions.", "id": "CVE-2025-24236", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374" ], "module": "CoreMedia", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Yutong Xiu (@Sou1gh0st)", "description": "A buffer overflow was addressed with improved bounds checking.", "id": "CVE-2025-24237", "impact": "An app may be able to cause unexpected system termination", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122372", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375", "https://support.apple.com/en-us/122376", "https://support.apple.com/en-us/122378" ], "module": "BiometricKit", "rsr": "", "update": "May 28, 2025" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2025-24238", "impact": "An app may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375", "https://support.apple.com/en-us/122376", "https://support.apple.com/en-us/122377" ], "module": "libxpc", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "Wojciech Regula of SecuRing (wojciechregula.blog)", "description": "A downgrade issue was addressed with additional code-signing restrictions.", "id": "CVE-2025-24239", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/122373" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "A race condition was addressed with additional validation.", "id": "CVE-2025-24240", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "StorageKit", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Andreas Hegenberg (folivora.AI GmbH)", "description": "A configuration issue was addressed with additional restrictions.", "id": "CVE-2025-24241", "impact": "An app may be able to trick a user into copying sensitive data to the pasteboard", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "WindowServer", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "Koh M. Nakagawa (@tsunek0h) of FFRI Security, Inc.", "description": "This issue was addressed with improved handling of symlinks.", "id": "CVE-2025-24242", "impact": "An app with root privileges may be able to access private information", "links": [ "https://support.apple.com/en-us/122373" ], "module": "System Settings", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2025-24243", "impact": "Processing a maliciously crafted file may lead to arbitrary code execution", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122372", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375", "https://support.apple.com/en-us/122376", "https://support.apple.com/en-us/122377", "https://support.apple.com/en-us/122378" ], "module": "Audio", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2025-24244", "impact": "Processing a maliciously crafted font may result in the disclosure of process memory", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122372", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375", "https://support.apple.com/en-us/122376", "https://support.apple.com/en-us/122377" ], "module": "Audio", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "Ian Mckay (@iann0036)", "description": "This issue was addressed by adding a delay between verification code attempts.", "id": "CVE-2025-24245", "impact": "A malicious app may be able to access a user's saved passwords", "links": [ "https://support.apple.com/en-us/122373" ], "module": "Authentication Services", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t), and Csaba Fitzl (@theevilbit) of Kandji", "description": "An injection issue was addressed with improved validation.", "id": "CVE-2025-24246", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "OpenSSH", "rsr": "", "update": "May 28, 2025" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "PixiePoint Security", "description": "A type confusion issue was addressed with improved checks.", "id": "CVE-2025-24247", "impact": "An attacker may be able to cause unexpected app termination", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "WindowServer", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "Minghao Lin (@Y1nKoc) and Tong Liu@Lyutoon_ and \u98ce(binary_fmyy) and F00L", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-24248", "impact": "An app may be able to enumerate devices that have signed into the user's Apple Account", "links": [ "https://support.apple.com/en-us/122373" ], "module": "Siri", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "YingQi Shi(@Mas0nShi) of DBAppSecurity's WeBin lab and Minghao Lin (@Y1nKoc)", "description": "A permissions issue was addressed with additional sandbox restrictions.", "id": "CVE-2025-24249", "impact": "An app may be able to check the existence of an arbitrary path on the file system", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "Installer", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Wojciech Regula of SecuRing (wojciechregula.blog)", "description": "This issue was addressed with improved access restrictions.", "id": "CVE-2025-24250", "impact": "A malicious app acting as a HTTPS proxy could get access to sensitive user data", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Uri Katz (Oligo Security)", "description": "The issue was addressed with improved checks.", "id": "CVE-2025-24251", "impact": "An attacker on the local network may cause an unexpected app termination", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122372", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375", "https://support.apple.com/en-us/122376", "https://support.apple.com/en-us/122377", "https://support.apple.com/en-us/122378" ], "module": "AirPlay", "rsr": "", "update": "April 28, 2025" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Uri Katz (Oligo Security)", "description": "A use-after-free issue was addressed with improved memory management.", "id": "CVE-2025-24252", "impact": "An attacker on the local network may cause an unexpected app termination", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122372", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375", "https://support.apple.com/en-us/122377", "https://support.apple.com/en-us/122378" ], "module": "AirPlay", "rsr": "", "update": "April 28, 2025" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t), Csaba Fitzl (@theevilbit) of Kandji", "description": "This issue was addressed with improved handling of symlinks.", "id": "CVE-2025-24253", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "StorageKit", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Arsenii Kostromin (0x3c3e)", "description": "This issue was addressed with improved validation of symlinks.", "id": "CVE-2025-24254", "impact": "A user may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "Software Update", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "A file access issue was addressed with improved input validation.", "id": "CVE-2025-24255", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "Disk Images", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Anonymous working with Trend Micro Zero Day Initiative, Murray Mike", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2025-24256", "impact": "An app may be able to disclose kernel memory", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "GPU Drivers", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia" ], "credit": "Wang Yu of Cyberserval", "description": "An out-of-bounds write issue was addressed with improved input validation.", "id": "CVE-2025-24257", "impact": "An app may be able to cause unexpected system termination or write kernel memory", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122376", "https://support.apple.com/en-us/122378" ], "module": "IOGPUFamily", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Csaba Fitzl (@theevilbit) of Kandji, an anonymous researcher", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-24258", "impact": "An app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122717", "https://support.apple.com/en-us/122718" ], "module": "DiskArbitration", "rsr": "", "update": "" }, { "available": [ "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Noah Gregory (wts.dev)", "description": "This issue was addressed with additional entitlement checks.", "id": "CVE-2025-24259", "impact": "An app may be able to retrieve Safari bookmarks without an entitlement check", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375", "https://support.apple.com/en-us/122405" ], "module": "Parental Controls", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "zbleet of QI-ANXIN TianGong Team", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2025-24260", "impact": "An attacker in a privileged position may be able to perform a denial-of-service", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "smbx", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "The issue was addressed with improved checks.", "id": "CVE-2025-24261", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "PackageKit", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "LFY@secsys from Fudan University", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2025-24262", "impact": "A sandboxed app may be able to access sensitive user data in system logs", "links": [ "https://support.apple.com/en-us/122373" ], "module": "Notes", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "Cristian Dinca of \"Tudor Vianu\" National High School of Computer Science, Romania", "description": "A privacy issue was addressed by moving sensitive data to a protected location.", "id": "CVE-2025-24263", "impact": "An app may be able to observe unprotected user data", "links": [ "https://support.apple.com/en-us/122373" ], "module": "StickerKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "bugzilla": "285892", "credit": "Gary Kwong, and an anonymous researcher", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2025-24264", "impact": "Processing maliciously crafted web content may lead to an unexpected Safari crash", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122372", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122376", "https://support.apple.com/en-us/122377", "https://support.apple.com/en-us/122378", "https://support.apple.com/en-us/122379" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2025-24265", "impact": "An app may be able to cause unexpected system termination", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "Xsan", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "A buffer overflow was addressed with improved bounds checking.", "id": "CVE-2025-24266", "impact": "An app may be able to cause unexpected system termination", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "Xsan", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-24267", "impact": "An app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "DiskArbitration", "rsr": "", "update": "May 12, 2025" }, { "available": [ "macOS Sequoia" ], "credit": "Alex Radocea of Supernetworks", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2025-24269", "impact": "An app may be able to cause unexpected system termination", "links": [ "https://support.apple.com/en-us/122373" ], "module": "SMB", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Uri Katz (Oligo Security)", "description": "This issue was addressed by removing the vulnerable code.", "id": "CVE-2025-24270", "impact": "An attacker on the local network may be able to leak sensitive user information", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122372", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375", "https://support.apple.com/en-us/122377", "https://support.apple.com/en-us/122378" ], "module": "AirPlay", "rsr": "", "update": "April 28, 2025" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Uri Katz (Oligo Security)", "description": "An access issue was addressed with improved access restrictions.", "id": "CVE-2025-24271", "impact": "An unauthenticated user on the same network as a signed-in Mac could send it AirPlay commands without pairing", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122372", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375", "https://support.apple.com/en-us/122377", "https://support.apple.com/en-us/122378" ], "module": "AirPlay", "rsr": "", "update": "April 28, 2025" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "The issue was addressed with improved checks.", "id": "CVE-2025-24272", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Wang Yu of Cyberserval", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2025-24273", "impact": "An app may be able to cause unexpected system termination or corrupt kernel memory", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "GPU Drivers", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "An input validation issue was addressed by removing the vulnerable code.", "id": "CVE-2025-24274", "impact": "A malicious app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/122716", "https://support.apple.com/en-us/122717", "https://support.apple.com/en-us/122718" ], "module": "Mobile Device Service", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "This issue was addressed by removing the vulnerable code.", "id": "CVE-2025-24276", "impact": "A malicious app may be able to access private information", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "App Store", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Csaba Fitzl (@theevilbit) of Kandji and Gergely Kalman (@gergely_kalman), and an anonymous researcher", "description": "A parsing issue in the handling of directory paths was addressed with improved path validation.", "id": "CVE-2025-24277", "impact": "An app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "Crash Reporter", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Zhongquan Li (@Guluisacat)", "description": "This issue was addressed with improved validation of symlinks.", "id": "CVE-2025-24278", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "System Settings", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed with improved file handling.", "id": "CVE-2025-24279", "impact": "An app may be able to access contacts", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "Voice Control", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma" ], "credit": "Kirin (@Pwnrin)", "description": "An access issue was addressed with additional sandbox restrictions.", "id": "CVE-2025-24280", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374" ], "module": "Shortcuts", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "Rodolphe BRUNETTI (@eisw0lf)", "description": "This issue was addressed with improved data protection.", "id": "CVE-2025-24281", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/122373" ], "module": "FeedbackLogger", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "Claudio Bozzato and Francesco Benvenuto of Cisco Talos", "description": "A library injection issue was addressed with additional restrictions.", "id": "CVE-2025-24282", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/122373" ], "module": "Software Update", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia" ], "credit": "Kirin (@Pwnrin)", "description": "A logging issue was addressed with improved data redaction.", "id": "CVE-2025-24283", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122376", "https://support.apple.com/en-us/122378" ], "module": "Focus", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Ivan Fratric of Google Project Zero", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2025-24855", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/122066", "https://support.apple.com/en-us/122067", "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122069", "https://support.apple.com/en-us/122070", "https://support.apple.com/en-us/122071", "https://support.apple.com/en-us/122072", "https://support.apple.com/en-us/122073" ], "module": "libxslt", "rsr": "", "update": "May 16, 2025" }, { "available": [ "macOS Sequoia", "macOS Sonoma" ], "credit": "", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2025-26465", "impact": "Multiple issues in OpenSSH", "links": [ "https://support.apple.com/en-us/122716", "https://support.apple.com/en-us/122717" ], "module": "OpenSSH", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma" ], "credit": "", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2025-26466", "impact": "Multiple issues in OpenSSH", "links": [ "https://support.apple.com/en-us/122716", "https://support.apple.com/en-us/122717" ], "module": "OpenSSH", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2025-27113", "impact": "Parsing a file may lead to an unexpected app termination", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122372", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375", "https://support.apple.com/en-us/122376", "https://support.apple.com/en-us/122377", "https://support.apple.com/en-us/122378" ], "module": "libxml2", "rsr": "", "update": "" }, { "available": [ "MFi Program" ], "credit": "Uri Katz (Oligo Security)", "description": "A buffer overflow was addressed with improved input validation.", "id": "CVE-2025-30422", "impact": "An attacker on the local network may cause an unexpected app termination", "links": [ "https://support.apple.com/en-us/122403" ], "module": "SDK", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "A logging issue was addressed with improved data redaction.", "id": "CVE-2025-30424", "impact": "Deleting a conversation in Messages may expose user contact information in system logging", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "Photos Storage", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "bugzilla": "286580", "credit": "an anonymous researcher", "description": "This issue was addressed through improved state management.", "id": "CVE-2025-30425", "impact": "A malicious website may be able to track users in Safari private browsing mode", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122372", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122376", "https://support.apple.com/en-us/122377", "https://support.apple.com/en-us/122379" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia" ], "credit": "Jimmy", "description": "This issue was addressed with additional entitlement checks.", "id": "CVE-2025-30426", "impact": "An app may be able to enumerate a user's installed apps", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122372", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122376", "https://support.apple.com/en-us/122377", "https://support.apple.com/en-us/122378" ], "module": "NetworkExtension", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "bugzilla": "285643", "credit": "rheza (@ginggilBesel)", "description": "A use-after-free issue was addressed with improved memory management.", "id": "CVE-2025-30427", "impact": "Processing maliciously crafted web content may lead to an unexpected Safari crash", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122372", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122376", "https://support.apple.com/en-us/122377", "https://support.apple.com/en-us/122378", "https://support.apple.com/en-us/122379" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Jax Reissner", "description": "This issue was addressed through improved state management.", "id": "CVE-2025-30428", "impact": "Photos in the Hidden Photos Album may be viewed without authentication", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122372" ], "module": "Photos", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Denis Tokarev (@illusionofcha0s)", "description": "A path handling issue was addressed with improved validation.", "id": "CVE-2025-30429", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122372", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375", "https://support.apple.com/en-us/122376", "https://support.apple.com/en-us/122377", "https://support.apple.com/en-us/122378" ], "module": "Calendar", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia" ], "credit": "Dominik Rath", "description": "This issue was addressed through improved state management.", "id": "CVE-2025-30430", "impact": "Password autofill may fill in passwords after failing authentication", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122376", "https://support.apple.com/en-us/122378" ], "module": "Authentication Services", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sonoma", "macOS Ventura" ], "credit": "Michael (Biscuit) Thomas - @biscuit@social.lol", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2025-30432", "impact": "A malicious app may be able to attempt passcode entries on a locked device and thereby cause escalating time delays after 4 failures", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122372", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375", "https://support.apple.com/en-us/122376", "https://support.apple.com/en-us/122377", "https://support.apple.com/en-us/122378" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Andrew James Gonzalez", "description": "This issue was addressed with improved access restrictions.", "id": "CVE-2025-30433", "impact": "A shortcut may be able to access files that are normally inaccessible to the Shortcuts app", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122372", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375", "https://support.apple.com/en-us/122376", "https://support.apple.com/en-us/122378" ], "module": "Shortcuts", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Muhammad Zaid Ghifari (Mr.ZheeV) and Kalimantan Utara", "description": "The issue was addressed with improved input sanitization.", "id": "CVE-2025-30434", "impact": "Processing a maliciously crafted file may lead to a cross site scripting attack", "links": [ "https://support.apple.com/en-us/122371" ], "module": "Journal", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "K\u5b9d (@Pwnrin) and luckyu (@uuulucky)", "description": "This issue was addressed with improved redaction of sensitive information.", "id": "CVE-2025-30435", "impact": "A sandboxed app may be able to access sensitive user data in system logs", "links": [ "https://support.apple.com/en-us/122373" ], "module": "Siri", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Abhay Kailasia (@abhay_kailasia) from C-DAC Thiruvananthapuram India, Chi Yuan Chang of ZUSO ART and taikosoup", "description": "This issue was addressed by restricting options offered on a locked device.", "id": "CVE-2025-30436", "impact": "An attacker may be able to use Siri to enable Auto-Answer Calls", "links": [ "https://support.apple.com/en-us/122371" ], "module": "Siri", "rsr": "", "update": "May 12, 2025" }, { "available": [ "macOS Sequoia" ], "credit": "Ye Zhang (@VAR10CK) of Baidu Security", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2025-30437", "impact": "An app may be able to corrupt coprocessor memory", "links": [ "https://support.apple.com/en-us/122373" ], "module": "IOMobileFrameBuffer", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Halle Winkler, Politepix theoffcuts.org", "description": "This issue was addressed with improved access restrictions.", "id": "CVE-2025-30438", "impact": "A malicious app may be able to dismiss the system notification on the Lock Screen that a recording was started", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375", "https://support.apple.com/en-us/122376", "https://support.apple.com/en-us/122377", "https://support.apple.com/en-us/122378" ], "module": "Share Sheet", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia" ], "credit": "Andr.Ess", "description": "The issue was addressed with improved checks.", "id": "CVE-2025-30439", "impact": "An attacker with physical access to a locked device may be able to view sensitive user information", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122376", "https://support.apple.com/en-us/122378" ], "module": "Focus", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Pawe\u0142 P\u0142atek (Trail of Bits)", "description": "The issue was addressed with improved checks.", "id": "CVE-2025-30440", "impact": "An app may be able to bypass ASLR", "links": [ "https://support.apple.com/en-us/122716", "https://support.apple.com/en-us/122717", "https://support.apple.com/en-us/122718" ], "module": "Libinfo", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia 15.2 and later" ], "credit": "Claudio Bozzato and Francesco Benvenuto of Cisco Talos", "description": "This issue was addressed through improved state management.", "id": "CVE-2025-30441", "impact": "An app may be able to overwrite arbitrary files", "links": [ "https://support.apple.com/en-us/122380" ], "module": "Instruments", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "The issue was addressed with improved input sanitization.", "id": "CVE-2025-30442", "impact": "An app may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122717", "https://support.apple.com/en-us/122718" ], "module": "SoftwareUpdate", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Bohdan Stasiuk (@bohdan_stasiuk)", "description": "A privacy issue was addressed by removing the vulnerable code.", "id": "CVE-2025-30443", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375", "https://support.apple.com/en-us/122716" ], "module": "Found in Apps", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Dave G. of Supernetworks", "description": "A race condition was addressed with improved locking.", "id": "CVE-2025-30444", "impact": "Mounting a maliciously crafted SMB network share may lead to system termination", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "SMB", "rsr": "", "update": "May 28, 2025" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Uri Katz (Oligo Security)", "description": "A type confusion issue was addressed with improved checks.", "id": "CVE-2025-30445", "impact": "An attacker on the local network may cause an unexpected app termination", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122372", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375", "https://support.apple.com/en-us/122377", "https://support.apple.com/en-us/122378" ], "module": "AirPlay", "rsr": "", "update": "April 28, 2025" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Pedro T\u00f4rres (@t0rr3sp3dr0)", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-30446", "impact": "A malicious app with root privileges may be able to modify the contents of system files", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "PackageKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "LFY@secsys from Fudan University", "description": "The issue was resolved by sanitizing logging", "id": "CVE-2025-30447", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122372", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375", "https://support.apple.com/en-us/122376", "https://support.apple.com/en-us/122377", "https://support.apple.com/en-us/122378" ], "module": "Foundation", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Dayton Pidhirney of Atredis Partners, Lyutoon and YenKoc", "description": "This issue was addressed with additional entitlement checks.", "id": "CVE-2025-30448", "impact": "An attacker may be able to turn on sharing of an iCloud folder without authentication", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122404", "https://support.apple.com/en-us/122405", "https://support.apple.com/en-us/122717", "https://support.apple.com/en-us/122718", "https://support.apple.com/en-us/122721" ], "module": "iCloud Document Sharing", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Arsenii Kostromin (0x3c3e), and an anonymous researcher", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-30449", "impact": "An app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "StorageKit", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Pwn2car", "description": "This issue was addressed with improved validation of symlinks.", "id": "CVE-2025-30450", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "manpages", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "Kirin (@Pwnrin) and luckyu (@uuulucky)", "description": "This issue was addressed with improved redaction of sensitive information.", "id": "CVE-2025-30451", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/122373" ], "module": "FaceTime", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "The issue was addressed with improved checks.", "id": "CVE-2025-30452", "impact": "An input validation issue was addressed", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "Sandbox", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Csaba Fitzl (@theevilbit) of Kandji, an anonymous researcher", "description": "The issue was addressed with additional permissions checks.", "id": "CVE-2025-30453", "impact": "A malicious app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122717", "https://support.apple.com/en-us/122718" ], "module": "DiskArbitration", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma" ], "credit": "pattern-f (@pattern_F_)", "description": "A path handling issue was addressed with improved validation.", "id": "CVE-2025-30454", "impact": "A malicious app may be able to access private information", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122376", "https://support.apple.com/en-us/122377" ], "module": "CoreMedia Playback", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma" ], "credit": "Mickey Jin (@patch1t), and an anonymous researcher", "description": "The issue was addressed with improved checks.", "id": "CVE-2025-30455", "impact": "A malicious app may be able to access private information", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374" ], "module": "Dock", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Gergely Kalman (@gergely_kalman)", "description": "A parsing issue in the handling of directory paths was addressed with improved path validation.", "id": "CVE-2025-30456", "impact": "An app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "DiskArbitration", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed with improved validation of symlinks.", "id": "CVE-2025-30457", "impact": "A malicious app may be able to create symlinks to protected regions of the disk", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "SystemMigration", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "Mickey Jin (@patch1t)", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-30458", "impact": "An app may be able to read files outside of its sandbox", "links": [ "https://support.apple.com/en-us/122373" ], "module": "SceneKit", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "A permissions issue was addressed by removing vulnerable code and adding additional checks.", "id": "CVE-2025-30460", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "Automator", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "an anonymous researcher", "description": "An access issue was addressed with additional sandbox restrictions on the system pasteboards.", "id": "CVE-2025-30461", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/122373" ], "module": "Foundation", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Pietro Francesco Tirenna, Davide Silvetti, Abdel Adim Oisfi of Shielder (shielder.com)", "description": "A library injection issue was addressed with additional restrictions.", "id": "CVE-2025-30462", "impact": "Apps that appear to use App Sandbox may be able to launch without restrictions", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "dyld", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia" ], "credit": "mzzzz__", "description": "The issue was addressed with improved restriction of data container access.", "id": "CVE-2025-30463", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122373" ], "module": "Handoff", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "ABC Research s.r.o.", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2025-30464", "impact": "An app may be able to cause unexpected system termination or corrupt kernel memory", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "GPU Drivers", "rsr": "", "update": "" }, { "available": [ "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "A permissions issue was addressed with improved validation.", "id": "CVE-2025-30465", "impact": "A shortcut may be able to access files that are normally inaccessible to the Shortcuts app", "links": [ "https://support.apple.com/en-us/122372", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375", "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635", "https://support.apple.com/en-us/125636" ], "module": "Shortcuts", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "credit": "Jaydev Ahire, @RenwaX23", "description": "This issue was addressed through improved state management.", "id": "CVE-2025-30466", "impact": "A website may be able to bypass Same Origin Policy", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122378", "https://support.apple.com/en-us/122379" ], "module": "Safari", "rsr": "", "update": "May 28, 2025" }, { "available": [ "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "credit": "@RenwaX23", "description": "The issue was addressed with improved checks.", "id": "CVE-2025-30467", "impact": "Visiting a malicious website may lead to address bar spoofing", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122376", "https://support.apple.com/en-us/122379" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later" ], "credit": "Richard Hyunho Im (@richeeta)", "description": "This issue was addressed through improved state management.", "id": "CVE-2025-30468", "impact": "Private Browsing tabs may be accessed without authentication", "links": [ "https://support.apple.com/en-us/125108" ], "module": "Siri", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Dalibor Milanovic", "description": "This issue was addressed through improved state management.", "id": "CVE-2025-30469", "impact": "A person with physical access to an iOS device may be able to access photos from the lock screen", "links": [ "https://support.apple.com/en-us/122371" ], "module": "Photos", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "LFY@secsys from Fudan University", "description": "A path handling issue was addressed with improved logic.", "id": "CVE-2025-30470", "impact": "An app may be able to read sensitive location information", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375", "https://support.apple.com/en-us/122376", "https://support.apple.com/en-us/122378" ], "module": "Maps", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Bing Shi, Wenchao Li, Xiaolong Bai of Alibaba Group, Luyi Xing of Indiana University Bloomington", "description": "A validation issue was addressed with improved logic.", "id": "CVE-2025-30471", "impact": "A remote user may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122372", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375", "https://support.apple.com/en-us/122376", "https://support.apple.com/en-us/122377", "https://support.apple.com/en-us/122378" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Alex Radocea and Dave G. of Supernetworks, \u98ce\u6c90\u4e91\u70df(@binary_fmyy) and Minghao Lin(@Y1nKoc)", "description": "This issue was addressed with improved handling of symlinks.", "id": "CVE-2025-31182", "impact": "An app may be able to delete files for which it does not have permission", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375", "https://support.apple.com/en-us/122376", "https://support.apple.com/en-us/122377", "https://support.apple.com/en-us/122378" ], "module": "libxpc", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma" ], "credit": "Kirin (@Pwnrin), Bohdan Stasiuk (@bohdan_stasiuk)", "description": "The issue was addressed with improved restriction of data container access.", "id": "CVE-2025-31183", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122376", "https://support.apple.com/en-us/122377" ], "module": "Siri", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "credit": "Alexander Heinrich (@Sn0wfreeze), SEEMOO, TU Darmstadt & Mathy Vanhoef (@vanhoefm) and Jeroen Robben (@RobbenJeroen), DistriNet, KU Leuven", "description": "This issue was addressed with improved permissions checking.", "id": "CVE-2025-31184", "impact": "An app may gain unauthorized access to Local Network", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122378", "https://support.apple.com/en-us/122379" ], "module": "Web Extensions", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Jason Gendron (@gendron_jason), \uc774\uc900\uc131 (Junsung Lee)", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2025-31185", "impact": "Photos in the Hidden Photos Album may be viewed without authentication", "links": [ "https://support.apple.com/en-us/122066" ], "module": "Safari", "rsr": "", "update": "May 16, 2025" }, { "available": [ "macOS Sequoia 15.2 and later" ], "credit": "Wojciech Regula of SecuRing (wojciechregula.blog)", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-31186", "impact": "An app may be able to bypass Privacy preferences", "links": [ "https://support.apple.com/en-us/122380" ], "module": "Playgrounds", "rsr": "", "update": "January 16, 2026" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Rodolphe BRUNETTI (@eisw0lf) of Lupus Nova", "description": "This issue was addressed by removing the vulnerable code.", "id": "CVE-2025-31187", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "Dock", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "A race condition was addressed with additional validation.", "id": "CVE-2025-31188", "impact": "An app may be able to bypass Privacy preferences", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "StorageKit", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "A file quarantine bypass was addressed with additional checks.", "id": "CVE-2025-31189", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "Disk Images", "rsr": "", "update": "May 28, 2025" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Jonathan Bar Or (@yo_yo_yo_jbo) of Microsoft, and an anonymous researcher", "description": "This issue was addressed through improved state management.", "id": "CVE-2025-31191", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375", "https://support.apple.com/en-us/122376", "https://support.apple.com/en-us/122377" ], "module": "CoreServices", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "credit": "Jaydev Ahire", "description": "The issue was addressed with improved checks.", "id": "CVE-2025-31192", "impact": "A website may be able to access sensor information without user consent", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122379" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Dolf Hoegaerts, Michiel Devliegere", "description": "An authentication issue was addressed with improved state management.", "id": "CVE-2025-31194", "impact": "A Shortcut may run with admin privileges without authentication", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "Shortcuts", "rsr": "", "update": "May 28, 2025" }, { "available": [ "macOS Sequoia" ], "credit": "Pedro Jos\u00e9 Pereira Vieito (@pvieito / pvieito.com) and an anonymous researcher", "description": "The issue was addressed by adding additional logic.", "id": "CVE-2025-31195", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/122373" ], "module": "TCC", "rsr": "", "update": "May 12, 2025" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "wac working with Trend Micro Zero Day Initiative", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2025-31196", "impact": "Processing a maliciously crafted file may lead to a denial-of-service or potentially disclose memory contents", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122376", "https://support.apple.com/en-us/122377", "https://support.apple.com/en-us/122378", "https://support.apple.com/en-us/122405", "https://support.apple.com/en-us/122717", "https://support.apple.com/en-us/122718" ], "module": "CoreGraphics", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Uri Katz (Oligo Security)", "description": "The issue was addressed with improved checks.", "id": "CVE-2025-31197", "impact": "An attacker on the local network may cause an unexpected app termination", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122372", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375", "https://support.apple.com/en-us/122377", "https://support.apple.com/en-us/122378" ], "module": "AirPlay", "rsr": "", "update": "April 28, 2025" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Jonathan Bar Or (@yo_yo_yo_jbo) of Microsoft", "description": "This issue was addressed with improved validation of symlinks.", "id": "CVE-2025-31198", "impact": "A path handling issue was addressed with improved validation", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "zip", "rsr": "", "update": "May 28, 2025" }, { "available": [ "Apple Vision Pro", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma" ], "credit": "Jonathan Bar Or (@yo_yo_yo_jbo) of Microsoft, Alexia Wilson of Microsoft, Christine Fossaceca of Microsoft", "description": "A logging issue was addressed with improved data redaction.", "id": "CVE-2025-31199", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122378", "https://support.apple.com/en-us/125636" ], "module": "Spotlight", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia" ], "credit": "Apple and Google Threat Analysis Group", "description": "A memory corruption issue was addressed with improved bounds checking.", "id": "CVE-2025-31200", "impact": "Processing an audio stream in a maliciously crafted media file may result in code execution. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS released before iOS 18.4.1.", "links": [ "https://support.apple.com/en-us/122282", "https://support.apple.com/en-us/122400", "https://support.apple.com/en-us/122401", "https://support.apple.com/en-us/122402", "https://support.apple.com/en-us/122722" ], "module": "CoreAudio", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia" ], "credit": "Apple", "description": "This issue was addressed by removing the vulnerable code.", "id": "CVE-2025-31201", "impact": "An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on iOS.", "links": [ "https://support.apple.com/en-us/122282", "https://support.apple.com/en-us/122400", "https://support.apple.com/en-us/122401", "https://support.apple.com/en-us/122402" ], "module": "RPAC", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia" ], "credit": "Uri Katz (Oligo Security)", "description": "A null pointer dereference was addressed with improved input validation.", "id": "CVE-2025-31202", "impact": "An attacker on the local network may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122377", "https://support.apple.com/en-us/122378" ], "module": "AirPlay", "rsr": "", "update": "April 28, 2025" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma" ], "credit": "Uri Katz (Oligo Security)", "description": "An integer overflow was addressed with improved input validation.", "id": "CVE-2025-31203", "impact": "An attacker on the local network may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122372", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122376", "https://support.apple.com/en-us/122377", "https://support.apple.com/en-us/122378" ], "module": "CoreUtils", "rsr": "", "update": "April 28, 2025" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "bugzilla": "291506", "credit": "Nan Wang(@eternalsakura13)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2025-31204", "impact": "Processing maliciously crafted web content may lead to memory corruption", "links": [ "https://support.apple.com/en-us/122404", "https://support.apple.com/en-us/122716", "https://support.apple.com/en-us/122719", "https://support.apple.com/en-us/122720", "https://support.apple.com/en-us/122721", "https://support.apple.com/en-us/122722" ], "module": "WebKit", "rsr": "", "update": "November 21, 2025" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "bugzilla": "290992", "credit": "Ivan Fratric of Google Project Zero", "description": "The issue was addressed with improved checks.", "id": "CVE-2025-31205", "impact": "A malicious website may exfiltrate data cross-origin", "links": [ "https://support.apple.com/en-us/122404", "https://support.apple.com/en-us/122716", "https://support.apple.com/en-us/122719", "https://support.apple.com/en-us/122720", "https://support.apple.com/en-us/122721", "https://support.apple.com/en-us/122722" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "bugzilla": "290834", "credit": "Yuhao Hu, Yan Kang, Chenggang Wu, Xiaojie Wei", "description": "A type confusion issue was addressed with improved state handling.", "id": "CVE-2025-31206", "impact": "Processing maliciously crafted web content may lead to an unexpected Safari crash", "links": [ "https://support.apple.com/en-us/122404", "https://support.apple.com/en-us/122405", "https://support.apple.com/en-us/122716", "https://support.apple.com/en-us/122719", "https://support.apple.com/en-us/122720", "https://support.apple.com/en-us/122721", "https://support.apple.com/en-us/122722" ], "module": "WebKit", "rsr": "", "update": "November 21, 2025" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "YingQi Shi (@Mas0nShi) of DBAppSecurity's WeBin lab, Duy Tr\u1ea7n (@khanhduytran0)", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2025-31207", "impact": "An app may be able to enumerate a user's installed apps", "links": [ "https://support.apple.com/en-us/122404" ], "module": "FrontBoard", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative", "description": "The issue was addressed with improved checks.", "id": "CVE-2025-31208", "impact": "Parsing a file may lead to an unexpected app termination", "links": [ "https://support.apple.com/en-us/122404", "https://support.apple.com/en-us/122405", "https://support.apple.com/en-us/122716", "https://support.apple.com/en-us/122717", "https://support.apple.com/en-us/122718", "https://support.apple.com/en-us/122720", "https://support.apple.com/en-us/122721", "https://support.apple.com/en-us/122722" ], "module": "CoreAudio", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2025-31209", "impact": "Parsing a file may lead to disclosure of user information", "links": [ "https://support.apple.com/en-us/122404", "https://support.apple.com/en-us/122405", "https://support.apple.com/en-us/122716", "https://support.apple.com/en-us/122717", "https://support.apple.com/en-us/122718", "https://support.apple.com/en-us/122720", "https://support.apple.com/en-us/122721", "https://support.apple.com/en-us/122722" ], "module": "CoreGraphics", "rsr": "", "update": "" }, { "available": [ "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Andrew James Gonzalez", "description": "The issue was addressed with improved UI.", "id": "CVE-2025-31210", "impact": "Processing web content may lead to a denial-of-service", "links": [ "https://support.apple.com/en-us/122404", "https://support.apple.com/en-us/122405" ], "module": "FaceTime", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia" ], "credit": "Guilherme Rambo of Best Buddy Apps (rambo.codes)", "description": "This issue was addressed through improved state management.", "id": "CVE-2025-31212", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/122404", "https://support.apple.com/en-us/122716", "https://support.apple.com/en-us/122720", "https://support.apple.com/en-us/122721", "https://support.apple.com/en-us/122722" ], "module": "Core Bluetooth", "rsr": "", "update": "" }, { "available": [ "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Kirin (@Pwnrin) and 7feilee", "description": "A logging issue was addressed with improved data redaction.", "id": "CVE-2025-31213", "impact": "An app may be able to access associated usernames and websites in a user's iCloud Keychain", "links": [ "https://support.apple.com/en-us/122405", "https://support.apple.com/en-us/122716", "https://support.apple.com/en-us/122717", "https://support.apple.com/en-us/122718" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "iPhone 16e" ], "credit": "\u79e6\u82e5\u6db5, \u5d14\u5fd7\u4f1f, and \u5d14\u5b9d\u6c5f", "description": "This issue was addressed through improved state management.", "id": "CVE-2025-31214", "impact": "An attacker in a privileged network position may be able to intercept network traffic", "links": [ "https://support.apple.com/en-us/122404" ], "module": "Baseband", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "bugzilla": "288814", "credit": "Jiming Wang and Jikai Ren", "description": "The issue was addressed with improved checks.", "id": "CVE-2025-31215", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/122404", "https://support.apple.com/en-us/122405", "https://support.apple.com/en-us/122716", "https://support.apple.com/en-us/122719", "https://support.apple.com/en-us/122720", "https://support.apple.com/en-us/122721", "https://support.apple.com/en-us/122722" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Thibaud Kehler", "description": "The issue was addressed with improved checks.", "id": "CVE-2025-31216", "impact": "An attacker with physical access to a device may be able to override managed Wi-Fi profiles", "links": [ "https://support.apple.com/en-us/122404", "https://support.apple.com/en-us/122405" ], "module": "Wi-Fi", "rsr": "", "update": "November 21, 2025" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "bugzilla": "289677", "credit": "Ignacio Sanmillan (@ulexec)", "description": "The issue was addressed with improved input validation.", "id": "CVE-2025-31217", "impact": "Processing maliciously crafted web content may lead to an unexpected Safari crash", "links": [ "https://support.apple.com/en-us/122404", "https://support.apple.com/en-us/122405", "https://support.apple.com/en-us/122716", "https://support.apple.com/en-us/122719", "https://support.apple.com/en-us/122720", "https://support.apple.com/en-us/122721", "https://support.apple.com/en-us/122722" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "Adam M.", "description": "This issue was addressed by removing the vulnerable code.", "id": "CVE-2025-31218", "impact": "An app may be able to observe the hostnames of new network connections", "links": [ "https://support.apple.com/en-us/122716" ], "module": "NetworkExtension", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Michael DePlante (@izobashi) and Lucas Leong (@_wmliang_) of Trend Micro Zero Day Initiative", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2025-31219", "impact": "An attacker may be able to cause unexpected system termination or corrupt kernel memory", "links": [ "https://support.apple.com/en-us/122404", "https://support.apple.com/en-us/122405", "https://support.apple.com/en-us/122716", "https://support.apple.com/en-us/122717", "https://support.apple.com/en-us/122718", "https://support.apple.com/en-us/122720", "https://support.apple.com/en-us/122721", "https://support.apple.com/en-us/122722" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Adam M.", "description": "A privacy issue was addressed by removing sensitive data.", "id": "CVE-2025-31220", "impact": "A malicious app may be able to read sensitive location information", "links": [ "https://support.apple.com/en-us/122405", "https://support.apple.com/en-us/122716", "https://support.apple.com/en-us/122717", "https://support.apple.com/en-us/122718" ], "module": "Weather", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Dave G.", "description": "An integer overflow was addressed with improved input validation.", "id": "CVE-2025-31221", "impact": "A remote attacker may be able to leak memory", "links": [ "https://support.apple.com/en-us/122404", "https://support.apple.com/en-us/122405", "https://support.apple.com/en-us/122716", "https://support.apple.com/en-us/122717", "https://support.apple.com/en-us/122718", "https://support.apple.com/en-us/122720", "https://support.apple.com/en-us/122721", "https://support.apple.com/en-us/122722" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Pawe\u0142 P\u0142atek (Trail of Bits)", "description": "A correctness issue was addressed with improved checks.", "id": "CVE-2025-31222", "impact": "A user may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/122404", "https://support.apple.com/en-us/122716", "https://support.apple.com/en-us/122717", "https://support.apple.com/en-us/122718", "https://support.apple.com/en-us/122720", "https://support.apple.com/en-us/122721", "https://support.apple.com/en-us/122722" ], "module": "mDNSResponder", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "bugzilla": "289387", "credit": "Andreas Jaegersberger & Ro Achterberg of Nosebeard Labs", "description": "The issue was addressed with improved checks.", "id": "CVE-2025-31223", "impact": "Processing maliciously crafted web content may lead to memory corruption", "links": [ "https://support.apple.com/en-us/122404", "https://support.apple.com/en-us/122716", "https://support.apple.com/en-us/122719", "https://support.apple.com/en-us/122720", "https://support.apple.com/en-us/122721", "https://support.apple.com/en-us/122722" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Csaba Fitzl (@theevilbit) of Kandji", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2025-31224", "impact": "An app may be able to bypass certain Privacy preferences", "links": [ "https://support.apple.com/en-us/122716", "https://support.apple.com/en-us/122717", "https://support.apple.com/en-us/122718" ], "module": "Sandbox", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later" ], "credit": "Deval Jariwala", "description": "A privacy issue was addressed by removing sensitive data.", "id": "CVE-2025-31225", "impact": "Call history from deleted apps may still appear in spotlight search results", "links": [ "https://support.apple.com/en-us/122404" ], "module": "Call History", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia" ], "credit": "Saagar Jha", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2025-31226", "impact": "Processing a maliciously crafted image may lead to a denial-of-service", "links": [ "https://support.apple.com/en-us/122404", "https://support.apple.com/en-us/122405", "https://support.apple.com/en-us/122716", "https://support.apple.com/en-us/122720", "https://support.apple.com/en-us/122721", "https://support.apple.com/en-us/122722" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later" ], "credit": "Shehab Khan", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2025-31227", "impact": "An attacker with physical access to a device may be able to access a deleted call recording", "links": [ "https://support.apple.com/en-us/122404" ], "module": "Notes", "rsr": "", "update": "" }, { "available": [ "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Andr.Ess", "description": "The issue was addressed with improved authentication.", "id": "CVE-2025-31228", "impact": "An attacker with physical access to a device may be able to access notes from the lock screen", "links": [ "https://support.apple.com/en-us/122404", "https://support.apple.com/en-us/122405" ], "module": "Notes", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Wong Wee Xiang", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2025-31229", "impact": "Passcode may be read aloud by VoiceOver", "links": [ "https://support.apple.com/en-us/124147" ], "module": "Accessibility", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "Wojciech Regula of SecuRing (wojciechregula.blog)", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-31231", "impact": "An app may be able to read sensitive location information", "links": [ "https://support.apple.com/en-us/122373" ], "module": "libnetcore", "rsr": "", "update": "May 28, 2025" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2025-31232", "impact": "A sandboxed app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/122716", "https://support.apple.com/en-us/122717", "https://support.apple.com/en-us/122718" ], "module": "Installer", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative", "description": "The issue was addressed with improved input sanitization.", "id": "CVE-2025-31233", "impact": "Processing a maliciously crafted video file may lead to unexpected app termination or corrupt process memory", "links": [ "https://support.apple.com/en-us/122404", "https://support.apple.com/en-us/122405", "https://support.apple.com/en-us/122716", "https://support.apple.com/en-us/122717", "https://support.apple.com/en-us/122718", "https://support.apple.com/en-us/122720", "https://support.apple.com/en-us/122721", "https://support.apple.com/en-us/122722" ], "module": "CoreMedia", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia" ], "credit": "CertiK (@CertiK)", "description": "The issue was addressed with improved input sanitization.", "id": "CVE-2025-31234", "impact": "An attacker may be able to cause unexpected system termination or corrupt kernel memory", "links": [ "https://support.apple.com/en-us/122404", "https://support.apple.com/en-us/122716", "https://support.apple.com/en-us/122720", "https://support.apple.com/en-us/122721" ], "module": "Pro Res", "rsr": "", "update": "" }, { "available": [ "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Dillon Franke working with Google Project Zero", "description": "A double free issue was addressed with improved memory management.", "id": "CVE-2025-31235", "impact": "An app may be able to cause unexpected system termination", "links": [ "https://support.apple.com/en-us/122405", "https://support.apple.com/en-us/122716", "https://support.apple.com/en-us/122717", "https://support.apple.com/en-us/122718" ], "module": "Audio", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "Kirin@Pwnrin and LFY@secsys from Fudan University", "description": "An information disclosure issue was addressed with improved privacy controls.", "id": "CVE-2025-31236", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/122716" ], "module": "Finder", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Dave G.", "description": "This issue was addressed with improved checks.", "id": "CVE-2025-31237", "impact": "Mounting a maliciously crafted AFP network share may lead to system termination", "links": [ "https://support.apple.com/en-us/122716", "https://support.apple.com/en-us/122717", "https://support.apple.com/en-us/122718" ], "module": "afpfs", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "bugzilla": "289653", "credit": "wac working with Trend Micro Zero Day Initiative", "description": "The issue was addressed with improved checks.", "id": "CVE-2025-31238", "impact": "Processing maliciously crafted web content may lead to memory corruption", "links": [ "https://support.apple.com/en-us/122404", "https://support.apple.com/en-us/122716", "https://support.apple.com/en-us/122719", "https://support.apple.com/en-us/122720", "https://support.apple.com/en-us/122721", "https://support.apple.com/en-us/122722" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative", "description": "A use-after-free issue was addressed with improved memory management.", "id": "CVE-2025-31239", "impact": "Parsing a file may lead to an unexpected app termination", "links": [ "https://support.apple.com/en-us/122404", "https://support.apple.com/en-us/122405", "https://support.apple.com/en-us/122716", "https://support.apple.com/en-us/122717", "https://support.apple.com/en-us/122718", "https://support.apple.com/en-us/122720", "https://support.apple.com/en-us/122721", "https://support.apple.com/en-us/122722" ], "module": "CoreMedia", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Dave G.", "description": "This issue was addressed with improved checks.", "id": "CVE-2025-31240", "impact": "Mounting a maliciously crafted AFP network share may lead to system termination", "links": [ "https://support.apple.com/en-us/122716", "https://support.apple.com/en-us/122717", "https://support.apple.com/en-us/122718" ], "module": "afpfs", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Christian Kohlsch\u00fctter", "description": "A double free issue was addressed with improved memory management.", "id": "CVE-2025-31241", "impact": "A remote attacker may cause an unexpected app termination", "links": [ "https://support.apple.com/en-us/122404", "https://support.apple.com/en-us/122405", "https://support.apple.com/en-us/122716", "https://support.apple.com/en-us/122717", "https://support.apple.com/en-us/122718", "https://support.apple.com/en-us/122720", "https://support.apple.com/en-us/122721", "https://support.apple.com/en-us/122722" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Eric Dorphy of Twin Cities App Dev LLC", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2025-31242", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/122069", "https://support.apple.com/en-us/122070", "https://support.apple.com/en-us/122404", "https://support.apple.com/en-us/122405", "https://support.apple.com/en-us/122716", "https://support.apple.com/en-us/122717", "https://support.apple.com/en-us/122718", "https://support.apple.com/en-us/122720", "https://support.apple.com/en-us/122721", "https://support.apple.com/en-us/122722" ], "module": "StoreKit", "rsr": "", "update": "November 21, 2025" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-31243", "impact": "An app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124150", "https://support.apple.com/en-us/124151" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "Csaba Fitzl (@theevilbit) of Kandji", "description": "A file quarantine bypass was addressed with additional checks.", "id": "CVE-2025-31244", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/122716" ], "module": "quarantine", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "wac", "description": "The issue was addressed with improved checks.", "id": "CVE-2025-31245", "impact": "An app may be able to cause unexpected system termination", "links": [ "https://support.apple.com/en-us/122404", "https://support.apple.com/en-us/122405", "https://support.apple.com/en-us/122716", "https://support.apple.com/en-us/122717", "https://support.apple.com/en-us/122718", "https://support.apple.com/en-us/122720", "https://support.apple.com/en-us/122721" ], "module": "Pro Res", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma" ], "credit": "Joseph Ravichandran (@0xjprx) of MIT CSAIL", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2025-31246", "impact": "Connecting to a malicious AFP server may corrupt kernel memory", "links": [ "https://support.apple.com/en-us/122716", "https://support.apple.com/en-us/122717" ], "module": "afpfs", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2025-31247", "impact": "An attacker may gain access to protected parts of the file system", "links": [ "https://support.apple.com/en-us/122716", "https://support.apple.com/en-us/122717", "https://support.apple.com/en-us/122718" ], "module": "SharedFileList", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "A parsing issue in the handling of directory paths was addressed with improved path validation.", "id": "CVE-2025-31248", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/122069", "https://support.apple.com/en-us/122070", "https://support.apple.com/en-us/122716" ], "module": "UserAccountUpdater", "rsr": "", "update": "November 21, 2025" }, { "available": [ "macOS Sequoia" ], "credit": "Ryan Dowd (@_rdowd)", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2025-31249", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/122716" ], "module": "Sandbox", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "Noah Gregory (wts.dev)", "description": "An information disclosure issue was addressed with improved privacy controls.", "id": "CVE-2025-31250", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/122716" ], "module": "TCC", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative", "description": "The issue was addressed with improved input sanitization.", "id": "CVE-2025-31251", "impact": "Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory", "links": [ "https://support.apple.com/en-us/122404", "https://support.apple.com/en-us/122405", "https://support.apple.com/en-us/122716", "https://support.apple.com/en-us/122717", "https://support.apple.com/en-us/122718", "https://support.apple.com/en-us/122720", "https://support.apple.com/en-us/122721", "https://support.apple.com/en-us/122722" ], "module": "AppleJPEG", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Dalibor Milanovic", "description": "This issue was addressed through improved state management.", "id": "CVE-2025-31253", "impact": "Muting the microphone during a FaceTime call may not result in audio being silenced", "links": [ "https://support.apple.com/en-us/122404" ], "module": "FaceTime", "rsr": "", "update": "" }, { "available": [ "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Sonoma and macOS Sequoia" ], "credit": "Evan Waelde", "description": "This issue was addressed with improved URL validation.", "id": "CVE-2025-31254", "impact": "Processing maliciously crafted web content may lead to unexpected URL redirection", "links": [ "https://support.apple.com/en-us/125108", "https://support.apple.com/en-us/125113" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 6 and later", "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma" ], "credit": "Csaba Fitzl (@theevilbit) of Kandji", "description": "An authorization issue was addressed with improved state management.", "id": "CVE-2025-31255", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/125108", "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125111", "https://support.apple.com/en-us/125112", "https://support.apple.com/en-us/125114", "https://support.apple.com/en-us/125116" ], "module": "IOKit", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "Sourabhkumar Mishra", "description": "The issue was addressed with improved handling of caches.", "id": "CVE-2025-31256", "impact": "Hot corner may unexpectedly reveal a user\u2019s deleted notes", "links": [ "https://support.apple.com/en-us/122716" ], "module": "Notes", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "bugzilla": "290985", "credit": "Juergen Schmied of Lynck GmbH", "description": "This issue was addressed with improved memory handling.", "id": "CVE-2025-31257", "impact": "Processing maliciously crafted web content may lead to an unexpected Safari crash", "links": [ "https://support.apple.com/en-us/122404", "https://support.apple.com/en-us/122716", "https://support.apple.com/en-us/122719", "https://support.apple.com/en-us/122720", "https://support.apple.com/en-us/122721", "https://support.apple.com/en-us/122722" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "an anonymous researcher", "description": "This issue was addressed by removing the vulnerable code.", "id": "CVE-2025-31258", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/122716" ], "module": "RemoteViewServices", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "macOS Sequoia", "macOS Sonoma" ], "credit": "an anonymous researcher", "description": "A privacy issue was addressed with improved checks.", "id": "CVE-2025-31259", "impact": "An app may be able to capture a screenshot of an app entering or exiting full screen mode", "links": [ "https://support.apple.com/en-us/122716", "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125111", "https://support.apple.com/en-us/125112" ], "module": "Screenshots", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "Thomas V\u00f6lkl (@vollkorntomate), SEEMOO, TU Darmstadt", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-31260", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/122716" ], "module": "Apple Intelligence Reports", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "A permissions issue was addressed with additional sandbox restrictions.", "id": "CVE-2025-31261", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "StorageKit", "rsr": "", "update": "May 28, 2025" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia" ], "credit": "Mickey Jin (@patch1t)", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-31262", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/122066", "https://support.apple.com/en-us/122068", "https://support.apple.com/en-us/122071", "https://support.apple.com/en-us/122072", "https://support.apple.com/en-us/122073" ], "module": "PackageKit", "rsr": "", "update": "May 16, 2025" }, { "available": [ "macOS Sequoia" ], "credit": "Ye Zhang (@VAR10CK) of Baidu Security", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2025-31263", "impact": "An app may be able to corrupt coprocessor memory", "links": [ "https://support.apple.com/en-us/122373" ], "module": "IOMobileFrameBuffer", "rsr": "", "update": "May 28, 2025" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Diamant Osmani & Valdrin Haliti [Kosov\u00eb], dbpeppe, Solitechworld", "description": "An authentication issue was addressed with improved state management.", "id": "CVE-2025-31264", "impact": "An attacker with physical access to a locked device may be able to view sensitive user information", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375" ], "module": "macOS Recovery", "rsr": "", "update": "May 28, 2025" }, { "available": [ "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "credit": "@RenwaX23", "description": "A spoofing issue was addressed with improved truncation when displaying the fully qualified domain name", "id": "CVE-2025-31266", "impact": "A website may be able to spoof the domain name in the title of a pop-up window", "links": [ "https://support.apple.com/en-us/122716", "https://support.apple.com/en-us/122719" ], "module": "Safari", "rsr": "", "update": "November 21, 2025" }, { "available": [ "iOS 17.0 and iPadOS 17.0 and later" ], "credit": "Adam Sot\u00e1k, Tim Kl\u00f6\u00df", "description": "An authentication issue was addressed with improved state management.", "id": "CVE-2025-31267", "impact": "An attacker with physical access to an unlocked device may be able to view sensitive user information", "links": [ "https://support.apple.com/en-us/123356" ], "module": "App Store Connect", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "macOS Sequoia", "macOS Sonoma" ], "credit": "Csaba Fitzl (@theevilbit) and Nolan Astrein of Kandji", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-31268", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125111", "https://support.apple.com/en-us/125112" ], "module": "Apple Online Store Kit", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "macOS Sonoma" ], "credit": "Zhongcheng Li from IES Red Team of ByteDance", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-31269", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125112" ], "module": "Printing", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)" ], "credit": "an anonymous researcher", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-31270", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/125110" ], "module": "Foundation", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)" ], "credit": "Shantanu Thakur", "description": "This issue was addressed through improved state management.", "id": "CVE-2025-31271", "impact": "Incoming FaceTime calls can appear or be accepted on a locked macOS device, even with notifications disabled on the lock screen", "links": [ "https://support.apple.com/en-us/125110" ], "module": "FaceTime", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "bugzilla": "293579", "credit": "Yuhao Hu, Yan Kang, Chenggang Wu, and Xiaojie Wei", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2025-31273", "impact": "Processing maliciously crafted web content may lead to memory corruption", "links": [ "https://support.apple.com/en-us/124147", "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124152", "https://support.apple.com/en-us/124153", "https://support.apple.com/en-us/124154", "https://support.apple.com/en-us/124155" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "Dora Orak", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-31275", "impact": "A sandboxed process may be able to launch any installed app", "links": [ "https://support.apple.com/en-us/124149" ], "module": "MediaRemote", "rsr": "", "update": "" }, { "available": [ "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Himanshu Bharti (@Xpl0itme)", "description": "This issue was addressed through improved state management.", "id": "CVE-2025-31276", "impact": "Remote content may be loaded even when the 'Load Remote Images' setting is turned off", "links": [ "https://support.apple.com/en-us/124147", "https://support.apple.com/en-us/124148" ], "module": "Mail Drafts", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "bugzilla": "291745", "credit": "Yuhao Hu, Yan Kang, Chenggang Wu, and Xiaojie Wei", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2025-31277", "impact": "Processing maliciously crafted web content may lead to memory corruption", "links": [ "https://support.apple.com/en-us/124147", "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124152", "https://support.apple.com/en-us/124153", "https://support.apple.com/en-us/124154", "https://support.apple.com/en-us/124155" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "bugzilla": "291742", "credit": "Yuhao Hu, Yan Kang, Chenggang Wu, and Xiaojie Wei", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2025-31278", "impact": "Processing maliciously crafted web content may lead to memory corruption", "links": [ "https://support.apple.com/en-us/124147", "https://support.apple.com/en-us/124148", "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124152", "https://support.apple.com/en-us/124153", "https://support.apple.com/en-us/124154", "https://support.apple.com/en-us/124155" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Dawuge of Shuffle Team", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-31279", "impact": "An app may be able to fingerprint the user", "links": [ "https://support.apple.com/en-us/124148", "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124150", "https://support.apple.com/en-us/124151" ], "module": "Find My", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative", "description": "A memory corruption issue was addressed with improved validation.", "id": "CVE-2025-31280", "impact": "Processing a maliciously crafted file may lead to heap corruption", "links": [ "https://support.apple.com/en-us/124149" ], "module": "Model I/O", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia" ], "credit": "Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative", "description": "An input validation issue was addressed with improved memory handling.", "id": "CVE-2025-31281", "impact": "Processing a maliciously crafted file may lead to unexpected app termination", "links": [ "https://support.apple.com/en-us/124147", "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124153", "https://support.apple.com/en-us/124154" ], "module": "Model I/O", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe" ], "credit": "", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2025-32462", "impact": "In certain configurations, an attacker with host-limited sudo access may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/125634" ], "module": "sudo", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "macOS Sequoia", "macOS Sonoma" ], "credit": "", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2025-40909", "impact": "Multiple issues in Perl", "links": [ "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125111", "https://support.apple.com/en-us/125112" ], "module": "Perl", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Csaba Fitzl (@theevilbit) of Kandji", "description": "This issue was addressed by adding an additional prompt for user consent.", "id": "CVE-2025-43184", "impact": "A shortcut may be able to bypass sensitive Shortcuts app settings", "links": [ "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/124150", "https://support.apple.com/en-us/124151" ], "module": "Shortcuts", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "Mickey Jin (@patch1t)", "description": "A downgrade issue was addressed with additional code-signing restrictions.", "id": "CVE-2025-43185", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/124149" ], "module": "Voice Control", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2025-43186", "impact": "Parsing a file may lead to an unexpected app termination", "links": [ "https://support.apple.com/en-us/124147", "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124150", "https://support.apple.com/en-us/124151", "https://support.apple.com/en-us/124153", "https://support.apple.com/en-us/124154", "https://support.apple.com/en-us/124155" ], "module": "afclip", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "\u98ce\u6c90\u4e91\u70df (@binary_fmyy) and Minghao Lin (@Y1nKoc)", "description": "This issue was addressed by removing the vulnerable code.", "id": "CVE-2025-43187", "impact": "Running an hdiutil command may unexpectedly execute arbitrary code", "links": [ "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124150", "https://support.apple.com/en-us/124151" ], "module": "Disk Images", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "an anonymous researcher", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-43188", "impact": "A malicious app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/124149" ], "module": "DiskArbitration", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma" ], "credit": "an anonymous researcher", "description": "This issue was addressed with improved memory handling.", "id": "CVE-2025-43189", "impact": "A malicious app may be able to read kernel memory", "links": [ "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124150" ], "module": "WebContentFilter", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro", "Apple Watch Series 6 and later", "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma" ], "credit": "Noah Gregory (wts.dev)", "description": "A parsing issue in the handling of directory paths was addressed with improved path validation.", "id": "CVE-2025-43190", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/125108", "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125111", "https://support.apple.com/en-us/125112", "https://support.apple.com/en-us/125115", "https://support.apple.com/en-us/125116" ], "module": "Spell Check", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Ryan Dowd (@_rdowd)", "description": "A path handling issue was addressed with improved validation.", "id": "CVE-2025-43191", "impact": "An app may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124150", "https://support.apple.com/en-us/124151" ], "module": "Admin Framework", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma" ], "credit": "Pyrophoria", "description": "A configuration issue was addressed with additional restrictions.", "id": "CVE-2025-43192", "impact": "Account-driven User Enrollment may still be possible with Lockdown Mode turned on", "links": [ "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124150" ], "module": "Managed Configuration", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Dawuge of Shuffle Team", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2025-43193", "impact": "An app may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124150", "https://support.apple.com/en-us/124151" ], "module": "SecurityAgent", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "The issue was addressed with improved checks.", "id": "CVE-2025-43194", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124150", "https://support.apple.com/en-us/124151" ], "module": "PackageKit", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "\u98ce\u6c90\u4e91\u70df (@binary_fmyy) and Minghao Lin (@Y1nKoc)", "description": "An issue existed in the handling of environment variables. This issue was addressed with improved validation.", "id": "CVE-2025-43195", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124150", "https://support.apple.com/en-us/124151" ], "module": "CoreServices", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "A path handling issue was addressed with improved validation.", "id": "CVE-2025-43196", "impact": "An app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124150", "https://support.apple.com/en-us/124151" ], "module": "libxpc", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Shang-De Jiang and Kazma Ye of CyCraft Technology", "description": "This issue was addressed with additional entitlement checks.", "id": "CVE-2025-43197", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124150", "https://support.apple.com/en-us/124151" ], "module": "Single Sign-On", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed by removing the vulnerable code.", "id": "CVE-2025-43198", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124150" ], "module": "Dock", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Gergely Kalman (@gergely_kalman), an anonymous researcher", "description": "A permissions issue was addressed by removing the vulnerable code.", "id": "CVE-2025-43199", "impact": "A malicious app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124150", "https://support.apple.com/en-us/124151" ], "module": "Core Services", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Apple", "description": "This issue was addressed with improved checks.", "id": "CVE-2025-43200", "impact": "A logic issue existed when processing a maliciously crafted photo or video shared via an iCloud Link. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.", "links": [ "https://support.apple.com/en-us/122173", "https://support.apple.com/en-us/122174", "https://support.apple.com/en-us/122345", "https://support.apple.com/en-us/122346", "https://support.apple.com/en-us/122900", "https://support.apple.com/en-us/122901", "https://support.apple.com/en-us/122902", "https://support.apple.com/en-us/122903", "https://support.apple.com/en-us/122904" ], "module": "Messages", "rsr": "", "update": "June 11, 2025" }, { "available": [ "Android version 9.0 and later" ], "credit": "Pankaj Kumar Thakur (linkedin.com/in/pankaj1261/)", "description": "This issue was addressed with improved checks.", "id": "CVE-2025-43201", "impact": "An app may be able to unexpectedly leak a user's credentials", "links": [ "https://support.apple.com/en-us/124156" ], "module": "Apple Music Classical", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia" ], "credit": "Brian Carpenter", "description": "This issue was addressed with improved memory handling.", "id": "CVE-2025-43202", "impact": "Processing a file may lead to memory corruption", "links": [ "https://support.apple.com/en-us/124147", "https://support.apple.com/en-us/124149" ], "module": "libnetcore", "rsr": "", "update": "" }, { "available": [ "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Tom Brzezinski", "description": "The issue was addressed with improved handling of caches.", "id": "CVE-2025-43203", "impact": "An attacker with physical access to an unlocked device may be able to view an image in the most recently viewed locked note", "links": [ "https://support.apple.com/en-us/125108", "https://support.apple.com/en-us/125109" ], "module": "Notes", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)" ], "credit": "@zlluny, Mickey Jin (@patch1t)", "description": "This issue was addressed by removing the vulnerable code.", "id": "CVE-2025-43204", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/125110" ], "module": "RemoteViewServices", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative", "description": "An out-of-bounds access issue was addressed with improved bounds checking.", "id": "CVE-2025-43205", "impact": "An app may be able to bypass ASLR", "links": [ "https://support.apple.com/en-us/122371", "https://support.apple.com/en-us/122372", "https://support.apple.com/en-us/122373", "https://support.apple.com/en-us/122374", "https://support.apple.com/en-us/122375", "https://support.apple.com/en-us/122376", "https://support.apple.com/en-us/122377", "https://support.apple.com/en-us/122378" ], "module": "Audio", "rsr": "", "update": "July 29, 2025" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Zhongquan Li (@Guluisacat)", "description": "A parsing issue in the handling of directory paths was addressed with improved path validation.", "id": "CVE-2025-43206", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124150", "https://support.apple.com/en-us/124151" ], "module": "System Settings", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)" ], "credit": "Rodolphe Brunetti (@eisw0lf) of Lupus Nova, an anonymous researcher", "description": "This issue was addressed with improved entitlements.", "id": "CVE-2025-43207", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/125110" ], "module": "Music", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)" ], "credit": "Csaba Fitzl (@theevilbit) of Kandji, Kirin (@Pwnrin)", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-43208", "impact": "An app may be able to read sensitive location information", "links": [ "https://support.apple.com/en-us/125110" ], "module": "AirPort", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Gary Kwong working with Trend Micro Zero Day Initiative", "description": "An out-of-bounds access issue was addressed with improved bounds checking.", "id": "CVE-2025-43209", "impact": "Processing maliciously crafted web content may lead to an unexpected Safari crash", "links": [ "https://support.apple.com/en-us/124147", "https://support.apple.com/en-us/124148", "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124150", "https://support.apple.com/en-us/124151", "https://support.apple.com/en-us/124153", "https://support.apple.com/en-us/124154", "https://support.apple.com/en-us/124155" ], "module": "ICU", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative", "description": "An out-of-bounds access issue was addressed with improved bounds checking.", "id": "CVE-2025-43210", "impact": "Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory", "links": [ "https://support.apple.com/en-us/124147", "https://support.apple.com/en-us/124148", "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124150", "https://support.apple.com/en-us/124151", "https://support.apple.com/en-us/124153", "https://support.apple.com/en-us/124154", "https://support.apple.com/en-us/124155" ], "module": "CoreMedia", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "bugzilla": "293730", "credit": "Yuhao Hu, Yan Kang, Chenggang Wu, and Xiaojie Wei", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2025-43211", "impact": "Processing web content may lead to a denial-of-service", "links": [ "https://support.apple.com/en-us/124147", "https://support.apple.com/en-us/124148", "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124152", "https://support.apple.com/en-us/124153", "https://support.apple.com/en-us/124154", "https://support.apple.com/en-us/124155" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "bugzilla": "293197", "credit": "Nan Wang (@eternalsakura13) and Ziling Chen", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2025-43212", "impact": "Processing maliciously crafted web content may lead to an unexpected Safari crash", "links": [ "https://support.apple.com/en-us/124147", "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124152", "https://support.apple.com/en-us/124153", "https://support.apple.com/en-us/124154", "https://support.apple.com/en-us/124155" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "bugzilla": "292621", "credit": "Google V8 Security Team", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2025-43213", "impact": "Processing maliciously crafted web content may lead to an unexpected Safari crash", "links": [ "https://support.apple.com/en-us/124147", "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124152", "https://support.apple.com/en-us/124153", "https://support.apple.com/en-us/124154", "https://support.apple.com/en-us/124155" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "bugzilla": "292599", "credit": "shandikri working with Trend Micro Zero Day Initiative, Google V8 Security Team", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2025-43214", "impact": "Processing maliciously crafted web content may lead to an unexpected Safari crash", "links": [ "https://support.apple.com/en-us/124147", "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124152", "https://support.apple.com/en-us/124153", "https://support.apple.com/en-us/124154", "https://support.apple.com/en-us/124155" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative", "description": "The issue was addressed with improved checks.", "id": "CVE-2025-43215", "impact": "Processing a maliciously crafted image may result in disclosure of process memory", "links": [ "https://support.apple.com/en-us/124149" ], "module": "Model I/O", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "bugzilla": "295382", "credit": "Ignacio Sanmillan (@ulexec)", "description": "A use-after-free issue was addressed with improved memory management.", "id": "CVE-2025-43216", "impact": "Processing maliciously crafted web content may lead to an unexpected Safari crash", "links": [ "https://support.apple.com/en-us/124147", "https://support.apple.com/en-us/124148", "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124152", "https://support.apple.com/en-us/124153", "https://support.apple.com/en-us/124154", "https://support.apple.com/en-us/124155" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Himanshu Bharti (@Xpl0itme)", "description": "The issue was addressed by adding additional logic.", "id": "CVE-2025-43217", "impact": "Privacy Indicators for microphone or camera access may not be correctly displayed", "links": [ "https://support.apple.com/en-us/124147", "https://support.apple.com/en-us/124148" ], "module": "Accessibility", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2025-43218", "impact": "Processing a maliciously crafted USD file may disclose memory contents", "links": [ "https://support.apple.com/en-us/124149" ], "module": "Model I/O", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2025-43219", "impact": "Processing a maliciously crafted image may corrupt process memory", "links": [ "https://support.apple.com/en-us/124149" ], "module": "Model I/O", "rsr": "", "update": "" }, { "available": [ "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed with improved validation of symlinks.", "id": "CVE-2025-43220", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/124148", "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124150", "https://support.apple.com/en-us/124151" ], "module": "copyfile", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia" ], "credit": "Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative", "description": "An out-of-bounds access issue was addressed with improved bounds checking.", "id": "CVE-2025-43221", "impact": "Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory", "links": [ "https://support.apple.com/en-us/124147", "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124153", "https://support.apple.com/en-us/124154" ], "module": "Model I/O", "rsr": "", "update": "" }, { "available": [ "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Andreas Jaegersberger & Ro Achterberg of Nosebeard Labs", "description": "A use-after-free issue was addressed by removing the vulnerable code.", "id": "CVE-2025-43222", "impact": "An attacker may be able to cause unexpected app termination", "links": [ "https://support.apple.com/en-us/124148", "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124150", "https://support.apple.com/en-us/124151" ], "module": "CFNetwork", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Andreas Jaegersberger & Ro Achterberg of Nosebeard Labs", "description": "A denial-of-service issue was addressed with improved input validation.", "id": "CVE-2025-43223", "impact": "A non-privileged user may be able to modify restricted network settings", "links": [ "https://support.apple.com/en-us/124147", "https://support.apple.com/en-us/124148", "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124150", "https://support.apple.com/en-us/124151", "https://support.apple.com/en-us/124153", "https://support.apple.com/en-us/124154", "https://support.apple.com/en-us/124155" ], "module": "CFNetwork", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia" ], "credit": "Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative", "description": "An out-of-bounds access issue was addressed with improved bounds checking.", "id": "CVE-2025-43224", "impact": "Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory", "links": [ "https://support.apple.com/en-us/124147", "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124153", "https://support.apple.com/en-us/124154" ], "module": "Model I/O", "rsr": "", "update": "" }, { "available": [ "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Kirin (@Pwnrin)", "description": "A logging issue was addressed with improved data redaction.", "id": "CVE-2025-43225", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/124148", "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124150", "https://support.apple.com/en-us/124151" ], "module": "Notes", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma" ], "credit": "", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2025-43226", "impact": "Processing a maliciously crafted image may result in disclosure of process memory", "links": [ "https://support.apple.com/en-us/124147", "https://support.apple.com/en-us/124148", "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124150", "https://support.apple.com/en-us/124153", "https://support.apple.com/en-us/124154", "https://support.apple.com/en-us/124155" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "bugzilla": "292888", "credit": "Gilad Moav, Yehuda Afek, Anat Bremler-Barr, and Amit Klein", "description": "This issue was addressed through improved state management.", "id": "CVE-2025-43227", "impact": "Processing maliciously crafted web content may disclose sensitive user information", "links": [ "https://support.apple.com/en-us/124147", "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124152", "https://support.apple.com/en-us/124153", "https://support.apple.com/en-us/124154", "https://support.apple.com/en-us/124155" ], "module": "WebKit", "rsr": "", "update": "October 15, 2025" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Ventura and macOS Sonoma" ], "bugzilla": "294374", "credit": "Jaydev Ahire", "description": "The issue was addressed with improved UI.", "id": "CVE-2025-43228", "impact": "Visiting a malicious website may lead to address bar spoofing", "links": [ "https://support.apple.com/en-us/124147", "https://support.apple.com/en-us/124152" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "bugzilla": "285927", "credit": "Martin Bajanik of Fingerprint, Ammar Askar", "description": "This issue was addressed through improved state management.", "id": "CVE-2025-43229", "impact": "Processing maliciously crafted web content may lead to universal cross site scripting", "links": [ "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124152" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia" ], "credit": "Chi Yuan Chang of ZUSO ART and taikosoup", "description": "The issue was addressed with additional permissions checks.", "id": "CVE-2025-43230", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/124147", "https://support.apple.com/en-us/124148", "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124153", "https://support.apple.com/en-us/124154", "https://support.apple.com/en-us/124155" ], "module": "CoreMedia Playback", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "Mickey Jin (@patch1t), Kirin@Pwnrin and LFY@secsys from Fudan University, an anonymous researcher", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2025-43231", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/125112" ], "module": "LaunchServices", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Koh M. Nakagawa (@tsunek0h), Csaba Fitzl (@theevilbit) of Kandji and Gergely Kalman (@gergely_kalman)", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-43232", "impact": "An app may be able to bypass certain Privacy preferences", "links": [ "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124150", "https://support.apple.com/en-us/124151" ], "module": "PackageKit", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Wojciech Regula of SecuRing (wojciechregula.blog)", "description": "This issue was addressed with improved access restrictions.", "id": "CVE-2025-43233", "impact": "A malicious app acting as a HTTPS proxy could get access to sensitive user data", "links": [ "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124150", "https://support.apple.com/en-us/124151" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia" ], "credit": "Vlad Stolyarov of Google's Threat Analysis Group", "description": "Multiple memory corruption issues were addressed with improved input validation.", "id": "CVE-2025-43234", "impact": "Processing a maliciously crafted texture may lead to unexpected app termination", "links": [ "https://support.apple.com/en-us/124147", "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124153", "https://support.apple.com/en-us/124154", "https://support.apple.com/en-us/124155" ], "module": "Metal", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "Dawuge of Shuffle Team", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2025-43235", "impact": "An app may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/124149" ], "module": "Power Management", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Dawuge of Shuffle Team", "description": "A type confusion issue was addressed with improved memory handling.", "id": "CVE-2025-43236", "impact": "An attacker may be able to cause unexpected app termination", "links": [ "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124150", "https://support.apple.com/en-us/124151" ], "module": "Power Management", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "an anonymous researcher", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2025-43237", "impact": "An app may be able to cause unexpected system termination", "links": [ "https://support.apple.com/en-us/124149" ], "module": "WebContentFilter", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "An integer overflow was addressed with improved input validation.", "id": "CVE-2025-43238", "impact": "An app may be able to cause unexpected system termination", "links": [ "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124150", "https://support.apple.com/en-us/124151" ], "module": "Xsan", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Nikolai Skliarenko of Trend Micro Zero Day Initiative", "description": "An out-of-bounds access issue was addressed with improved bounds checking.", "id": "CVE-2025-43239", "impact": "Processing a maliciously crafted file may lead to unexpected app termination", "links": [ "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124150", "https://support.apple.com/en-us/124151" ], "module": "sips", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "bugzilla": "293994", "credit": "Syarif Muhammad Sajjad", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2025-43240", "impact": "A download's origin may be incorrectly associated", "links": [ "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124152" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-43241", "impact": "An app may be able to read files outside of its sandbox", "links": [ "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124150", "https://support.apple.com/en-us/124151" ], "module": "SceneKit", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Keith Yeo (@kyeojy) from Team Orca of Sea Security, Mickey Jin (@patch1t)", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-43243", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124150", "https://support.apple.com/en-us/124151" ], "module": "Software Update", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "ABC Research s.r.o.", "description": "A race condition was addressed with improved state handling.", "id": "CVE-2025-43244", "impact": "An app may be able to cause unexpected system termination", "links": [ "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124150", "https://support.apple.com/en-us/124151" ], "module": "AMD", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "A downgrade issue was addressed with additional code-signing restrictions.", "id": "CVE-2025-43245", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124150", "https://support.apple.com/en-us/124151" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed with improved checks.", "id": "CVE-2025-43246", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124150" ], "module": "Spotlight", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-43247", "impact": "A malicious app with root privileges may be able to modify the contents of system files", "links": [ "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124150", "https://support.apple.com/en-us/124151" ], "module": "PackageKit", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma" ], "credit": "Mickey Jin (@patch1t)", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2025-43248", "impact": "A malicious app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124150" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t)", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2025-43249", "impact": "An app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124150", "https://support.apple.com/en-us/124151" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Mickey Jin (@patch1t), Yuebin Sun (@yuebinsun2020)", "description": "A path handling issue was addressed with improved validation.", "id": "CVE-2025-43250", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124150", "https://support.apple.com/en-us/124151" ], "module": "SharedFileList", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "Mickey Jin (@patch1t)", "description": "An authorization issue was addressed with improved state management.", "id": "CVE-2025-43251", "impact": "A local attacker may gain access to Keychain items", "links": [ "https://support.apple.com/en-us/124149" ], "module": "User Management", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "Jonathan Bar Or (@yo_yo_yo_jbo) of Microsoft", "description": "This issue was addressed by adding an additional prompt for user consent.", "id": "CVE-2025-43252", "impact": "A website may be able to access sensitive user data when resolving symlinks", "links": [ "https://support.apple.com/en-us/124149" ], "module": "zip", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma" ], "credit": "Noah Gregory (wts.dev)", "description": "This issue was addressed with improved input validation.", "id": "CVE-2025-43253", "impact": "A malicious app may be able to launch arbitrary binaries on a trusted device", "links": [ "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124150" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "2ourc3 | Salim Largo", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2025-43254", "impact": "Processing a maliciously crafted file may lead to unexpected app termination", "links": [ "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124150", "https://support.apple.com/en-us/124151" ], "module": "file", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Anonymous working with Trend Micro Zero Day Initiative", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2025-43255", "impact": "An app may be able to cause unexpected system termination", "links": [ "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124150", "https://support.apple.com/en-us/124151" ], "module": "GPU Drivers", "rsr": "", "update": "August 28, 2025" }, { "available": [ "macOS Sequoia", "macOS Sonoma" ], "credit": "an anonymous researcher", "description": "This issue was addressed through improved state management.", "id": "CVE-2025-43256", "impact": "An app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124150" ], "module": "StorageKit", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed with improved handling of symlinks.", "id": "CVE-2025-43257", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/124149" ], "module": "Archive Utility", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Martti H\u00fctt", "description": "This issue was addressed with improved redaction of sensitive information.", "id": "CVE-2025-43259", "impact": "An attacker with physical access to a locked device may be able to view sensitive user information", "links": [ "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124150", "https://support.apple.com/en-us/124151" ], "module": "WindowServer", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma" ], "credit": "Zhongquan Li (@Guluisacat)", "description": "This issue was addressed with improved data protection.", "id": "CVE-2025-43260", "impact": "An app may be able to hijack entitlements granted to other privileged apps", "links": [ "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124150" ], "module": "PackageKit", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "an anonymous researcher", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2025-43261", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124150", "https://support.apple.com/en-us/124151" ], "module": "File Bookmark", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)" ], "credit": "Pyrophoria, an anonymous researcher of GrapheneOS, James J Kalafus, Michel Migdal, ken super", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-43262", "impact": "USB Restricted Mode may not be applied to accessories connected during boot", "links": [ "https://support.apple.com/en-us/125110" ], "module": "Trusted Device", "rsr": "", "update": "November 3, 2025" }, { "available": [ "macOS Sequoia 15.6 and later" ], "credit": "Mickey Jin (@patch1t)", "description": "The issue was addressed with improved checks.", "id": "CVE-2025-43263", "impact": "An app may be able to read and write files outside of its sandbox", "links": [ "https://support.apple.com/en-us/125117" ], "module": "IDE CoreML", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2025-43264", "impact": "Processing a maliciously crafted image may corrupt process memory", "links": [ "https://support.apple.com/en-us/124149" ], "module": "Model I/O", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "bugzilla": "294182", "credit": "HexRabbit (@h3xr4bb1t) from DEVCORE Research Team", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2025-43265", "impact": "Processing maliciously crafted web content may disclose internal states of the app", "links": [ "https://support.apple.com/en-us/124147", "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124152", "https://support.apple.com/en-us/124153", "https://support.apple.com/en-us/124154", "https://support.apple.com/en-us/124155" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Noah Gregory (wts.dev)", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-43266", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124150", "https://support.apple.com/en-us/124151" ], "module": "NSSpellChecker", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "Mickey Jin (@patch1t)", "description": "An injection issue was addressed with improved validation.", "id": "CVE-2025-43267", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/124149" ], "module": "Directory Utility", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "Gergely Kalman (@gergely_kalman), Arsenii Kostromin (0x3c3e)", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-43268", "impact": "A malicious app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/124149" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Minghao Lin and Jiaxun Zhu", "description": "An access issue was addressed with additional sandbox restrictions.", "id": "CVE-2025-43270", "impact": "An app may gain unauthorized access to Local Network", "links": [ "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124150", "https://support.apple.com/en-us/124151" ], "module": "Notes", "rsr": "", "update": "October 15, 2025" }, { "available": [ "Apple Vision Pro", "Apple Watch Series 6 and later", "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Sonoma and macOS Sequoia" ], "bugzilla": "294550", "credit": "Big Bear", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2025-43272", "impact": "Processing maliciously crafted web content may lead to an unexpected Safari crash", "links": [ "https://support.apple.com/en-us/125108", "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125113", "https://support.apple.com/en-us/125115", "https://support.apple.com/en-us/125116" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma" ], "credit": "Seo Hyun-gyu (@wh1te4ever), Minghao Lin (@Y1nKoc), \u98ce (binaryfmyy), BochengXiang(@Crispr), and YingQi Shi (@Mas0nShi), Dora Orak", "description": "A permissions issue was addressed with additional sandbox restrictions.", "id": "CVE-2025-43273", "impact": "A sandboxed process may be able to circumvent sandbox restrictions", "links": [ "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/125112" ], "module": "CoreMedia", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "an anonymous researcher, Hikerell of Loadshine Lab, @zlluny", "description": "A privacy issue was addressed by removing the vulnerable code.", "id": "CVE-2025-43274", "impact": "A sandboxed process may be able to circumvent sandbox restrictions", "links": [ "https://support.apple.com/en-us/124149" ], "module": "RemoteViewServices", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Csaba Fitzl (@theevilbit) of Kandji", "description": "A race condition was addressed with additional validation.", "id": "CVE-2025-43275", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124150", "https://support.apple.com/en-us/124151" ], "module": "NetAuth", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia" ], "credit": "Willey Lin", "description": "A logic error was addressed with improved error handling.", "id": "CVE-2025-43276", "impact": "iCloud Private Relay may not activate when more than one user is logged in at the same time", "links": [ "https://support.apple.com/en-us/124149" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma" ], "credit": "Google's Threat Analysis Group", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2025-43277", "impact": "Processing a maliciously crafted audio file may lead to memory corruption", "links": [ "https://support.apple.com/en-us/124147", "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124153", "https://support.apple.com/en-us/124154", "https://support.apple.com/en-us/124155", "https://support.apple.com/en-us/125112" ], "module": "CoreAudio", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)" ], "credit": "Kirin (@Pwnrin)", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2025-43279", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/125110" ], "module": "Notification Center", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Himanshu Bharti @Xpl0itme", "description": "The issue was resolved by not loading remote images", "id": "CVE-2025-43280", "impact": "Forwarding an email could display remote images in Mail in Lockdown Mode", "links": [ "https://support.apple.com/en-us/124147" ], "module": "Mail Drafts", "rsr": "", "update": "October 15, 2025" }, { "available": [ "macOS Sequoia" ], "credit": "MRHAX, Aditya Rana", "description": "The issue was addressed with improved authentication.", "id": "CVE-2025-43281", "impact": "A local attacker may be able to elevate their privileges", "links": [ "https://support.apple.com/en-us/124149" ], "module": "Application Firewall", "rsr": "", "update": "October 15, 2025" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Christian Kohlsch\u00fctter", "description": "A double free issue was addressed with improved memory management.", "id": "CVE-2025-43282", "impact": "An app may be able to cause unexpected system termination", "links": [ "https://support.apple.com/en-us/124147", "https://support.apple.com/en-us/124148", "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124150", "https://support.apple.com/en-us/124151", "https://support.apple.com/en-us/124153", "https://support.apple.com/en-us/124154", "https://support.apple.com/en-us/124155" ], "module": "Kernel", "rsr": "", "update": "October 15, 2025" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)" ], "credit": "Anonymous working with Trend Micro Zero Day Initiative", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2025-43283", "impact": "An app may be able to cause unexpected system termination", "links": [ "https://support.apple.com/en-us/125110" ], "module": "GPU Drivers", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Anonymous working with Trend Micro Zero Day Initiative", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2025-43284", "impact": "An app may be able to cause unexpected system termination", "links": [ "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124150", "https://support.apple.com/en-us/124151" ], "module": "GPU Drivers", "rsr": "", "update": "August 28, 2025" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "macOS Sequoia", "macOS Sonoma" ], "credit": "Zhongquan Li (@Guluisacat), Mickey Jin (@patch1t)", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-43285", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125111", "https://support.apple.com/en-us/125112" ], "module": "AppSandbox", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "macOS Sequoia", "macOS Sonoma" ], "credit": "pattern-f (@pattern_F_), @zlluny", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-43286", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125111", "https://support.apple.com/en-us/125112" ], "module": "SharedFileList", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)" ], "credit": "\uc774\ub3d9\ud558 (Lee Dong Ha) of SSA Lab, Yi\u011fit Can YILMAZ (@yilmazcanyigit)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2025-43287", "impact": "Processing a maliciously crafted image may corrupt process memory", "links": [ "https://support.apple.com/en-us/125110" ], "module": "ImageIO", "rsr": "", "update": "November 3, 2025" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "macOS Sequoia" ], "credit": "Rodolphe BRUNETTI (@eisw0lf) of Lupus Nova", "description": "This issue was addressed with improved validation of symlinks.", "id": "CVE-2025-43288", "impact": "An app may be able to bypass Privacy preferences", "links": [ "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125111" ], "module": "Archive Utility", "rsr": "", "update": "November 3, 2025" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "macOS Sequoia", "macOS Sonoma" ], "credit": "Ye Zhang of Baidu Security", "description": "A permissions issue was addressed by removing the vulnerable code.", "id": "CVE-2025-43291", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125111", "https://support.apple.com/en-us/125112" ], "module": "SharedFileList", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "macOS Sequoia" ], "credit": "Csaba Fitzl (@theevilbit) and Nolan Astrein of Kandji", "description": "A race condition was addressed with improved state handling.", "id": "CVE-2025-43292", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125111", "https://support.apple.com/en-us/125635" ], "module": "CoreMedia", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "macOS Sequoia", "macOS Sonoma" ], "credit": "an anonymous researcher", "description": "The issue was addressed with improved input validation.", "id": "CVE-2025-43293", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125111", "https://support.apple.com/en-us/125112" ], "module": "SharedFileList", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 6 and later", "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later" ], "credit": "Gergely Kalman (@gergely_kalman)", "description": "An issue existed in the handling of environment variables. This issue was addressed with improved validation.", "id": "CVE-2025-43294", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125637", "https://support.apple.com/en-us/125639" ], "module": "MallocStackLogging", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma" ], "credit": "Nathaniel Oh (@calysteon)", "description": "A denial-of-service issue was addressed with improved validation.", "id": "CVE-2025-43295", "impact": "An app may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/125109", "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125111", "https://support.apple.com/en-us/125112" ], "module": "libc", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)" ], "credit": "Ferdous Saljooki (@malwarezoo) of Jamf", "description": "A logic issue was addressed with improved validation.", "id": "CVE-2025-43296", "impact": "An app may bypass Gatekeeper checks", "links": [ "https://support.apple.com/en-us/125110" ], "module": "System Settings", "rsr": "", "update": "October 9, 2025" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)" ], "credit": "Dawuge of Shuffle Team", "description": "A type confusion issue was addressed with improved memory handling.", "id": "CVE-2025-43297", "impact": "An app may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/125110" ], "module": "Power Management", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "macOS Sequoia", "macOS Sonoma" ], "credit": "an anonymous researcher", "description": "A parsing issue in the handling of directory paths was addressed with improved path validation.", "id": "CVE-2025-43298", "impact": "An app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125111", "https://support.apple.com/en-us/125112" ], "module": "PackageKit", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma" ], "credit": "Nathaniel Oh (@calysteon)", "description": "A denial-of-service issue was addressed with improved validation.", "id": "CVE-2025-43299", "impact": "An app may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/125109", "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125111", "https://support.apple.com/en-us/125112" ], "module": "libc", "rsr": "", "update": "" }, { "available": [ "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "Apple", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2025-43300", "impact": "Processing a malicious image file may result in memory corruption. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.", "links": [ "https://support.apple.com/en-us/124925", "https://support.apple.com/en-us/124926", "https://support.apple.com/en-us/124927", "https://support.apple.com/en-us/124928", "https://support.apple.com/en-us/124929", "https://support.apple.com/en-us/125141", "https://support.apple.com/en-us/125142" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "macOS Sequoia", "macOS Sonoma" ], "credit": "LFY@secsys from Fudan University", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2025-43301", "impact": "An app may be able to access contact info related to notifications in Notification Center", "links": [ "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125111", "https://support.apple.com/en-us/125112" ], "module": "Notification Center", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma" ], "credit": "Keisuke Hosoda", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2025-43302", "impact": "An app may be able to cause unexpected system termination", "links": [ "https://support.apple.com/en-us/125108", "https://support.apple.com/en-us/125109", "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125111", "https://support.apple.com/en-us/125112", "https://support.apple.com/en-us/125114", "https://support.apple.com/en-us/125115", "https://support.apple.com/en-us/125116" ], "module": "IOHIDFamily", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later" ], "credit": "Csaba Fitzl (@theevilbit) of Kandji", "description": "A logging issue was addressed with improved data redaction.", "id": "CVE-2025-43303", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/125108", "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125114", "https://support.apple.com/en-us/125115", "https://support.apple.com/en-us/125116" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "macOS Sequoia", "macOS Sonoma" ], "credit": "Mickey Jin (@patch1t)", "description": "A race condition was addressed with improved state handling.", "id": "CVE-2025-43304", "impact": "An app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125111", "https://support.apple.com/en-us/125112" ], "module": "StorageKit", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "macOS Sequoia", "macOS Sonoma" ], "credit": "an anonymous researcher, Mickey Jin (@patch1t)", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2025-43305", "impact": "A malicious app may be able to access private information", "links": [ "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125111", "https://support.apple.com/en-us/125112" ], "module": "CoreServices", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)" ], "credit": "Dawuge of Shuffle Team", "description": "This issue was addressed with improved checks to prevent unauthorized actions.", "id": "CVE-2025-43307", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/125110" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro (13-inch, M1, 2020 and M2, 2022)", "macOS Sequoia", "macOS Sonoma" ], "credit": "an anonymous researcher", "description": "This issue was addressed with additional entitlement checks.", "id": "CVE-2025-43308", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125111", "https://support.apple.com/en-us/125112" ], "module": "Touch Bar Controls", "rsr": "", "update": "" }, { "available": [ "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later" ], "credit": "Abhay Kailasia (@abhay_kailasia) from C-DAC Thiruvananthapuram India", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2025-43309", "impact": "An attacker with physical access to an iOS device may be able to view notification contents from the Lock Screen", "links": [ "https://support.apple.com/en-us/125108" ], "module": "Notifications", "rsr": "", "update": "November 3, 2025" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "macOS Sequoia", "macOS Sonoma" ], "credit": "an anonymous researcher", "description": "A configuration issue was addressed with additional restrictions.", "id": "CVE-2025-43310", "impact": "An app may be able to trick a user into copying sensitive data to the pasteboard", "links": [ "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125111", "https://support.apple.com/en-us/125112" ], "module": "WindowServer", "rsr": "", "update": "" }, { "available": [ "MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro (13-inch, M1, 2020 and M2, 2022)", "macOS Sequoia", "macOS Sonoma" ], "credit": "Justin Elliot Fu, an anonymous researcher", "description": "This issue was addressed with additional entitlement checks.", "id": "CVE-2025-43311", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125111", "https://support.apple.com/en-us/125112" ], "module": "Touch Bar", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "macOS Sequoia", "macOS Sonoma" ], "credit": "ABC Research s.r.o.", "description": "A buffer overflow was addressed with improved bounds checking.", "id": "CVE-2025-43312", "impact": "An app may be able to cause unexpected system termination", "links": [ "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125111", "https://support.apple.com/en-us/125112" ], "module": "AMD", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "\u98ce\u6c90\u4e91\u70df@binary_fmyy", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2025-43313", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124150", "https://support.apple.com/en-us/124151" ], "module": "CoreServices", "rsr": "", "update": "October 15, 2025" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "macOS Sequoia", "macOS Sonoma" ], "credit": "Mickey Jin (@patch1t)", "description": "A parsing issue in the handling of directory paths was addressed with improved path validation.", "id": "CVE-2025-43314", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125111", "https://support.apple.com/en-us/125112" ], "module": "StorageKit", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "macOS Sequoia", "macOS Sonoma" ], "credit": "Rodolphe Brunetti (@eisw0lf) of Lupus Nova", "description": "This issue was addressed by removing the vulnerable code.", "id": "CVE-2025-43315", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125111", "https://support.apple.com/en-us/125112" ], "module": "MigrationKit", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro", "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)" ], "credit": "Csaba Fitzl (@theevilbit) of Kandji, an anonymous researcher", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-43316", "impact": "A malicious app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125115" ], "module": "DiskArbitration", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later" ], "credit": "Mickey Jin (@patch1t)", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-43317", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/125108", "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125114", "https://support.apple.com/en-us/125115", "https://support.apple.com/en-us/125116" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)" ], "credit": "Yi\u011fit Can YILMAZ (@yilmazcanyigit)", "description": "This issue was addressed with additional entitlement checks.", "id": "CVE-2025-43318", "impact": "An app with root privileges may be able to access private information", "links": [ "https://support.apple.com/en-us/125110" ], "module": "Sandbox", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "macOS Sequoia", "macOS Sonoma" ], "credit": "Hikerell (Loadshine Lab)", "description": "This issue was addressed by removing the vulnerable code.", "id": "CVE-2025-43319", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125111", "https://support.apple.com/en-us/125112" ], "module": "MediaLibrary", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "macOS Sequoia" ], "credit": "Claudio Bozzato and Francesco Benvenuto of Cisco Talos", "description": "The issue was addressed by adding additional logic.", "id": "CVE-2025-43320", "impact": "An app may be able to bypass launch constraint protections and execute malicious code with elevated privileges", "links": [ "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125887" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "Mac Pro (2019), iMac (27-inch, 2020), MacBook Pro (16-inch, 2019), and MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports)", "macOS Sequoia", "macOS Sonoma" ], "credit": "Mickey Jin (@patch1t)", "description": "The issue was resolved by blocking unsigned services from launching on Intel Macs.", "id": "CVE-2025-43321", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125111", "https://support.apple.com/en-us/125112" ], "module": "AppKit", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Ryan Dowd (@_rdowd)", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2025-43322", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635", "https://support.apple.com/en-us/125636" ], "module": "Admin Framework", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later" ], "credit": "Yinyi Wu (@_3ndy1) from Dawn Security Lab of JD.com, Inc", "description": "This issue was addressed with additional entitlement checks.", "id": "CVE-2025-43323", "impact": "An app may be able to fingerprint the user", "links": [ "https://support.apple.com/en-us/125108", "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125114", "https://support.apple.com/en-us/125115", "https://support.apple.com/en-us/125116" ], "module": "CloudKit", "rsr": "", "update": "November 3, 2025" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)" ], "credit": "an anonymous researcher", "description": "An access issue was addressed with additional sandbox restrictions.", "id": "CVE-2025-43325", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/125110" ], "module": "Icons", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "macOS Sequoia", "macOS Sonoma" ], "credit": "Wang Yu of Cyberserval", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2025-43326", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125111", "https://support.apple.com/en-us/125112" ], "module": "GPU Drivers", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "macOS Sonoma and macOS Sequoia" ], "credit": "@RenwaX23", "description": "The issue was addressed by adding additional logic.", "id": "CVE-2025-43327", "impact": "Visiting a malicious website may lead to address bar spoofing", "links": [ "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125113" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)" ], "credit": "Csaba Fitzl (@theevilbit) of Kandji", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-43328", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/125110" ], "module": "Sandbox", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 6 and later", "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later" ], "credit": "an anonymous researcher", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-43329", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/125108", "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125114", "https://support.apple.com/en-us/125116" ], "module": "Sandbox", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "macOS Sequoia" ], "credit": "Bilal Siddiqui", "description": "This issue was addressed by removing the vulnerable code.", "id": "CVE-2025-43330", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125111" ], "module": "ATS", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)" ], "credit": "Mickey Jin (@patch1t), Kirin (@Pwnrin), Claudio Bozzato and Francesco Benvenuto of Cisco Talos", "description": "A downgrade issue was addressed with additional code-signing restrictions.", "id": "CVE-2025-43331", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/125110" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "macOS Sequoia", "macOS Sonoma" ], "credit": "an anonymous researcher", "description": "A file quarantine bypass was addressed with additional checks.", "id": "CVE-2025-43332", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125111", "https://support.apple.com/en-us/125112" ], "module": "Security Initialization", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)" ], "credit": "Gergely Kalman (@gergely_kalman)", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-43333", "impact": "An app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/125110" ], "module": "Spotlight", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Gergely Kalman (@gergely_kalman)", "description": "This issue was addressed with additional entitlement checks.", "id": "CVE-2025-43334", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635", "https://support.apple.com/en-us/125636" ], "module": "sudo", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Csaba Fitzl (@theevilbit) of Kandji", "description": "The issue was addressed by adding additional logic.", "id": "CVE-2025-43335", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635", "https://support.apple.com/en-us/125636" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Rodolphe BRUNETTI (@eisw0lf) of Lupus Nova", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-43336", "impact": "An app with root privileges may be able to access private information", "links": [ "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635", "https://support.apple.com/en-us/125636" ], "module": "SoftwareUpdate", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "macOS Sequoia" ], "credit": "Csaba Fitzl (@theevilbit) and Nolan Astrein of Kandji", "description": "An access issue was addressed with additional sandbox restrictions.", "id": "CVE-2025-43337", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125635" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "\uc774\ub3d9\ud558 (Lee Dong Ha) of SSA Lab", "description": "An out-of-bounds access issue was addressed with improved bounds checking.", "id": "CVE-2025-43338", "impact": "Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory", "links": [ "https://support.apple.com/en-us/125108", "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125636" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)" ], "credit": "Mickey Jin (@patch1t)", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-43340", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/125110" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "macOS Sonoma" ], "credit": "an anonymous researcher", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-43341", "impact": "An app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125112" ], "module": "Storage", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sonoma and macOS Sequoia" ], "bugzilla": "296042", "credit": "an anonymous researcher", "description": "A correctness issue was addressed with improved checks.", "id": "CVE-2025-43342", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/125108", "https://support.apple.com/en-us/125109", "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125113", "https://support.apple.com/en-us/125114", "https://support.apple.com/en-us/125115", "https://support.apple.com/en-us/125116" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Sonoma and macOS Sequoia" ], "bugzilla": "296490", "credit": "an anonymous researcher", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2025-43343", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/125108", "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125113", "https://support.apple.com/en-us/125114", "https://support.apple.com/en-us/125115", "https://support.apple.com/en-us/125116" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (2nd generation and later)", "Apple Vision Pro", "Apple Watch Series 9 and later, Apple Watch SE 2nd generation, Apple Watch Ultra (all models)", "Mac Studio (2022 and later), iMac (2021 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), and MacBook Pro with Apple silicon (2020 and later), Mac Pro (2023)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later" ], "credit": "an anonymous researcher", "description": "An out-of-bounds access issue was addressed with improved bounds checking.", "id": "CVE-2025-43344", "impact": "An app may be able to cause unexpected system termination", "links": [ "https://support.apple.com/en-us/125108", "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125114", "https://support.apple.com/en-us/125115", "https://support.apple.com/en-us/125116" ], "module": "Apple Neural Engine", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma" ], "credit": "Mickey Jin (@patch1t)", "description": "A correctness issue was addressed with improved checks.", "id": "CVE-2025-43345", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/125108", "https://support.apple.com/en-us/125109", "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125111", "https://support.apple.com/en-us/125112", "https://support.apple.com/en-us/125114", "https://support.apple.com/en-us/125115", "https://support.apple.com/en-us/125116" ], "module": "Kernel", "rsr": "", "update": "November 3, 2025" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative", "description": "An out-of-bounds access issue was addressed with improved bounds checking.", "id": "CVE-2025-43346", "impact": "Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory", "links": [ "https://support.apple.com/en-us/125108", "https://support.apple.com/en-us/125109", "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125114", "https://support.apple.com/en-us/125115", "https://support.apple.com/en-us/125116" ], "module": "Audio", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later" ], "credit": "JZ, Seo Hyun-gyu (@wh1te4ever), Luke Roberts (@rookuu)", "description": "This issue was addressed by removing the vulnerable code.", "id": "CVE-2025-43347", "impact": "An input validation issue was addressed", "links": [ "https://support.apple.com/en-us/125108", "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125114", "https://support.apple.com/en-us/125115", "https://support.apple.com/en-us/125116" ], "module": "System", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Ferdous Saljooki (@malwarezoo) of Jamf", "description": "A logic issue was addressed with improved validation.", "id": "CVE-2025-43348", "impact": "An app may bypass Gatekeeper checks", "links": [ "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635", "https://support.apple.com/en-us/125636" ], "module": "Finder", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma" ], "credit": "@zlluny working with Trend Micro Zero Day Initiative", "description": "An out-of-bounds write issue was addressed with improved input validation.", "id": "CVE-2025-43349", "impact": "Processing a maliciously crafted video file may lead to unexpected app termination", "links": [ "https://support.apple.com/en-us/125108", "https://support.apple.com/en-us/125109", "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125111", "https://support.apple.com/en-us/125112", "https://support.apple.com/en-us/125114", "https://support.apple.com/en-us/125115", "https://support.apple.com/en-us/125116" ], "module": "CoreAudio", "rsr": "", "update": "" }, { "available": [ "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later" ], "credit": "Lukaah Marlowe", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-43350", "impact": "An attacker may be able to view restricted content from the lock screen", "links": [ "https://support.apple.com/en-us/125632" ], "module": "Control Center", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe" ], "credit": "Rodolphe BRUNETTI (@eisw0lf) of Lupus Nova", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-43351", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/125634" ], "module": "StorageKit", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "macOS Sequoia", "macOS Sonoma" ], "credit": "Nathaniel Oh (@calysteon)", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2025-43353", "impact": "Processing a maliciously crafted string may lead to heap corruption", "links": [ "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125111", "https://support.apple.com/en-us/125112" ], "module": "Libinfo", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later" ], "credit": "Csaba Fitzl (@theevilbit) of Kandji", "description": "A logging issue was addressed with improved data redaction.", "id": "CVE-2025-43354", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/125108", "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125114", "https://support.apple.com/en-us/125115", "https://support.apple.com/en-us/125116" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma" ], "credit": "Dawuge of Shuffle Team", "description": "A type confusion issue was addressed with improved memory handling.", "id": "CVE-2025-43355", "impact": "An app may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/125108", "https://support.apple.com/en-us/125109", "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125111", "https://support.apple.com/en-us/125112", "https://support.apple.com/en-us/125114", "https://support.apple.com/en-us/125115", "https://support.apple.com/en-us/125116" ], "module": "MobileStorageMounter", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sonoma and macOS Sequoia" ], "bugzilla": "296153", "credit": "Jaydev Ahire", "description": "The issue was addressed with improved handling of caches.", "id": "CVE-2025-43356", "impact": "A website may be able to access sensor information without user consent", "links": [ "https://support.apple.com/en-us/125108", "https://support.apple.com/en-us/125109", "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125113", "https://support.apple.com/en-us/125114", "https://support.apple.com/en-us/125115", "https://support.apple.com/en-us/125116" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later" ], "credit": "Rosyna Keller of Totally Not Malicious Software, Guilherme Rambo of Best Buddy Apps (rambo.codes)", "description": "This issue was addressed with improved redaction of sensitive information.", "id": "CVE-2025-43357", "impact": "An app may be able to fingerprint the user", "links": [ "https://support.apple.com/en-us/125108", "https://support.apple.com/en-us/125110" ], "module": "Call History", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma" ], "credit": "\uc815\ub2f5\uc774 \uc544\ub2cc \ud574\ub2f5", "description": "A permissions issue was addressed with additional sandbox restrictions.", "id": "CVE-2025-43358", "impact": "A shortcut may be able to bypass sandbox restrictions", "links": [ "https://support.apple.com/en-us/125108", "https://support.apple.com/en-us/125109", "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125111", "https://support.apple.com/en-us/125112" ], "module": "Shortcuts", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma" ], "credit": "Viktor Oreshkin", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2025-43359", "impact": "A UDP server socket bound to a local interface may become bound to all interfaces", "links": [ "https://support.apple.com/en-us/125108", "https://support.apple.com/en-us/125109", "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125111", "https://support.apple.com/en-us/125112", "https://support.apple.com/en-us/125114", "https://support.apple.com/en-us/125115", "https://support.apple.com/en-us/125116" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later" ], "credit": "Nikita Sakalouski", "description": "The issue was addressed with improved UI.", "id": "CVE-2025-43360", "impact": "Password fields may be unintentionally revealed", "links": [ "https://support.apple.com/en-us/125108" ], "module": "Authentication Services", "rsr": "", "update": "November 3, 2025" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma" ], "credit": "Michael Reeves (@IntegralPilot)", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2025-43361", "impact": "A malicious app may be able to read kernel memory", "links": [ "https://support.apple.com/en-us/125108", "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125114", "https://support.apple.com/en-us/125115", "https://support.apple.com/en-us/125116", "https://support.apple.com/en-us/125635", "https://support.apple.com/en-us/125636" ], "module": "Audio", "rsr": "", "update": "" }, { "available": [ "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Philipp Baldauf", "description": "The issue was addressed with improved checks.", "id": "CVE-2025-43362", "impact": "An app may be able to monitor keystrokes without user permission", "links": [ "https://support.apple.com/en-us/125108", "https://support.apple.com/en-us/125109" ], "module": "LaunchServices", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Csaba Fitzl (@theevilbit) of Kandji", "description": "A race condition was addressed with additional validation.", "id": "CVE-2025-43364", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/125111", "https://support.apple.com/en-us/125112", "https://support.apple.com/en-us/125634" ], "module": "NetFSFramework", "rsr": "", "update": "" }, { "available": [ "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Minghao Lin (@Y1nKoc) and Lyutoon (@Lyutoon_) and YingQi Shi (@Mas0n)", "description": "A denial-of-service issue was addressed with improved input validation.", "id": "CVE-2025-43365", "impact": "An unprivileged process may be able to terminate a root processes", "links": [ "https://support.apple.com/en-us/125108", "https://support.apple.com/en-us/125633" ], "module": "MetricKit", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)" ], "credit": "Ye Zhang (@VAR10CK) of Baidu Security", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2025-43366", "impact": "An app may be able to disclose coprocessor memory", "links": [ "https://support.apple.com/en-us/125110" ], "module": "IOMobileFrameBuffer", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "macOS Sonoma" ], "credit": "Kirin (@Pwnrin), Cristian Dinca of \"Tudor Vianu\" National High School of Computer Science, Romania", "description": "A privacy issue was addressed by moving sensitive data.", "id": "CVE-2025-43367", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125112" ], "module": "Siri", "rsr": "", "update": "" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Sonoma and macOS Sequoia" ], "bugzilla": "296276", "credit": "Pawel Wylecial of REDTEAM.PL working with Trend Micro Zero Day Initiative, Ignacio Sanmillan (@ulexec)", "description": "A use-after-free issue was addressed with improved memory management.", "id": "CVE-2025-43368", "impact": "Processing maliciously crafted web content may lead to an unexpected Safari crash", "links": [ "https://support.apple.com/en-us/125108", "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125113" ], "module": "WebKit Process Model", "rsr": "", "update": "November 3, 2025" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)" ], "credit": "an anonymous researcher", "description": "This issue was addressed with improved handling of symlinks.", "id": "CVE-2025-43369", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/125110" ], "module": "SharedFileList", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia 15.6 and later" ], "credit": "Nathaniel Oh (@calysteon)", "description": "A path handling issue was addressed with improved validation.", "id": "CVE-2025-43370", "impact": "Processing an overly large path value may crash a process", "links": [ "https://support.apple.com/en-us/125117" ], "module": "Dev Tools", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia 15.6 and later" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed with improved checks.", "id": "CVE-2025-43371", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/125117" ], "module": "Xcode", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Sonoma" ], "credit": "\uc774\ub3d9\ud558 (Lee Dong Ha) of SSA Lab", "description": "The issue was addressed with improved input validation.", "id": "CVE-2025-43372", "impact": "Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory", "links": [ "https://support.apple.com/en-us/125108", "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125114", "https://support.apple.com/en-us/125115", "https://support.apple.com/en-us/125116", "https://support.apple.com/en-us/125636" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Wang Yu of Cyberserval", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2025-43373", "impact": "An app may be able to cause unexpected system termination or corrupt kernel memory", "links": [ "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635", "https://support.apple.com/en-us/125636" ], "module": "Wi-Fi", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura" ], "credit": "jioundai of 360 Vulnerability Research Institute, chen fengjiao of HBC", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2025-43374", "impact": "An attacker in physical proximity may be able to cause an out-of-bounds read in kernel memory", "links": [ "https://support.apple.com/en-us/122069", "https://support.apple.com/en-us/122070", "https://support.apple.com/en-us/122404", "https://support.apple.com/en-us/122405", "https://support.apple.com/en-us/122716", "https://support.apple.com/en-us/122720", "https://support.apple.com/en-us/122721", "https://support.apple.com/en-us/122722" ], "module": "Wi-Fi", "rsr": "", "update": "November 21, 2025" }, { "available": [ "macOS Sequoia 15.6 and later" ], "credit": "Nathaniel Oh (@calysteon)", "description": "The issue was addressed with improved checks.", "id": "CVE-2025-43375", "impact": "Processing an overly large path value may crash a process", "links": [ "https://support.apple.com/en-us/125117" ], "module": "Dev Tools", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Sonoma and macOS Sequoia" ], "bugzilla": "295943", "credit": "Mike Cardwell of grepular.com, Bob Lord", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2025-43376", "impact": "A remote attacker may be able to view leaked DNS queries with Private Relay turned on", "links": [ "https://support.apple.com/en-us/125108", "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125113", "https://support.apple.com/en-us/125114", "https://support.apple.com/en-us/125115", "https://support.apple.com/en-us/125116" ], "module": "WebKit", "rsr": "", "update": "November 3, 2025" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Tahoe" ], "credit": "BynarIO AI (bynar.io)", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2025-43377", "impact": "An app may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/125633", "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635" ], "module": "Model I/O", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Tahoe" ], "credit": "an anonymous researcher", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-43378", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Gergely Kalman (@gergely_kalman)", "description": "This issue was addressed with improved validation of symlinks.", "id": "CVE-2025-43379", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635", "https://support.apple.com/en-us/125636", "https://support.apple.com/en-us/125637", "https://support.apple.com/en-us/125638", "https://support.apple.com/en-us/125639" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Nikolai Skliarenko of Trend Micro Zero Day Initiative", "description": "An out-of-bounds write issue was addressed with improved input validation.", "id": "CVE-2025-43380", "impact": "Parsing a file may lead to an unexpected app termination", "links": [ "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635", "https://support.apple.com/en-us/125636" ], "module": "sips", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed with improved handling of symlinks.", "id": "CVE-2025-43381", "impact": "A malicious app may be able to delete protected user data", "links": [ "https://support.apple.com/en-us/125634" ], "module": "CoreServicesUIAgent", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Gergely Kalman (@gergely_kalman)", "description": "A parsing issue in the handling of directory paths was addressed with improved path validation.", "id": "CVE-2025-43382", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635", "https://support.apple.com/en-us/125636" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Tahoe" ], "credit": "Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative", "description": "An out-of-bounds access issue was addressed with improved bounds checking.", "id": "CVE-2025-43383", "impact": "Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory", "links": [ "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125633", "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635", "https://support.apple.com/en-us/125637", "https://support.apple.com/en-us/125638" ], "module": "Model I/O", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Tahoe" ], "credit": "Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative", "description": "An out-of-bounds access issue was addressed with improved bounds checking.", "id": "CVE-2025-43384", "impact": "Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory", "links": [ "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125633", "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635", "https://support.apple.com/en-us/125637", "https://support.apple.com/en-us/125638" ], "module": "Model I/O", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Tahoe" ], "credit": "Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative", "description": "An out-of-bounds access issue was addressed with improved bounds checking.", "id": "CVE-2025-43385", "impact": "Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory", "links": [ "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125633", "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635", "https://support.apple.com/en-us/125637", "https://support.apple.com/en-us/125638" ], "module": "Model I/O", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Tahoe" ], "credit": "Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative", "description": "An out-of-bounds access issue was addressed with improved bounds checking.", "id": "CVE-2025-43386", "impact": "Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory", "links": [ "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125633", "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125637", "https://support.apple.com/en-us/125638" ], "module": "Model I/O", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Tahoe" ], "credit": "an anonymous researcher", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-43387", "impact": "A malicious app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635" ], "module": "DiskArbitration", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe" ], "credit": "Mickey Jin (@patch1t)", "description": "An injection issue was addressed with improved validation.", "id": "CVE-2025-43388", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/125634" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Kirin (@Pwnrin)", "description": "A privacy issue was addressed by removing the vulnerable code.", "id": "CVE-2025-43389", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125633", "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635", "https://support.apple.com/en-us/125636", "https://support.apple.com/en-us/125638" ], "module": "Notes", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Tahoe" ], "credit": "Mickey Jin (@patch1t)", "description": "A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions.", "id": "CVE-2025-43390", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Asaf Cohen", "description": "A privacy issue was addressed with improved handling of temporary files.", "id": "CVE-2025-43391", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635", "https://support.apple.com/en-us/125636" ], "module": "Photos", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sonoma and macOS Sequoia", "macOS Tahoe" ], "bugzilla": "297566", "credit": "Tom Van Goethem", "description": "The issue was addressed with improved handling of caches.", "id": "CVE-2025-43392", "impact": "A website may exfiltrate image data cross-origin", "links": [ "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125633", "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125637", "https://support.apple.com/en-us/125638", "https://support.apple.com/en-us/125639", "https://support.apple.com/en-us/125640" ], "module": "WebKit Canvas", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe" ], "credit": "an anonymous researcher", "description": "A permissions issue was addressed with additional sandbox restrictions.", "id": "CVE-2025-43393", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/125634" ], "module": "quarantine", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Csaba Fitzl (@theevilbit) of Kandji", "description": "This issue was addressed with improved handling of symlinks.", "id": "CVE-2025-43394", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635", "https://support.apple.com/en-us/125636" ], "module": "bootp", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Csaba Fitzl (@theevilbit) of Kandji", "description": "This issue was addressed with improved handling of symlinks.", "id": "CVE-2025-43395", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635", "https://support.apple.com/en-us/125636" ], "module": "configd", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "an anonymous researcher", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2025-43396", "impact": "A sandboxed app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635", "https://support.apple.com/en-us/125636" ], "module": "Installer", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Csaba Fitzl (@theevilbit) of Kandji", "description": "A permissions issue was addressed by removing the vulnerable code.", "id": "CVE-2025-43397", "impact": "An app may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635", "https://support.apple.com/en-us/125636" ], "module": "SoftwareUpdate", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Cristian Dinca (icmd.tech)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2025-43398", "impact": "An app may be able to cause unexpected system termination", "links": [ "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125633", "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635", "https://support.apple.com/en-us/125636", "https://support.apple.com/en-us/125637", "https://support.apple.com/en-us/125638", "https://support.apple.com/en-us/125639" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Tahoe" ], "credit": "Kirin (@Pwnrin), Cristian Dinca (icmd.tech)", "description": "This issue was addressed with improved redaction of sensitive information.", "id": "CVE-2025-43399", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/125633", "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635" ], "module": "Siri", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Apple", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2025-43400", "impact": "Processing a maliciously crafted font may lead to unexpected app termination or corrupt process memory", "links": [ "https://support.apple.com/en-us/125326", "https://support.apple.com/en-us/125327", "https://support.apple.com/en-us/125328", "https://support.apple.com/en-us/125329", "https://support.apple.com/en-us/125330", "https://support.apple.com/en-us/125338", "https://support.apple.com/en-us/125637", "https://support.apple.com/en-us/125639" ], "module": "FontParser", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "\uc774\ub3d9\ud558 (Lee Dong Ha of BoB 14th), wac working with Trend Micro Zero Day Initiative", "description": "A denial-of-service issue was addressed with improved validation.", "id": "CVE-2025-43401", "impact": "A remote attacker may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635", "https://support.apple.com/en-us/125636" ], "module": "CoreAnimation", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe" ], "credit": "@cloudlldb of @pixiepointsec", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2025-43402", "impact": "An app may be able to cause unexpected system termination or corrupt process memory", "links": [ "https://support.apple.com/en-us/125634" ], "module": "WindowServer", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe" ], "credit": "Zhongquan Li (@Guluisacat)", "description": "A permissions issue was addressed with additional sandbox restrictions.", "id": "CVE-2025-43404", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/125634" ], "module": "Sandbox", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "an anonymous researcher", "description": "A permissions issue was addressed with additional sandbox restrictions.", "id": "CVE-2025-43405", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635", "https://support.apple.com/en-us/125636" ], "module": "Photos", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe" ], "credit": "Zhongquan Li (@Guluisacat)", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2025-43406", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/125634" ], "module": "Sandbox", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "JZ", "description": "This issue was addressed with improved entitlements.", "id": "CVE-2025-43407", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635", "https://support.apple.com/en-us/125636", "https://support.apple.com/en-us/125637", "https://support.apple.com/en-us/125638" ], "module": "Assets", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Vivek Dhar, ASI (RM) in Border Security Force, FTR HQ BSF Kashmir", "description": "This issue was addressed by restricting options offered on a locked device.", "id": "CVE-2025-43408", "impact": "An attacker with physical access may be able to access contacts from the lock screen", "links": [ "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635", "https://support.apple.com/en-us/125636" ], "module": "Share Sheet", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Tahoe" ], "credit": "an anonymous researcher, Kirin (@Pwnrin), Jonathan Bar Or (@yo_yo_yo_jbo) of Microsoft", "description": "A permissions issue was addressed with additional sandbox restrictions.", "id": "CVE-2025-43409", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635" ], "module": "Spotlight", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Atul R V", "description": "The issue was addressed with improved handling of caches.", "id": "CVE-2025-43410", "impact": "An attacker with physical access may be able to view deleted notes", "links": [ "https://support.apple.com/en-us/125635", "https://support.apple.com/en-us/125636", "https://support.apple.com/en-us/125886" ], "module": "Notes", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "an anonymous researcher", "description": "This issue was addressed with additional entitlement checks.", "id": "CVE-2025-43411", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635", "https://support.apple.com/en-us/125636" ], "module": "PackageKit", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Mickey Jin (@patch1t)", "description": "A file quarantine bypass was addressed with additional checks.", "id": "CVE-2025-43412", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635", "https://support.apple.com/en-us/125636" ], "module": "TCC", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Dave G. and Alex Radocea of supernetworks.org", "description": "An access issue was addressed with additional sandbox restrictions.", "id": "CVE-2025-43413", "impact": "A sandboxed app may be able to observe system-wide network connections", "links": [ "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635", "https://support.apple.com/en-us/125636", "https://support.apple.com/en-us/125637", "https://support.apple.com/en-us/125638", "https://support.apple.com/en-us/125639" ], "module": "libxpc", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "an anonymous researcher", "description": "A permissions issue was addressed with improved validation.", "id": "CVE-2025-43414", "impact": "A shortcut may be able to access files that are normally inaccessible to the Shortcuts app", "links": [ "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635", "https://support.apple.com/en-us/125636" ], "module": "Shortcuts", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Gergely Kalman (@gergely_kalman)", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2025-43416", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/125886", "https://support.apple.com/en-us/125887", "https://support.apple.com/en-us/125888" ], "module": "sudo", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe" ], "credit": "Ron Elemans", "description": "A path handling issue was addressed with improved logic.", "id": "CVE-2025-43417", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/125886" ], "module": "File Bookmark", "rsr": "", "update": "February 11, 2026" }, { "available": [ "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Dalibor Milanovic", "description": "This issue was addressed by restricting options offered on a locked device.", "id": "CVE-2025-43418", "impact": "An attacker with physical access to a locked device may be able to view sensitive user information", "links": [ "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125633" ], "module": "Spotlight", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Sonoma and macOS Sequoia" ], "bugzilla": "293895", "credit": "Ignacio Sanmillan (@ulexec)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2025-43419", "impact": "Processing maliciously crafted web content may lead to memory corruption", "links": [ "https://support.apple.com/en-us/125108", "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125113", "https://support.apple.com/en-us/125114", "https://support.apple.com/en-us/125115", "https://support.apple.com/en-us/125116" ], "module": "WebKit", "rsr": "", "update": "November 3, 2025" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Rodolphe BRUNETTI (@eisw0lf) of Lupus Nova", "description": "A race condition was addressed with improved state handling.", "id": "CVE-2025-43420", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635", "https://support.apple.com/en-us/125636" ], "module": "Dock", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Sonoma and macOS Sequoia", "macOS Tahoe" ], "bugzilla": "300718", "credit": "Nan Wang (@eternalsakura13)", "description": "Multiple issues were addressed by disabling array allocation sinking.", "id": "CVE-2025-43421", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125638", "https://support.apple.com/en-us/125640" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 11 and later" ], "credit": "Will Caine", "description": "The issue was addressed by adding additional logic.", "id": "CVE-2025-43422", "impact": "An attacker with physical access to a device may be able to disable Stolen Device Protection", "links": [ "https://support.apple.com/en-us/125632" ], "module": "Stolen Device Protection", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Tahoe" ], "credit": "Duy Tr\u1ea7n (@khanhduytran0)", "description": "A logging issue was addressed with improved data redaction.", "id": "CVE-2025-43423", "impact": "An attacker with physical access to an unlocked device paired with a Mac may be able to view sensitive user information in system logging", "links": [ "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125633", "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635", "https://support.apple.com/en-us/125638" ], "module": "Audio", "rsr": "", "update": "" }, { "available": [ "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Tahoe" ], "credit": "Google Threat Analysis Group", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2025-43424", "impact": "A malicious HID device may cause an unexpected process crash", "links": [ "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125634" ], "module": "Multi-Touch", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Sonoma and macOS Sequoia", "macOS Tahoe" ], "bugzilla": "298851", "credit": "an anonymous researcher", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2025-43425", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125637", "https://support.apple.com/en-us/125638", "https://support.apple.com/en-us/125639", "https://support.apple.com/en-us/125640" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Tahoe" ], "credit": "Wojciech Regula of SecuRing (wojciechregula.blog), Kirin (@Pwnrin) and LFY (@secsys) from Fudan University", "description": "A logging issue was addressed with improved data redaction.", "id": "CVE-2025-43426", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125634" ], "module": "Contacts", "rsr": "", "update": "December 12, 2025" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Sonoma and macOS Sequoia", "macOS Tahoe" ], "bugzilla": "298628", "credit": "Gary Kwong, rheza (@ginggilBesel)", "description": "This issue was addressed through improved state management.", "id": "CVE-2025-43427", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125637", "https://support.apple.com/en-us/125638", "https://support.apple.com/en-us/125640" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Tahoe" ], "credit": "an anonymous researcher, Michael Schmutzer of Technische Hochschule Ingolstadt", "description": "A configuration issue was addressed with additional restrictions.", "id": "CVE-2025-43428", "impact": "Photos in the Hidden Photos Album may be viewed without authentication", "links": [ "https://support.apple.com/en-us/125884", "https://support.apple.com/en-us/125886", "https://support.apple.com/en-us/125891" ], "module": "Photos", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sonoma and macOS Sequoia", "macOS Tahoe" ], "bugzilla": "298232", "credit": "Google Big Sleep", "description": "A buffer overflow was addressed with improved bounds checking.", "id": "CVE-2025-43429", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125633", "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125637", "https://support.apple.com/en-us/125638", "https://support.apple.com/en-us/125639", "https://support.apple.com/en-us/125640" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Sonoma and macOS Sequoia", "macOS Tahoe" ], "bugzilla": "298196", "credit": "Google Big Sleep", "description": "This issue was addressed through improved state management.", "id": "CVE-2025-43430", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125637", "https://support.apple.com/en-us/125638", "https://support.apple.com/en-us/125639", "https://support.apple.com/en-us/125640" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sonoma and macOS Sequoia", "macOS Tahoe" ], "bugzilla": "298194", "credit": "Google Big Sleep", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2025-43431", "impact": "Processing maliciously crafted web content may lead to memory corruption", "links": [ "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125633", "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125637", "https://support.apple.com/en-us/125638", "https://support.apple.com/en-us/125639", "https://support.apple.com/en-us/125640" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Sonoma and macOS Sequoia", "macOS Tahoe" ], "bugzilla": "299313", "credit": "Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative", "description": "A use-after-free issue was addressed with improved memory management.", "id": "CVE-2025-43432", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125637", "https://support.apple.com/en-us/125638", "https://support.apple.com/en-us/125639", "https://support.apple.com/en-us/125640" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sonoma and macOS Sequoia", "macOS Tahoe" ], "bugzilla": "298093", "credit": "Google Big Sleep", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2025-43433", "impact": "Processing maliciously crafted web content may lead to memory corruption", "links": [ "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125633", "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125637", "https://support.apple.com/en-us/125638", "https://support.apple.com/en-us/125639", "https://support.apple.com/en-us/125640" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sonoma and macOS Sequoia", "macOS Tahoe" ], "bugzilla": "297958", "credit": "Google Big Sleep", "description": "A use-after-free issue was addressed with improved memory management.", "id": "CVE-2025-43434", "impact": "Processing maliciously crafted web content may lead to an unexpected Safari crash", "links": [ "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125633", "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125638", "https://support.apple.com/en-us/125639", "https://support.apple.com/en-us/125640" ], "module": "WebKit", "rsr": "", "update": "December 12, 2025" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sonoma and macOS Sequoia", "macOS Tahoe" ], "bugzilla": "299391", "credit": "Justin Cohen of Google", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2025-43435", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125633", "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125637", "https://support.apple.com/en-us/125638", "https://support.apple.com/en-us/125639", "https://support.apple.com/en-us/125640" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Tahoe" ], "credit": "Zhongcheng Li from IES Red Team of ByteDance", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-43436", "impact": "An app may be able to enumerate a user's installed apps", "links": [ "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125637", "https://support.apple.com/en-us/125638", "https://support.apple.com/en-us/125639" ], "module": "CoreServices", "rsr": "", "update": "" }, { "available": [ "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later" ], "credit": "Rosyna Keller of Totally Not Malicious Software", "description": "An information disclosure issue was addressed with improved privacy controls.", "id": "CVE-2025-43437", "impact": "An app may be able to fingerprint the user", "links": [ "https://support.apple.com/en-us/125632" ], "module": "Managed Configuration", "rsr": "", "update": "December 12, 2025" }, { "available": [ "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sonoma and macOS Sequoia", "macOS Tahoe" ], "bugzilla": "297662", "credit": "rheza (@ginggilBesel), shandikri working with Trend Micro Zero Day Initiative", "description": "A use-after-free issue was addressed with improved memory management.", "id": "CVE-2025-43438", "impact": "Processing maliciously crafted web content may lead to an unexpected Safari crash", "links": [ "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125633", "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125638", "https://support.apple.com/en-us/125639", "https://support.apple.com/en-us/125640" ], "module": "WebKit", "rsr": "", "update": "December 12, 2025" }, { "available": [ "Apple Vision Pro (all models)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Zhongcheng Li from IES Red Team of ByteDance", "description": "A privacy issue was addressed by removing sensitive data.", "id": "CVE-2025-43439", "impact": "An app may be able to fingerprint the user", "links": [ "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125633", "https://support.apple.com/en-us/125638" ], "module": "On-device Intelligence", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Sonoma and macOS Sequoia", "macOS Tahoe" ], "bugzilla": "298126", "credit": "Nan Wang (@eternalsakura13)", "description": "This issue was addressed with improved checks", "id": "CVE-2025-43440", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125637", "https://support.apple.com/en-us/125638", "https://support.apple.com/en-us/125639", "https://support.apple.com/en-us/125640" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sonoma and macOS Sequoia", "macOS Tahoe" ], "bugzilla": "298496", "credit": "rheza (@ginggilBesel)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2025-43441", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125633", "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125637", "https://support.apple.com/en-us/125638", "https://support.apple.com/en-us/125640" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Zhongcheng Li from IES Red Team of ByteDance", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-43442", "impact": "An app may be able to identify what other apps a user has installed", "links": [ "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125633" ], "module": "Accessibility", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sonoma and macOS Sequoia", "macOS Tahoe" ], "bugzilla": "299843", "credit": "an anonymous researcher", "description": "This issue was addressed with improved checks.", "id": "CVE-2025-43443", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125633", "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125637", "https://support.apple.com/en-us/125638", "https://support.apple.com/en-us/125639", "https://support.apple.com/en-us/125640" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Tahoe" ], "credit": "Zhongcheng Li from IES Red Team of ByteDance", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-43444", "impact": "An app may be able to fingerprint the user", "links": [ "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125633", "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125637", "https://support.apple.com/en-us/125638", "https://support.apple.com/en-us/125639" ], "module": "App Store", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2025-43445", "impact": "Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory", "links": [ "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125633", "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635", "https://support.apple.com/en-us/125636", "https://support.apple.com/en-us/125637", "https://support.apple.com/en-us/125638", "https://support.apple.com/en-us/125639" ], "module": "CoreText", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Zhongcheng Li from IES Red Team of ByteDance", "description": "This issue was addressed with improved validation of symlinks.", "id": "CVE-2025-43446", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635", "https://support.apple.com/en-us/125636" ], "module": "Assets", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "Apple Watch Series 9 and later, Apple Watch SE 2nd generation, Apple Watch Ultra (all models)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Tahoe" ], "credit": "an anonymous researcher", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2025-43447", "impact": "An app may be able to cause unexpected system termination or corrupt kernel memory", "links": [ "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125638", "https://support.apple.com/en-us/125639" ], "module": "Apple Neural Engine", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Hikerell (Loadshine Lab)", "description": "This issue was addressed with improved validation of symlinks.", "id": "CVE-2025-43448", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125633", "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635", "https://support.apple.com/en-us/125636", "https://support.apple.com/en-us/125637", "https://support.apple.com/en-us/125638", "https://support.apple.com/en-us/125639" ], "module": "CloudKit", "rsr": "", "update": "" }, { "available": [ "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later" ], "credit": "Rosyna Keller of Totally Not Malicious Software", "description": "The issue was addressed with improved handling of caches.", "id": "CVE-2025-43449", "impact": "A malicious app may be able to track users between installs", "links": [ "https://support.apple.com/en-us/125632" ], "module": "Apple TV Remote", "rsr": "", "update": "" }, { "available": [ "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Dennis Briner", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2025-43450", "impact": "An app may be able to learn information about the current camera view before being granted camera access", "links": [ "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125633" ], "module": "Camera", "rsr": "", "update": "" }, { "available": [ "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later" ], "credit": "Thomas Salomon, Sufiyan Gouri (TU Darmstadt), Phil Scott (@MrPeriPeri) & Richard Hyunho Im (@richeeta), Mark Bowers, Joey Hewitt, Dylan Rollins, Arthur Baudoin, an anonymous researcher, Andr.Ess, Mikael Kinnman", "description": "This issue was addressed by restricting options offered on a locked device.", "id": "CVE-2025-43452", "impact": "Keyboard suggestions may display sensitive information on the lock screen", "links": [ "https://support.apple.com/en-us/125632" ], "module": "Text Input", "rsr": "", "update": "December 12, 2025" }, { "available": [ "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Joshua Thomas", "description": "This issue was addressed through improved state management.", "id": "CVE-2025-43454", "impact": "A device may persistently fail to lock", "links": [ "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125633" ], "module": "Siri", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Tahoe" ], "credit": "Ron Masas of BreakPoint.SH, Pinak Oza", "description": "A privacy issue was addressed with improved checks.", "id": "CVE-2025-43455", "impact": "A malicious app may be able to take a screenshot of sensitive information in embedded views", "links": [ "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125638", "https://support.apple.com/en-us/125639" ], "module": "Apple Account", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Sonoma and macOS Sequoia", "macOS Tahoe" ], "bugzilla": "298606", "credit": "Gary Kwong, Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative", "description": "A use-after-free issue was addressed with improved memory management.", "id": "CVE-2025-43457", "impact": "Processing maliciously crafted web content may lead to an unexpected Safari crash", "links": [ "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125638", "https://support.apple.com/en-us/125639", "https://support.apple.com/en-us/125640" ], "module": "WebKit", "rsr": "", "update": "December 12, 2025" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sonoma and macOS Sequoia", "macOS Tahoe" ], "bugzilla": "296693", "credit": "Phil Beauvoir", "description": "This issue was addressed through improved state management.", "id": "CVE-2025-43458", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125633", "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125637", "https://support.apple.com/en-us/125638", "https://support.apple.com/en-us/125639", "https://support.apple.com/en-us/125640" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 6 and later" ], "credit": "Dalibor Milanovic", "description": "An authentication issue was addressed with improved state management.", "id": "CVE-2025-43459", "impact": "An attacker with physical access to a locked Apple Watch may be able to view Live Voicemail", "links": [ "https://support.apple.com/en-us/125639" ], "module": "Phone", "rsr": "", "update": "" }, { "available": [ "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later" ], "credit": "Isaiah Wan", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2025-43460", "impact": "An attacker with physical access to a locked device may be able to view sensitive user information", "links": [ "https://support.apple.com/en-us/125632" ], "module": "Status Bar", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe" ], "credit": "Csaba Fitzl (@theevilbit) of Kandji", "description": "This issue was addressed with improved validation of symlinks.", "id": "CVE-2025-43461", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/125634" ], "module": "configd", "rsr": "", "update": "" }, { "available": [ "Apple TV 4K (2nd generation and later)", "Apple Vision Pro (all models)", "Apple Watch Series 9 and later, Apple Watch SE 2nd generation, Apple Watch Ultra (all models)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Tahoe" ], "credit": "an anonymous researcher", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2025-43462", "impact": "An app may be able to cause unexpected system termination or corrupt kernel memory", "links": [ "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125637", "https://support.apple.com/en-us/125638", "https://support.apple.com/en-us/125639" ], "module": "Apple Neural Engine", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Mickey Jin (@patch1t), Amy (@asentientbot)", "description": "A parsing issue in the handling of directory paths was addressed with improved path validation.", "id": "CVE-2025-43463", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125887", "https://support.apple.com/en-us/125888" ], "module": "StorageKit", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe" ], "credit": "Duy Tr\u1ea7n (@khanhduytran0), @EthanArbuckle", "description": "A denial-of-service issue was addressed with improved input validation.", "id": "CVE-2025-43464", "impact": "Visiting a website may lead to an app denial-of-service", "links": [ "https://support.apple.com/en-us/125634" ], "module": "dyld", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe" ], "credit": "an anonymous researcher", "description": "A parsing issue in the handling of directory paths was addressed with improved path validation.", "id": "CVE-2025-43465", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/125634" ], "module": "ATS", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe" ], "credit": "Mickey Jin (@patch1t)", "description": "An injection issue was addressed with improved validation.", "id": "CVE-2025-43466", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/125634" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed with improved checks.", "id": "CVE-2025-43467", "impact": "An app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/125634" ], "module": "Installer", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Mickey Jin (@patch1t)", "description": "A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions.", "id": "CVE-2025-43468", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635", "https://support.apple.com/en-us/125636" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Mickey Jin (@patch1t)", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-43469", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635", "https://support.apple.com/en-us/125636" ], "module": "NSSpellChecker", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe" ], "credit": "Kenneth Chew", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-43470", "impact": "A standard user may be able to view files made from a disk image belonging to an administrator", "links": [ "https://support.apple.com/en-us/125634" ], "module": "Disk Images", "rsr": "", "update": "December 12, 2025" }, { "available": [ "macOS Tahoe" ], "credit": "Gergely Kalman (@gergely_kalman)", "description": "The issue was addressed with improved checks.", "id": "CVE-2025-43471", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/125634" ], "module": "Admin Framework", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Morris Richman (@morrisinlife)", "description": "A validation issue was addressed with improved input sanitization.", "id": "CVE-2025-43472", "impact": "An app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635", "https://support.apple.com/en-us/125636" ], "module": "zsh", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe" ], "credit": "Kirin (@Pwnrin)", "description": "This issue was addressed with improved state management.", "id": "CVE-2025-43473", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/125634" ], "module": "Shortcuts", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Murray Mike", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2025-43474", "impact": "An app may be able to cause unexpected system termination or read kernel memory", "links": [ "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635", "https://support.apple.com/en-us/125636" ], "module": "GPU Drivers", "rsr": "", "update": "" }, { "available": [ "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later" ], "credit": "Rosyna Keller of Totally Not Malicious Software", "description": "A logging issue was addressed with improved data redaction.", "id": "CVE-2025-43475", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/125884" ], "module": "MediaExperience", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Mickey Jin (@patch1t)", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-43476", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635", "https://support.apple.com/en-us/125636" ], "module": "SharedFileList", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Kirin (@Pwnrin)", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2025-43477", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635", "https://support.apple.com/en-us/125636" ], "module": "Siri", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Joseph Ravichandran (@0xjprx) of MIT CSAIL, Dave G. (supernetworks.org)", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2025-43478", "impact": "An app may be able to cause unexpected system termination", "links": [ "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635", "https://support.apple.com/en-us/125636" ], "module": "ASP TCP", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "an anonymous researcher", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-43479", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635", "https://support.apple.com/en-us/125636" ], "module": "CoreServices", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Sonoma and macOS Sequoia", "macOS Tahoe" ], "bugzilla": "276208", "credit": "Aleksejs Popovs", "description": "The issue was addressed with improved checks.", "id": "CVE-2025-43480", "impact": "A malicious website may exfiltrate data cross-origin", "links": [ "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125637", "https://support.apple.com/en-us/125638", "https://support.apple.com/en-us/125639", "https://support.apple.com/en-us/125640" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Tahoe" ], "credit": "Adwiteeya Agrawal, Mickey Jin (@patch1t), and an anonymous researcher", "description": "This issue was addressed with improved checks.", "id": "CVE-2025-43481", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635" ], "module": "Disk Images", "rsr": "", "update": "December 12, 2025" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Jex Amro, Michael Reeves (@IntegralPilot)", "description": "The issue was addressed with improved input validation.", "id": "CVE-2025-43482", "impact": "An app may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/125886", "https://support.apple.com/en-us/125887", "https://support.apple.com/en-us/125888" ], "module": "Audio", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sonoma and macOS Sequoia", "macOS Tahoe" ], "credit": "@RenwaX23", "description": "The issue was addressed with improved checks.", "id": "CVE-2025-43493", "impact": "Visiting a malicious website may lead to address bar spoofing", "links": [ "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125633", "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125638", "https://support.apple.com/en-us/125640" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Taavi Eom\u00e4e of Zone Media (zone.ee)", "description": "A mail header parsing issue was addressed with improved checks.", "id": "CVE-2025-43494", "impact": "An attacker may be able to cause a persistent denial-of-service", "links": [ "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125633", "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635", "https://support.apple.com/en-us/125636", "https://support.apple.com/en-us/125638", "https://support.apple.com/en-us/125639" ], "module": "Mail", "rsr": "", "update": "December 12, 2025" }, { "available": [ "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "bugzilla": "300095", "credit": "Lehan Dilusha Jayasinghe", "description": "The issue was addressed with improved checks.", "id": "CVE-2025-43495", "impact": "An app may be able to monitor keystrokes without user permission", "links": [ "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125633" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Tahoe" ], "credit": "Romain Lebesle, Himanshu Bharti @Xpl0itme From Khatima", "description": "The issue was addressed by adding additional logic.", "id": "CVE-2025-43496", "impact": "Remote content may be loaded even when the 'Load Remote Images' setting is turned off", "links": [ "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125633", "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635", "https://support.apple.com/en-us/125638", "https://support.apple.com/en-us/125639" ], "module": "Mail", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe" ], "credit": "an anonymous researcher", "description": "An access issue was addressed with additional sandbox restrictions.", "id": "CVE-2025-43497", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/125634" ], "module": "BackBoardServices", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "pattern-f (@pattern_F_)", "description": "An authorization issue was addressed with improved state management.", "id": "CVE-2025-43498", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635", "https://support.apple.com/en-us/125636", "https://support.apple.com/en-us/125638" ], "module": "FileProvider", "rsr": "", "update": "" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "an anonymous researcher", "description": "This issue was addressed with additional entitlement checks.", "id": "CVE-2025-43499", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/125633", "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635", "https://support.apple.com/en-us/125636" ], "module": "Shortcuts", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Tahoe" ], "credit": "Stanislav Jelezoglo", "description": "A privacy issue was addressed with improved handling of user preferences.", "id": "CVE-2025-43500", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125638", "https://support.apple.com/en-us/125639" ], "module": "Sandbox Profiles", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sonoma and macOS Sequoia", "macOS Tahoe" ], "bugzilla": "301371", "credit": "Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2025-43501", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/125884", "https://support.apple.com/en-us/125885", "https://support.apple.com/en-us/125886", "https://support.apple.com/en-us/125891", "https://support.apple.com/en-us/125892" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Sonoma and macOS Sequoia", "macOS Tahoe" ], "credit": "an anonymous researcher", "description": "A privacy issue was addressed by removing sensitive data.", "id": "CVE-2025-43502", "impact": "An app may be able to bypass certain Privacy preferences", "links": [ "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125638", "https://support.apple.com/en-us/125640" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sonoma and macOS Sequoia", "macOS Tahoe" ], "credit": "@RenwaX23", "description": "An inconsistent user interface issue was addressed with improved state management.", "id": "CVE-2025-43503", "impact": "Visiting a malicious website may lead to user interface spoofing", "links": [ "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125633", "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125638", "https://support.apple.com/en-us/125639", "https://support.apple.com/en-us/125640" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia 15.6 and later" ], "credit": "Nathaniel Oh (@calysteon)", "description": "A buffer overflow was addressed with improved bounds checking.", "id": "CVE-2025-43504", "impact": "A user in a privileged network position may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/125641" ], "module": "lldb", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia 15.6 and later" ], "credit": "Nathaniel Oh (@calysteon)", "description": "An out-of-bounds write issue was addressed with improved input validation.", "id": "CVE-2025-43505", "impact": "Processing a maliciously crafted file may lead to heap corruption", "links": [ "https://support.apple.com/en-us/125641" ], "module": "GNU", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe" ], "credit": "Doug Hogan", "description": "A logic error was addressed with improved error handling.", "id": "CVE-2025-43506", "impact": "iCloud Private Relay may not activate when more than one user is logged in at the same time", "links": [ "https://support.apple.com/en-us/125634" ], "module": "Networking", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Tahoe" ], "credit": "iisBuri", "description": "A privacy issue was addressed by moving sensitive data.", "id": "CVE-2025-43507", "impact": "An app may be able to fingerprint the user", "links": [ "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125633", "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125638", "https://support.apple.com/en-us/125639" ], "module": "Find My", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe" ], "credit": "Wojciech Regula of SecuRing (wojciechregula.blog)", "description": "A logging issue was addressed with improved data redaction.", "id": "CVE-2025-43508", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/125634" ], "module": "Phone", "rsr": "", "update": "January 16, 2026" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Haoling Zhou, Shixuan Zhao (@NSKernel), Chao Wang (@evi0s), Zhiqiang Lin from SecLab of The Ohio State University", "description": "This issue was addressed with improved data protection.", "id": "CVE-2025-43509", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/125886", "https://support.apple.com/en-us/125887", "https://support.apple.com/en-us/125888" ], "module": "Networking", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Apple", "description": "A memory corruption issue was addressed with improved lock state checking.", "id": "CVE-2025-43510", "impact": "A malicious application may cause unexpected changes in memory shared between processes", "links": [ "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125633", "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635", "https://support.apple.com/en-us/125636", "https://support.apple.com/en-us/125637", "https://support.apple.com/en-us/125638", "https://support.apple.com/en-us/125639" ], "module": "Kernel", "rsr": "", "update": "December 12, 2025" }, { "available": [ "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sonoma and macOS Sequoia", "macOS Tahoe" ], "bugzilla": "300926", "credit": "\uc774\ub3d9\ud558 (Lee Dong Ha of BoB 14th)", "description": "A use-after-free issue was addressed with improved memory management.", "id": "CVE-2025-43511", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/125633", "https://support.apple.com/en-us/125884", "https://support.apple.com/en-us/125886", "https://support.apple.com/en-us/125890", "https://support.apple.com/en-us/125891", "https://support.apple.com/en-us/125892" ], "module": "WebKit Web Inspector", "rsr": "", "update": "" }, { "available": [ "iPhone XS, iPhone XS Max, iPhone XR, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Andreas Jaegersberger & Ro Achterberg of Nosebeard Labs", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2025-43512", "impact": "An app may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/125885", "https://support.apple.com/en-us/125886", "https://support.apple.com/en-us/125887", "https://support.apple.com/en-us/125888" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Andreas Jaegersberger & Ro Achterberg of Nosebeard Labs", "description": "A permissions issue was addressed by removing the vulnerable code.", "id": "CVE-2025-43513", "impact": "An app may be able to read sensitive location information", "links": [ "https://support.apple.com/en-us/125886", "https://support.apple.com/en-us/125887", "https://support.apple.com/en-us/125888" ], "module": "MDM Configuration Tools", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe" ], "credit": "Morris Richman (@morrisinlife)", "description": "The issue was addressed with improved handling of caches.", "id": "CVE-2025-43514", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/125886" ], "module": "Siri", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia 15.6 and later" ], "credit": "CodeColorist and Pedro T\u00f4rres(@t0rr3sp3dr0)", "description": "The issue was addressed by refusing external connections by default.", "id": "CVE-2025-43515", "impact": "An unauthenticated user on the same network as a Compressor server may be able to execute arbitrary code", "links": [ "https://support.apple.com/en-us/125693" ], "module": "Compressor", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Kay Belardinelli (Harvard University)", "description": "A session management issue was addressed with improved checks.", "id": "CVE-2025-43516", "impact": "A user with Voice Control enabled may be able to transcribe another user's activity", "links": [ "https://support.apple.com/en-us/125886", "https://support.apple.com/en-us/125887", "https://support.apple.com/en-us/125888" ], "module": "Voice Control", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Wojciech Regula of SecuRing (wojciechregula.blog)", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2025-43517", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/125886", "https://support.apple.com/en-us/125887", "https://support.apple.com/en-us/125888" ], "module": "Call History", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Noah Gregory (wts.dev)", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2025-43518", "impact": "An app may be able to inappropriately access files through the spellcheck API", "links": [ "https://support.apple.com/en-us/125884", "https://support.apple.com/en-us/125886", "https://support.apple.com/en-us/125887", "https://support.apple.com/en-us/125888", "https://support.apple.com/en-us/125890" ], "module": "Foundation", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "an anonymous researcher", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-43519", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/125886", "https://support.apple.com/en-us/125887", "https://support.apple.com/en-us/125888" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Apple", "description": "A memory corruption issue was addressed with improved memory handling.", "id": "CVE-2025-43520", "impact": "A malicious application may be able to cause unexpected system termination or write kernel memory", "links": [ "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125633", "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635", "https://support.apple.com/en-us/125636", "https://support.apple.com/en-us/125637", "https://support.apple.com/en-us/125638", "https://support.apple.com/en-us/125639" ], "module": "Kernel", "rsr": "", "update": "December 12, 2025" }, { "available": [ "macOS Sequoia", "macOS Tahoe" ], "credit": "an anonymous researcher", "description": "A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions.", "id": "CVE-2025-43521", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/125886", "https://support.apple.com/en-us/125887" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Tahoe" ], "credit": "an anonymous researcher", "description": "A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions.", "id": "CVE-2025-43522", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/125886", "https://support.apple.com/en-us/125887" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Tahoe" ], "credit": "an anonymous researcher", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-43523", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/125886", "https://support.apple.com/en-us/125887" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma and macOS Sequoia", "macOS Tahoe" ], "credit": "Andreas Jaegersberger & Ro Achterberg of Nosebeard Labs", "description": "This issue was addressed with improved URL validation.", "id": "CVE-2025-43526", "impact": "On a Mac with Lockdown Mode enabled, web content opened via a file URL may be able to use Web APIs that should be restricted", "links": [ "https://support.apple.com/en-us/125886", "https://support.apple.com/en-us/125892" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Tahoe" ], "credit": "an anonymous researcher", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-43527", "impact": "An app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/125886", "https://support.apple.com/en-us/125887" ], "module": "StorageKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sonoma and macOS Sequoia", "macOS Tahoe" ], "bugzilla": "302502", "credit": "Google Threat Analysis Group", "description": "A use-after-free issue was addressed with improved memory management.", "id": "CVE-2025-43529", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26. CVE-2025-14174 was also issued in response to this report.", "links": [ "https://support.apple.com/en-us/125884", "https://support.apple.com/en-us/125885", "https://support.apple.com/en-us/125886", "https://support.apple.com/en-us/125889", "https://support.apple.com/en-us/125890", "https://support.apple.com/en-us/125891", "https://support.apple.com/en-us/125892" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone XS, iPhone XS Max, iPhone XR, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed with improved checks.", "id": "CVE-2025-43530", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/125885", "https://support.apple.com/en-us/125886", "https://support.apple.com/en-us/125887", "https://support.apple.com/en-us/125888" ], "module": "Settings", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sonoma and macOS Sequoia", "macOS Tahoe" ], "bugzilla": "301940", "credit": "Phil Pizlo of Epic Games", "description": "A race condition was addressed with improved state handling.", "id": "CVE-2025-43531", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/125884", "https://support.apple.com/en-us/125885", "https://support.apple.com/en-us/125886", "https://support.apple.com/en-us/125889", "https://support.apple.com/en-us/125890", "https://support.apple.com/en-us/125891", "https://support.apple.com/en-us/125892" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Andrew Calvano and Lucas Pinheiro of Meta Product Security", "description": "A memory corruption issue was addressed with improved bounds checking.", "id": "CVE-2025-43532", "impact": "Processing malicious data may lead to unexpected app termination", "links": [ "https://support.apple.com/en-us/125884", "https://support.apple.com/en-us/125885", "https://support.apple.com/en-us/125886", "https://support.apple.com/en-us/125887", "https://support.apple.com/en-us/125888", "https://support.apple.com/en-us/125889", "https://support.apple.com/en-us/125890", "https://support.apple.com/en-us/125891" ], "module": "Foundation", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Tahoe" ], "credit": "Google Threat Analysis Group", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2025-43533", "impact": "A malicious HID device may cause an unexpected process crash", "links": [ "https://support.apple.com/en-us/125884", "https://support.apple.com/en-us/125886", "https://support.apple.com/en-us/125889", "https://support.apple.com/en-us/125890", "https://support.apple.com/en-us/125891" ], "module": "Multi-Touch", "rsr": "", "update": "February 11, 2026" }, { "available": [ "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later" ], "credit": "iG0x72 and JJ of XiguaSec, Lehan Dilusha Jayasinghe", "description": "A path handling issue was addressed with improved validation.", "id": "CVE-2025-43534", "impact": "A user with physical access to an iOS device may be able to bypass Activation Lock", "links": [ "https://support.apple.com/en-us/125884" ], "module": "iTunes Store", "rsr": "", "update": "March 24, 2026" }, { "available": [ "Apple Vision Pro (all models)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sonoma and macOS Sequoia", "macOS Tahoe" ], "bugzilla": "300774", "credit": "Google Big Sleep, Nan Wang (@eternalsakura13)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2025-43535", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/125884", "https://support.apple.com/en-us/125885", "https://support.apple.com/en-us/125886", "https://support.apple.com/en-us/125891", "https://support.apple.com/en-us/125892" ], "module": "WebKit", "rsr": "", "update": "January 9, 2026" }, { "available": [ "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sonoma and macOS Sequoia", "macOS Tahoe" ], "bugzilla": "301726", "credit": "Nan Wang (@eternalsakura13)", "description": "A use-after-free issue was addressed with improved memory management.", "id": "CVE-2025-43536", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/125884", "https://support.apple.com/en-us/125885", "https://support.apple.com/en-us/125886", "https://support.apple.com/en-us/125892" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later" ], "credit": "piffz, Daniel Nurkin, Al Sadman Awal, Mohamed Hamdadou & Mahran Alhazmi, Hichem Maloufi, Christian Mina, Gerson Aldaz, qwerty j0y & Ricardo Garcia, Dorian Del Valle", "description": "A path handling issue was addressed with improved validation.", "id": "CVE-2025-43537", "impact": "Restoring a maliciously crafted backup file may lead to modification of protected system files", "links": [ "https://support.apple.com/en-us/125884" ], "module": "Books", "rsr": "", "update": "February 11, 2026, updated March 24, 2026" }, { "available": [ "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sonoma", "macOS Tahoe" ], "credit": "Iv\u00e1n Savransky", "description": "A logging issue was addressed with improved data redaction.", "id": "CVE-2025-43538", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/125884", "https://support.apple.com/en-us/125885", "https://support.apple.com/en-us/125886", "https://support.apple.com/en-us/125888", "https://support.apple.com/en-us/125890", "https://support.apple.com/en-us/125891" ], "module": "Screen Time", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Michael Reeves (@IntegralPilot)", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2025-43539", "impact": "Processing a file may lead to memory corruption", "links": [ "https://support.apple.com/en-us/125884", "https://support.apple.com/en-us/125885", "https://support.apple.com/en-us/125886", "https://support.apple.com/en-us/125887", "https://support.apple.com/en-us/125888", "https://support.apple.com/en-us/125889", "https://support.apple.com/en-us/125890", "https://support.apple.com/en-us/125891" ], "module": "AppleJPEG", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sonoma and macOS Sequoia", "macOS Tahoe" ], "bugzilla": "301257", "credit": "Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative", "description": "A type confusion issue was addressed with improved state handling.", "id": "CVE-2025-43541", "impact": "Processing maliciously crafted web content may lead to an unexpected Safari crash", "links": [ "https://support.apple.com/en-us/125884", "https://support.apple.com/en-us/125885", "https://support.apple.com/en-us/125886", "https://support.apple.com/en-us/125891", "https://support.apple.com/en-us/125892" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Tahoe" ], "credit": "Yi\u011fit Ocak", "description": "This issue was addressed with improved state management.", "id": "CVE-2025-43542", "impact": "Password fields may be unintentionally revealed when remotely controlling a device over FaceTime", "links": [ "https://support.apple.com/en-us/125884", "https://support.apple.com/en-us/125885", "https://support.apple.com/en-us/125886", "https://support.apple.com/en-us/125887", "https://support.apple.com/en-us/125891" ], "module": "FaceTime", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Rosyna Keller of Totally Not Malicious Software", "description": "An information disclosure issue was addressed with improved privacy controls.", "id": "CVE-2025-46276", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/125884", "https://support.apple.com/en-us/125885", "https://support.apple.com/en-us/125886", "https://support.apple.com/en-us/125887", "https://support.apple.com/en-us/125888", "https://support.apple.com/en-us/125890", "https://support.apple.com/en-us/125891" ], "module": "Messages", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Tahoe" ], "credit": "Kirin (@Pwnrin)", "description": "A logging issue was addressed with improved data redaction.", "id": "CVE-2025-46277", "impact": "An app may be able to access a user\u2019s Safari history", "links": [ "https://support.apple.com/en-us/125884", "https://support.apple.com/en-us/125886", "https://support.apple.com/en-us/125890" ], "module": "Screen Time", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe" ], "credit": "Kirin (@Pwnrin) and LFY (@secsys) of Fudan University", "description": "The issue was addressed with improved handling of caches.", "id": "CVE-2025-46278", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/125886" ], "module": "Game Center", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Tahoe" ], "credit": "Duy Tr\u1ea7n (@khanhduytran0)", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-46279", "impact": "An app may be able to identify what other apps a user has installed", "links": [ "https://support.apple.com/en-us/125884", "https://support.apple.com/en-us/125885", "https://support.apple.com/en-us/125886", "https://support.apple.com/en-us/125889", "https://support.apple.com/en-us/125890", "https://support.apple.com/en-us/125891" ], "module": "Icons", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe" ], "credit": "an anonymous researcher", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2025-46281", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/125886" ], "module": "File Bookmark", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma and macOS Sequoia", "macOS Tahoe" ], "bugzilla": "295941", "credit": "Wojciech Regula of SecuRing (wojciechregula.blog)", "description": "The issue was addressed with additional permissions checks.", "id": "CVE-2025-46282", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/125886", "https://support.apple.com/en-us/125892" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe" ], "credit": "an anonymous researcher", "description": "A logic issue was addressed with improved validation.", "id": "CVE-2025-46283", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/125886" ], "module": "CoreServices", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Kaitao Xie and Xiaolong Bai of Alibaba Group", "description": "An integer overflow was addressed by adopting 64-bit timestamps.", "id": "CVE-2025-46285", "impact": "An app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/125884", "https://support.apple.com/en-us/125885", "https://support.apple.com/en-us/125886", "https://support.apple.com/en-us/125887", "https://support.apple.com/en-us/125888", "https://support.apple.com/en-us/125889", "https://support.apple.com/en-us/125890", "https://support.apple.com/en-us/125891" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later" ], "credit": "Andrei Simion", "description": "A logic issue was addressed with improved validation.", "id": "CVE-2025-46286", "impact": "Restoring from a backup may prevent passcode from being required immediately after Face ID enrollment", "links": [ "https://support.apple.com/en-us/125884" ], "module": "BiometricKit", "rsr": "", "update": "January 9, 2026" }, { "available": [ "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "an anonymous researcher, Riley Walz", "description": "An inconsistent user interface issue was addressed with improved state management.", "id": "CVE-2025-46287", "impact": "An attacker may be able to spoof their FaceTime caller ID", "links": [ "https://support.apple.com/en-us/125884", "https://support.apple.com/en-us/125885", "https://support.apple.com/en-us/125886", "https://support.apple.com/en-us/125887", "https://support.apple.com/en-us/125888", "https://support.apple.com/en-us/125890", "https://support.apple.com/en-us/125891" ], "module": "Calling Framework", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Tahoe" ], "credit": "floeki, Zhongcheng Li from IES Red Team of ByteDance", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-46288", "impact": "An app may be able to access sensitive payment tokens", "links": [ "https://support.apple.com/en-us/125884", "https://support.apple.com/en-us/125886", "https://support.apple.com/en-us/125890", "https://support.apple.com/en-us/125891" ], "module": "App Store", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "an anonymous researcher", "description": "A logic issue was addressed with improved file handling.", "id": "CVE-2025-46289", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/125886", "https://support.apple.com/en-us/125887", "https://support.apple.com/en-us/125888" ], "module": "AppSandbox", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Tahoe" ], "credit": "Bing Shi, Wenchao Li and Xiaolong Bai of Alibaba Group, and Luyi Xing of Indiana University Bloomington", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2025-46290", "impact": "A remote attacker may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/125884", "https://support.apple.com/en-us/125885", "https://support.apple.com/en-us/125886", "https://support.apple.com/en-us/125890", "https://support.apple.com/en-us/125891" ], "module": "Security", "rsr": "", "update": "February 11, 2026" }, { "available": [ "macOS Tahoe" ], "credit": "Kenneth Chew", "description": "A logic issue was addressed with improved validation.", "id": "CVE-2025-46291", "impact": "An app may bypass Gatekeeper checks", "links": [ "https://support.apple.com/en-us/125886" ], "module": "LaunchServices", "rsr": "", "update": "" }, { "available": [ "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Rosyna Keller of Totally Not Malicious Software", "description": "This issue was addressed with additional entitlement checks.", "id": "CVE-2025-46292", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/125884", "https://support.apple.com/en-us/125885" ], "module": "Telephony", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe" ], "credit": "Mickey Jin (@patch1t)", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2025-46297", "impact": "An app may be able to access protected files within an App Sandbox container", "links": [ "https://support.apple.com/en-us/125886" ], "module": "AppSandbox", "rsr": "", "update": "January 9, 2026" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Sonoma and macOS Sequoia", "macOS Tahoe" ], "bugzilla": "301468", "credit": "Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative, Nan Wang (@eternalsakura13)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2025-46298", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/125884", "https://support.apple.com/en-us/125886", "https://support.apple.com/en-us/125889", "https://support.apple.com/en-us/125890", "https://support.apple.com/en-us/125891", "https://support.apple.com/en-us/125892" ], "module": "WebKit", "rsr": "", "update": "January 9, 2026" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Sonoma and macOS Sequoia", "macOS Tahoe" ], "bugzilla": "299518", "credit": "Google Big Sleep", "description": "A memory initialization issue was addressed with improved memory handling.", "id": "CVE-2025-46299", "impact": "Processing maliciously crafted web content may disclose internal states of the app", "links": [ "https://support.apple.com/en-us/125884", "https://support.apple.com/en-us/125886", "https://support.apple.com/en-us/125889", "https://support.apple.com/en-us/125890", "https://support.apple.com/en-us/125891", "https://support.apple.com/en-us/125892" ], "module": "WebKit", "rsr": "", "update": "January 9, 2026" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Tahoe" ], "credit": "Google Threat Analysis Group", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2025-46300", "impact": "A malicious HID device may cause an unexpected process crash", "links": [ "https://support.apple.com/en-us/125884", "https://support.apple.com/en-us/125886", "https://support.apple.com/en-us/125889", "https://support.apple.com/en-us/125890", "https://support.apple.com/en-us/125891" ], "module": "Multi-Touch", "rsr": "", "update": "February 11, 2026" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Tahoe" ], "credit": "Google Threat Analysis Group", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2025-46301", "impact": "A malicious HID device may cause an unexpected process crash", "links": [ "https://support.apple.com/en-us/125884", "https://support.apple.com/en-us/125886", "https://support.apple.com/en-us/125889", "https://support.apple.com/en-us/125890", "https://support.apple.com/en-us/125891" ], "module": "Multi-Touch", "rsr": "", "update": "February 11, 2026" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Tahoe" ], "credit": "Google Threat Analysis Group", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2025-46302", "impact": "A malicious HID device may cause an unexpected process crash", "links": [ "https://support.apple.com/en-us/125884", "https://support.apple.com/en-us/125886", "https://support.apple.com/en-us/125889", "https://support.apple.com/en-us/125890", "https://support.apple.com/en-us/125891" ], "module": "Multi-Touch", "rsr": "", "update": "February 11, 2026" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Tahoe" ], "credit": "Google Threat Analysis Group", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2025-46303", "impact": "A malicious HID device may cause an unexpected process crash", "links": [ "https://support.apple.com/en-us/125884", "https://support.apple.com/en-us/125886", "https://support.apple.com/en-us/125889", "https://support.apple.com/en-us/125890", "https://support.apple.com/en-us/125891" ], "module": "Multi-Touch", "rsr": "", "update": "February 11, 2026" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Tahoe" ], "credit": "Google Threat Analysis Group", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2025-46304", "impact": "A malicious HID device may cause an unexpected process crash", "links": [ "https://support.apple.com/en-us/125884", "https://support.apple.com/en-us/125886", "https://support.apple.com/en-us/125889", "https://support.apple.com/en-us/125890", "https://support.apple.com/en-us/125891" ], "module": "Multi-Touch", "rsr": "", "update": "February 11, 2026" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Tahoe" ], "credit": "Google Threat Analysis Group", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2025-46305", "impact": "A malicious HID device may cause an unexpected process crash", "links": [ "https://support.apple.com/en-us/125884", "https://support.apple.com/en-us/125886", "https://support.apple.com/en-us/125889", "https://support.apple.com/en-us/125890", "https://support.apple.com/en-us/125891" ], "module": "Multi-Touch", "rsr": "", "update": "February 11, 2026" }, { "available": [ "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later" ], "credit": "KPC of Cisco Talos", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2025-46306", "impact": "Processing a maliciously crafted Keynote file may disclose memory contents", "links": [ "https://support.apple.com/en-us/125108", "https://support.apple.com/en-us/125110" ], "module": "QuickLook", "rsr": "", "update": "January 28, 2026" }, { "available": [ "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later" ], "credit": "Sumanth Rao, Ye Shu, Stefan Savage, Aaron Schulman, Geoffrey M. Voelker of UC San Diego), and Enze Liu (Carnegie Mellon University)", "description": "An inconsistent user interface issue was addressed with improved state management.", "id": "CVE-2025-46311", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/125885" ], "module": "Mail", "rsr": "", "update": "May 11, 2026" }, { "available": [ "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Tahoe" ], "credit": "KPC of Cisco Talos", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2025-46316", "impact": "Processing a maliciously crafted Pages document may result in unexpected termination or disclosure of process memory", "links": [ "https://support.apple.com/en-us/125632", "https://support.apple.com/en-us/125634" ], "module": "QuickLook", "rsr": "", "update": "January 28, 2026" }, { "available": [ "macOS Sequoia 15.6 and later" ], "credit": "", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2025-48384", "impact": "Cloning a maliciously crafted repository may result in remote code execution", "links": [ "https://support.apple.com/en-us/125117" ], "module": "Git", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe" ], "credit": "", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2025-53906", "impact": "A path handling issue was addressed with improved validation", "links": [ "https://support.apple.com/en-us/125634" ], "module": "Vim", "rsr": "", "update": "" }, { "available": [ "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2025-5918", "impact": "Processing a file may lead to memory corruption", "links": [ "https://support.apple.com/en-us/125884", "https://support.apple.com/en-us/125885", "https://support.apple.com/en-us/125886", "https://support.apple.com/en-us/125887", "https://support.apple.com/en-us/125888" ], "module": "libarchive", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2025-6442", "impact": "Multiple issues in ruby", "links": [ "https://support.apple.com/en-us/125634", "https://support.apple.com/en-us/125635", "https://support.apple.com/en-us/125636" ], "module": "Ruby", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "bugzilla": "296459", "credit": "Cl\u00e9ment Lecigne and Vlad Stolyarov of Google's Threat Analysis Group", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2025-6558", "impact": "Processing maliciously crafted web content may lead to an unexpected Safari crash", "links": [ "https://support.apple.com/en-us/124147", "https://support.apple.com/en-us/124148", "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124152", "https://support.apple.com/en-us/124153", "https://support.apple.com/en-us/124154", "https://support.apple.com/en-us/124155" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "Mac Studio (2022 and later), iMac (2020 and later), Mac Pro (2019 and later), Mac mini (2020 and later), MacBook Air with Apple silicon (2020 and later), MacBook Pro (16-inch, 2019), MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports), and MacBook Pro with Apple silicon (2020 and later)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia" ], "credit": "", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2025-6965", "impact": "Processing a file may lead to memory corruption", "links": [ "https://support.apple.com/en-us/124147", "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124153", "https://support.apple.com/en-us/124154", "https://support.apple.com/en-us/124155", "https://support.apple.com/en-us/125108", "https://support.apple.com/en-us/125110", "https://support.apple.com/en-us/125114", "https://support.apple.com/en-us/125115", "https://support.apple.com/en-us/125116" ], "module": "SQLite", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Ventura and macOS Sonoma" ], "credit": "Ivan Fratric of Google Project Zero", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2025-7424", "impact": "Processing maliciously crafted web content may lead to memory corruption", "links": [ "https://support.apple.com/en-us/124147", "https://support.apple.com/en-us/124148", "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124150", "https://support.apple.com/en-us/124152", "https://support.apple.com/en-us/124153", "https://support.apple.com/en-us/124154", "https://support.apple.com/en-us/124155" ], "module": "libxslt", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro", "Apple Watch Series 6 and later", "iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Ventura and macOS Sonoma" ], "credit": "Sergei Glazunov of Google Project Zero", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2025-7425", "impact": "Processing a file may lead to memory corruption", "links": [ "https://support.apple.com/en-us/124147", "https://support.apple.com/en-us/124149", "https://support.apple.com/en-us/124152", "https://support.apple.com/en-us/124153", "https://support.apple.com/en-us/124154", "https://support.apple.com/en-us/124155" ], "module": "libxml2", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2025-9086", "impact": "Multiple issues in curl", "links": [ "https://support.apple.com/en-us/125884", "https://support.apple.com/en-us/125885", "https://support.apple.com/en-us/125886", "https://support.apple.com/en-us/125887", "https://support.apple.com/en-us/125888", "https://support.apple.com/en-us/125889", "https://support.apple.com/en-us/125890", "https://support.apple.com/en-us/125891" ], "module": "curl", "rsr": "", "update": "" } ] ================================================ FILE: 2025/README.md ================================================ # Apple CVE 2025 * data source: https://support.apple.com/en-us/HT201222 * [2025.json](2025.json) ## ITW | Index | CVE ID | Module | |:-----:|:------:|:------------------ | | 1 | CVE-2025-14174 | WebKit | | 2 | CVE-2025-24085 | CoreMedia | | 3 | CVE-2025-24200 | Accessibility | | 4 | CVE-2025-24201 | WebKit | | 5 | CVE-2025-31200 | CoreAudio | | 6 | CVE-2025-31201 | RPAC | | 7 | CVE-2025-43200 | Messages | | 8 | CVE-2025-43300 | ImageIO | | 9 | CVE-2025-43529 | WebKit | ## Modules | Index | Module Name | CVE Count | |:-----:|:------------------ |:---------:| | 1 | WebKit | 73 | | 2 | AppleMobileFileIntegrity | 29 | | 3 | Kernel | 21 | | 4 | Safari | 15 | | 5 | AirPlay | 14 | | 6 | Siri | 14 | | 7 | StorageKit | 13 | | 8 | Model I/O | 13 | | 9 | PackageKit | 12 | | 10 | CoreMedia | 11 | | 11 | Sandbox | 10 | | 12 | CoreServices | 9 | | 13 | Audio | 9 | | 14 | Notes | 9 | | 15 | Shortcuts | 9 | | 16 | Spotlight | 8 | | 17 | ImageIO | 8 | | 18 | LaunchServices | 8 | | 19 | Security | 8 | | 20 | SharedFileList | 8 | | 21 | CoreAudio | 8 | | 22 | GPU Drivers | 8 | | 23 | Multi-Touch | 8 | | 24 | DiskArbitration | 7 | | 25 | WindowServer | 6 | | 26 | FaceTime | 6 | | 27 | Accessibility | 6 | | 28 | SMB | 6 | | 29 | Foundation | 6 | | 30 | Xsan | 5 | | 31 | libxpc | 5 | | 32 | Installer | 5 | | 33 | Disk Images | 5 | | 34 | Photos | 5 | | 35 | Ruby | 4 | | 36 | Icons | 4 | | 37 | sips | 4 | | 38 | WebContentFilter | 4 | | 39 | Mail | 4 | | 40 | Authentication Services | 4 | | 41 | Software Update | 4 | | 42 | System Settings | 4 | | 43 | Dock | 4 | | 44 | libxslt | 3 | | 45 | libxml2 | 3 | | 46 | curl | 3 | | 47 | Messages | 3 | | 48 | Managed Configuration | 3 | | 49 | Finder | 3 | | 50 | Notification Center | 3 | | 51 | SceneKit | 3 | | 52 | CoreMedia Playback | 3 | | 53 | libnetcore | 3 | | 54 | Libinfo | 3 | | 55 | CloudKit | 3 | | 56 | OpenSSH | 3 | | 57 | App Store | 3 | | 58 | Voice Control | 3 | | 59 | IOMobileFrameBuffer | 3 | | 60 | SoftwareUpdate | 3 | | 61 | TCC | 3 | | 62 | Wi-Fi | 3 | | 63 | Call History | 3 | | 64 | afpfs | 3 | | 65 | RemoteViewServices | 3 | | 66 | sudo | 3 | | 67 | Admin Framework | 3 | | 68 | Power Management | 3 | | 69 | File Bookmark | 3 | | 70 | AppSandbox | 3 | | 71 | Bluetooth | 3 | | 72 | Apple Neural Engine | 3 | | 73 | Apple Account | 2 | | 74 | Contacts | 2 | | 75 | libarchive | 2 | | 76 | ICU | 2 | | 77 | ASP TCP | 2 | | 78 | AppKit | 2 | | 79 | NSDocument | 2 | | 80 | SDK | 2 | | 81 | Photos Storage | 2 | | 82 | WebKit Web Inspector | 2 | | 83 | CoreText | 2 | | 84 | Perl | 2 | | 85 | RPAC | 2 | | 86 | Web Extensions | 2 | | 87 | Calendar | 2 | | 88 | Sandbox Profiles | 2 | | 89 | BiometricKit | 2 | | 90 | Focus | 2 | | 91 | NetworkExtension | 2 | | 92 | Share Sheet | 2 | | 93 | dyld | 2 | | 94 | CoreGraphics | 2 | | 95 | zip | 2 | | 96 | Pro Res | 2 | | 97 | quarantine | 2 | | 98 | AppleJPEG | 2 | | 99 | Mail Drafts | 2 | | 100 | Find My | 2 | | 101 | CFNetwork | 2 | | 102 | AMD | 2 | | 103 | Archive Utility | 2 | | 104 | NSSpellChecker | 2 | | 105 | libc | 2 | | 106 | ATS | 2 | | 107 | Dev Tools | 2 | | 108 | configd | 2 | | 109 | Assets | 2 | | 110 | Phone | 2 | | 111 | Networking | 2 | | 112 | Screen Time | 2 | | 113 | QuickLook | 2 | | 114 | Python | 1 | | 115 | GarageBand | 1 | | 116 | QuartzCore | 1 | | 117 | libexpat | 1 | | 118 | Safari Downloads | 1 | | 119 | Passkeys | 1 | | 120 | Libnotify | 1 | | 121 | TV App | 1 | | 122 | RepairKit | 1 | | 123 | AirDrop | 1 | | 124 | CoreRoutine | 1 | | 125 | Display | 1 | | 126 | AppleGraphicsControl | 1 | | 127 | ARKit | 1 | | 128 | System Extensions | 1 | | 129 | Login Window | 1 | | 130 | iCloud | 1 | | 131 | Time Zone | 1 | | 132 | Passwords | 1 | | 133 | Power Services | 1 | | 134 | iCloud Photo Library | 1 | | 135 | MobileLockdown | 1 | | 136 | Storage Management | 1 | | 137 | Summarization Services | 1 | | 138 | Accounts | 1 | | 139 | BOM | 1 | | 140 | Mail Addressing | 1 | | 141 | IDE Assets | 1 | | 142 | AccountPolicy | 1 | | 143 | Kerberos Helper | 1 | | 144 | IOGPUFamily | 1 | | 145 | Parental Controls | 1 | | 146 | smbx | 1 | | 147 | StickerKit | 1 | | 148 | Mobile Device Service | 1 | | 149 | Crash Reporter | 1 | | 150 | FeedbackLogger | 1 | | 151 | Journal | 1 | | 152 | Instruments | 1 | | 153 | Found in Apps | 1 | | 154 | iCloud Document Sharing | 1 | | 155 | manpages | 1 | | 156 | SystemMigration | 1 | | 157 | Automator | 1 | | 158 | Handoff | 1 | | 159 | Maps | 1 | | 160 | Playgrounds | 1 | | 161 | CoreUtils | 1 | | 162 | FrontBoard | 1 | | 163 | Core Bluetooth | 1 | | 164 | Baseband | 1 | | 165 | Weather | 1 | | 166 | mDNSResponder | 1 | | 167 | StoreKit | 1 | | 168 | UserAccountUpdater | 1 | | 169 | IOKit | 1 | | 170 | Screenshots | 1 | | 171 | Apple Intelligence Reports | 1 | | 172 | macOS Recovery | 1 | | 173 | App Store Connect | 1 | | 174 | Apple Online Store Kit | 1 | | 175 | Printing | 1 | | 176 | MediaRemote | 1 | | 177 | afclip | 1 | | 178 | Spell Check | 1 | | 179 | SecurityAgent | 1 | | 180 | Single Sign-On | 1 | | 181 | Core Services | 1 | | 182 | Apple Music Classical | 1 | | 183 | Music | 1 | | 184 | AirPort | 1 | | 185 | copyfile | 1 | | 186 | Metal | 1 | | 187 | User Management | 1 | | 188 | file | 1 | | 189 | Trusted Device | 1 | | 190 | IDE CoreML | 1 | | 191 | Directory Utility | 1 | | 192 | NetAuth | 1 | | 193 | Application Firewall | 1 | | 194 | MallocStackLogging | 1 | | 195 | IOHIDFamily | 1 | | 196 | Touch Bar Controls | 1 | | 197 | Notifications | 1 | | 198 | Touch Bar | 1 | | 199 | MigrationKit | 1 | | 200 | MediaLibrary | 1 | | 201 | Security Initialization | 1 | | 202 | Storage | 1 | | 203 | System | 1 | | 204 | Control Center | 1 | | 205 | MobileStorageMounter | 1 | | 206 | NetFSFramework | 1 | | 207 | MetricKit | 1 | | 208 | WebKit Process Model | 1 | | 209 | Xcode | 1 | | 210 | CoreServicesUIAgent | 1 | | 211 | WebKit Canvas | 1 | | 212 | bootp | 1 | | 213 | FontParser | 1 | | 214 | CoreAnimation | 1 | | 215 | Stolen Device Protection | 1 | | 216 | On-device Intelligence | 1 | | 217 | Apple TV Remote | 1 | | 218 | Camera | 1 | | 219 | Text Input | 1 | | 220 | Status Bar | 1 | | 221 | zsh | 1 | | 222 | MediaExperience | 1 | | 223 | BackBoardServices | 1 | | 224 | FileProvider | 1 | | 225 | lldb | 1 | | 226 | GNU | 1 | | 227 | MDM Configuration Tools | 1 | | 228 | Compressor | 1 | | 229 | Settings | 1 | | 230 | iTunes Store | 1 | | 231 | Books | 1 | | 232 | Game Center | 1 | | 233 | Calling Framework | 1 | | 234 | Telephony | 1 | | 235 | Git | 1 | | 236 | Vim | 1 | | 237 | SQLite | 1 | ================================================ FILE: 2026/2026.json ================================================ [ { "available": [ "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)" ], "credit": "F\u00e9lix Poulin-B\u00e9langer", "description": "A use-after-free issue was addressed with improved memory management.", "id": "CVE-2023-41974", "impact": "An app may be able to execute arbitrary code with kernel privileges. This fix associated with the Coruna exploit was shipped in iOS 17 on September 18, 2023. This update brings that fix to devices that cannot update to the latest iOS version.", "links": [ "https://support.apple.com/en-us/126632" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)" ], "bugzilla": "255951", "credit": "Apple", "description": "A use-after-free issue was addressed with improved memory management.", "id": "CVE-2023-43000", "impact": "Processing maliciously crafted web content may lead to memory corruption. This fix associated with the Coruna exploit was shipped in iOS 16.6 on July 24, 2023. This update brings that fix to devices that cannot update to the latest iOS version.", "links": [ "https://support.apple.com/en-us/126632" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation" ], "bugzilla": "260913", "credit": "Apple", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2023-43010", "impact": "Processing maliciously crafted web content may lead to memory corruption. This fix associated with the Coruna exploit was shipped in iOS 17.2 on December 11th, 2023. This update brings that fix to devices that cannot update to the latest iOS version.", "links": [ "https://support.apple.com/en-us/126632", "https://support.apple.com/en-us/126646" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)" ], "bugzilla": "267134", "credit": "", "description": "A type confusion issue was addressed with improved checks.", "id": "CVE-2024-23222", "impact": "Processing maliciously crafted web content may lead to arbitrary code execution. This fix associated with the Coruna exploit was shipped in iOS 17.3 on January 22, 2024. This update brings that fix to devices that cannot update to the latest iOS version.", "links": [ "https://support.apple.com/en-us/126632" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XR, iPhone XS, iPhone XS Max, iPhone 11 (all models), iPhone SE (2nd generation), iPhone 12 (all models), iPhone 13 (all models), iPhone SE (3rd generation), iPhone 14 (all models), iPhone 15 (all models), iPhone 16 (all models), iPhone 16e, iPad mini (5th generation - A17 Pro), iPad (7th generation - A16), iPad Air (3rd - 5th generation), iPad Air 11-inch (M2 - M3), iPad Air 13-inch (M2 - M3), iPad Pro 11-inch (1st generation - M4), iPad Pro 12.9-inch (3rd - 6th generation), and iPad Pro 13-inch (M4)", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2025-14524", "impact": "An issue existed in curl which may result in unintentionally sending sensitive information via an incorrect connection", "links": [ "https://support.apple.com/en-us/126792", "https://support.apple.com/en-us/126793", "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126796", "https://support.apple.com/en-us/126797", "https://support.apple.com/en-us/126798", "https://support.apple.com/en-us/126799" ], "module": "curl", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "\uc774\ub3d9\ud558 (Lee Dong Ha) of SSA Lab", "description": "An out-of-bounds access issue was addressed with improved bounds checking.", "id": "CVE-2025-43338", "impact": "Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory", "links": [ "https://support.apple.com/en-us/126350" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "iPhone XR, iPhone XS, iPhone XS Max, iPhone 11 (all models), iPhone SE (2nd generation), iPhone 12 (all models), iPhone 13 (all models), iPhone SE (3rd generation), iPhone 14 (all models), iPhone 15 (all models), iPhone 16 (all models), iPhone 16e, iPad mini (5th generation - A17 Pro), iPad (7th generation - A16), iPad Air (3rd - 5th generation), iPad Air 11-inch (M2 - M3), iPad Air 13-inch (M2 - M3), iPad Pro 11-inch (1st generation - M4), iPad Pro 12.9-inch (3rd - 6th generation), and iPad Pro 13-inch (M4)" ], "bugzilla": "295943", "credit": "Mike Cardwell of grepular.com, Bob Lord", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2025-43376", "impact": "A remote attacker may be able to view leaked DNS queries with Private Relay turned on", "links": [ "https://support.apple.com/en-us/126793" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma" ], "credit": "@cloudlldb of @pixiepointsec", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2025-43402", "impact": "An app may be able to cause unexpected system termination or corrupt process memory", "links": [ "https://support.apple.com/en-us/126349", "https://support.apple.com/en-us/126350" ], "module": "WindowServer", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma" ], "credit": "Mickey Jin (@patch1t)", "description": "An authorization issue was addressed with improved state management.", "id": "CVE-2025-43403", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/126349", "https://support.apple.com/en-us/126350" ], "module": "Compression", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma" ], "credit": "Ron Elemans", "description": "A path handling issue was addressed with improved logic.", "id": "CVE-2025-43417", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/126350" ], "module": "File Bookmark", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma" ], "credit": "Csaba Fitzl (@theevilbit) of Iru", "description": "An access issue was addressed with additional sandbox restrictions.", "id": "CVE-2025-43524", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/127116", "https://support.apple.com/en-us/127117" ], "module": "Icons", "rsr": "", "update": "" }, { "available": [ "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sequoia", "macOS Sonoma" ], "credit": "Google Threat Analysis Group", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2025-43533", "impact": "A malicious HID device may cause an unexpected process crash", "links": [ "https://support.apple.com/en-us/126347", "https://support.apple.com/en-us/126349", "https://support.apple.com/en-us/126350" ], "module": "Multi-Touch", "rsr": "", "update": "" }, { "available": [ "iPhone XR, iPhone XS, iPhone XS Max, iPhone 11 (all models), iPhone SE (2nd generation), iPhone 12 (all models), iPhone 13 (all models), iPhone SE (3rd generation), iPhone 14 (all models), iPhone 15 (all models), iPhone 16 (all models), iPhone 16e, iPad mini (5th generation - A17 Pro), iPad (7th generation - A16), iPad Air (3rd - 5th generation), iPad Air 11-inch (M2 - M3), iPad Air 13-inch (M2 - M3), iPad Pro 11-inch (1st generation - M4), iPad Pro 12.9-inch (3rd - 6th generation), and iPad Pro 13-inch (M4)" ], "credit": "iG0x72 and JJ of XiguaSec, Lehan Dilusha Jayasinghe", "description": "A path handling issue was addressed with improved validation.", "id": "CVE-2025-43534", "impact": "A user with physical access to an iOS device may be able to bypass Activation Lock", "links": [ "https://support.apple.com/en-us/126793" ], "module": "iTunes Store", "rsr": "", "update": "" }, { "available": [ "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation" ], "credit": "piffz, Daniel Nurkin, Al Sadman Awal, Mohamed Hamdadou & Mahran Alhazmi, Hichem Maloufi, Christian Mina, Gerson Aldaz, qwerty j0y & Ricardo Garcia, Dorian Del Valle", "description": "A path handling issue was addressed with improved validation.", "id": "CVE-2025-43537", "impact": "Restoring a maliciously crafted backup file may lead to modification of protected system files", "links": [ "https://support.apple.com/en-us/126347" ], "module": "Books", "rsr": "", "update": "March 24, 2026" }, { "available": [ "macOS Sonoma" ], "credit": "an anonymous researcher", "description": "A logic issue was addressed with improved validation.", "id": "CVE-2025-46283", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/126350" ], "module": "CoreServices", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma" ], "credit": "Bing Shi, Wenchao Li and Xiaolong Bai of Alibaba Group, and Luyi Xing of Indiana University Bloomington", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2025-46290", "impact": "A remote attacker may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/126349", "https://support.apple.com/en-us/126350" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sequoia", "macOS Sonoma" ], "credit": "Google Threat Analysis Group", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2025-46300", "impact": "A malicious HID device may cause an unexpected process crash", "links": [ "https://support.apple.com/en-us/126347", "https://support.apple.com/en-us/126349", "https://support.apple.com/en-us/126350" ], "module": "Multi-Touch", "rsr": "", "update": "" }, { "available": [ "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sequoia", "macOS Sonoma" ], "credit": "Google Threat Analysis Group", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2025-46301", "impact": "A malicious HID device may cause an unexpected process crash", "links": [ "https://support.apple.com/en-us/126347", "https://support.apple.com/en-us/126349", "https://support.apple.com/en-us/126350" ], "module": "Multi-Touch", "rsr": "", "update": "" }, { "available": [ "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sequoia", "macOS Sonoma" ], "credit": "Google Threat Analysis Group", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2025-46302", "impact": "A malicious HID device may cause an unexpected process crash", "links": [ "https://support.apple.com/en-us/126347", "https://support.apple.com/en-us/126349", "https://support.apple.com/en-us/126350" ], "module": "Multi-Touch", "rsr": "", "update": "" }, { "available": [ "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sequoia", "macOS Sonoma" ], "credit": "Google Threat Analysis Group", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2025-46303", "impact": "A malicious HID device may cause an unexpected process crash", "links": [ "https://support.apple.com/en-us/126347", "https://support.apple.com/en-us/126349", "https://support.apple.com/en-us/126350" ], "module": "Multi-Touch", "rsr": "", "update": "" }, { "available": [ "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sequoia", "macOS Sonoma" ], "credit": "Google Threat Analysis Group", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2025-46304", "impact": "A malicious HID device may cause an unexpected process crash", "links": [ "https://support.apple.com/en-us/126347", "https://support.apple.com/en-us/126349", "https://support.apple.com/en-us/126350" ], "module": "Multi-Touch", "rsr": "", "update": "" }, { "available": [ "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sequoia", "macOS Sonoma" ], "credit": "Google Threat Analysis Group", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2025-46305", "impact": "A malicious HID device may cause an unexpected process crash", "links": [ "https://support.apple.com/en-us/126347", "https://support.apple.com/en-us/126349", "https://support.apple.com/en-us/126350" ], "module": "Multi-Touch", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia 15.6 and later" ], "credit": "KPC of Cisco Talos", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2025-46306", "impact": "Processing a maliciously crafted Keynote file may disclose memory contents", "links": [ "https://support.apple.com/en-us/126254" ], "module": "Keynote", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed through improved state management.", "id": "CVE-2025-46310", "impact": "An attacker with root privileges may be able to delete protected system files", "links": [ "https://support.apple.com/en-us/126349", "https://support.apple.com/en-us/126350" ], "module": "PackageKit", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia 15.6 and later" ], "credit": "KPC of Cisco Talos", "description": "An out-of-bounds read was addressed with improved input validation.", "id": "CVE-2025-46316", "impact": "Processing a maliciously crafted Pages document may result in unexpected termination or disclosure of process memory", "links": [ "https://support.apple.com/en-us/126255" ], "module": "Pages", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2025-55753", "impact": "Multiple issues in Apache", "links": [ "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126796" ], "module": "apache", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2025-58098", "impact": "Multiple issues in Apache", "links": [ "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126796" ], "module": "apache", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2025-59375", "impact": "Processing a maliciously crafted file may lead to a denial-of-service", "links": [ "https://support.apple.com/en-us/126346", "https://support.apple.com/en-us/126347", "https://support.apple.com/en-us/126348", "https://support.apple.com/en-us/126349", "https://support.apple.com/en-us/126350", "https://support.apple.com/en-us/126351", "https://support.apple.com/en-us/126352", "https://support.apple.com/en-us/126353" ], "module": "libexpat", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2025-59775", "impact": "Multiple issues in Apache", "links": [ "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126796" ], "module": "apache", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XR, iPhone XS, iPhone XS Max, iPhone 11 (all models), iPhone SE (2nd generation), iPhone 12 (all models), iPhone 13 (all models), iPhone SE (3rd generation), iPhone 14 (all models), iPhone 15 (all models), iPhone 16 (all models), iPhone 16e, iPad mini (5th generation - A17 Pro), iPad (7th generation - A16), iPad Air (3rd - 5th generation), iPad Air 11-inch (M2 - M3), iPad Air 13-inch (M2 - M3), iPad Pro 11-inch (1st generation - M4), iPad Pro 12.9-inch (3rd - 6th generation), and iPad Pro 13-inch (M4)", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2025-64505", "impact": "Processing a maliciously crafted file may lead to unexpected app termination", "links": [ "https://support.apple.com/en-us/126792", "https://support.apple.com/en-us/126793", "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126796", "https://support.apple.com/en-us/126797", "https://support.apple.com/en-us/126798", "https://support.apple.com/en-us/126799" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2025-65082", "impact": "Multiple issues in Apache", "links": [ "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126796" ], "module": "apache", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2025-66200", "impact": "Multiple issues in Apache", "links": [ "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126796" ], "module": "apache", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Tahoe" ], "credit": "", "description": "This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.", "id": "CVE-2026-1837", "impact": "Processing a maliciously crafted image may lead to a denial-of-service", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127118", "https://support.apple.com/en-us/127119", "https://support.apple.com/en-us/127120" ], "module": "AppleJPEG", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe" ], "credit": "an anonymous researcher", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2026-20601", "impact": "An app may be able to monitor keystrokes without user permission", "links": [ "https://support.apple.com/en-us/126348" ], "module": "Foundation", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "@cloudlldb of @pixiepointsec", "description": "The issue was addressed with improved handling of caches.", "id": "CVE-2026-20602", "impact": "An app may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/126348", "https://support.apple.com/en-us/126349", "https://support.apple.com/en-us/126350" ], "module": "WindowServer", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe" ], "credit": "Kirin (@Pwnrin) and LFY (@secsys) from Fudan University", "description": "This issue was addressed with improved redaction of sensitive information.", "id": "CVE-2026-20603", "impact": "An app with root privileges may be able to access private information", "links": [ "https://support.apple.com/en-us/126348" ], "module": "Notification Center", "rsr": "", "update": "" }, { "available": [ "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "@cloudlldb of @pixiepointsec", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2026-20605", "impact": "An app may be able to crash a system process", "links": [ "https://support.apple.com/en-us/126347", "https://support.apple.com/en-us/126348", "https://support.apple.com/en-us/126349", "https://support.apple.com/en-us/126350" ], "module": "Voice Control", "rsr": "", "update": "" }, { "available": [ "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "LeminLimez", "description": "This issue was addressed by removing the vulnerable code.", "id": "CVE-2026-20606", "impact": "An app may be able to bypass certain Privacy preferences", "links": [ "https://support.apple.com/en-us/126346", "https://support.apple.com/en-us/126347", "https://support.apple.com/en-us/126348", "https://support.apple.com/en-us/126349", "https://support.apple.com/en-us/126350" ], "module": "UIKit", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "an anonymous researcher", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2026-20607", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126796" ], "module": "libxpc", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sonoma and macOS Sequoia", "macOS Tahoe" ], "bugzilla": "303357", "credit": "HanQing from TSDubhe and Nan Wang (@eternalsakura13)", "description": "This issue was addressed through improved state management.", "id": "CVE-2026-20608", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/126346", "https://support.apple.com/en-us/126347", "https://support.apple.com/en-us/126348", "https://support.apple.com/en-us/126353", "https://support.apple.com/en-us/126354" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Yi\u011fit Can YILMAZ (@yilmazcanyigit)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2026-20609", "impact": "Processing a maliciously crafted file may lead to a denial-of-service or potentially disclose memory contents", "links": [ "https://support.apple.com/en-us/126346", "https://support.apple.com/en-us/126347", "https://support.apple.com/en-us/126348", "https://support.apple.com/en-us/126349", "https://support.apple.com/en-us/126350", "https://support.apple.com/en-us/126351", "https://support.apple.com/en-us/126352", "https://support.apple.com/en-us/126353" ], "module": "CoreMedia", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe" ], "credit": "Gergely Kalman (@gergely_kalman)", "description": "This issue was addressed with improved handling of symlinks.", "id": "CVE-2026-20610", "impact": "An app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/126348" ], "module": "Setup Assistant", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Anonymous working with Trend Micro Zero Day Initiative", "description": "An out-of-bounds access issue was addressed with improved bounds checking.", "id": "CVE-2026-20611", "impact": "Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory", "links": [ "https://support.apple.com/en-us/126346", "https://support.apple.com/en-us/126347", "https://support.apple.com/en-us/126348", "https://support.apple.com/en-us/126349", "https://support.apple.com/en-us/126350", "https://support.apple.com/en-us/126351", "https://support.apple.com/en-us/126352", "https://support.apple.com/en-us/126353" ], "module": "CoreAudio", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Mickey Jin (@patch1t)", "description": "A privacy issue was addressed with improved checks.", "id": "CVE-2026-20612", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/126348", "https://support.apple.com/en-us/126349", "https://support.apple.com/en-us/126350" ], "module": "Spotlight", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Gergely Kalman (@gergely_kalman)", "description": "A path handling issue was addressed with improved validation.", "id": "CVE-2026-20614", "impact": "An app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/126348", "https://support.apple.com/en-us/126349", "https://support.apple.com/en-us/126350" ], "module": "Remote Management", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Sonoma", "macOS Tahoe" ], "credit": "Csaba Fitzl (@theevilbit) of Iru and Gergely Kalman (@gergely_kalman)", "description": "A path handling issue was addressed with improved validation.", "id": "CVE-2026-20615", "impact": "An app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/126346", "https://support.apple.com/en-us/126348", "https://support.apple.com/en-us/126350", "https://support.apple.com/en-us/126353" ], "module": "CoreServices", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sonoma", "macOS Tahoe" ], "credit": "Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2026-20616", "impact": "Processing a maliciously crafted USD file may lead to unexpected app termination", "links": [ "https://support.apple.com/en-us/126347", "https://support.apple.com/en-us/126348", "https://support.apple.com/en-us/126350", "https://support.apple.com/en-us/126353" ], "module": "Model I/O", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Sonoma", "macOS Tahoe" ], "credit": "Golden Helm Securities, Gergely Kalman (@gergely_kalman), Csaba Fitzl (@theevilbit) of Iru", "description": "A race condition was addressed with improved state handling.", "id": "CVE-2026-20617", "impact": "An app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/126346", "https://support.apple.com/en-us/126348", "https://support.apple.com/en-us/126350", "https://support.apple.com/en-us/126351", "https://support.apple.com/en-us/126352", "https://support.apple.com/en-us/126353" ], "module": "CoreServices", "rsr": "", "update": "March 24, 2026" }, { "available": [ "macOS Tahoe" ], "credit": "Asaf Cohen", "description": "An issue was addressed with improved handling of temporary files.", "id": "CVE-2026-20618", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/126348" ], "module": "System Settings", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Tahoe" ], "credit": "Asaf Cohen", "description": "A logging issue was addressed with improved data redaction.", "id": "CVE-2026-20619", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/126348", "https://support.apple.com/en-us/126349" ], "module": "System Settings", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Murray Mike", "description": "An out-of-bounds read issue was addressed with improved input validation.", "id": "CVE-2026-20620", "impact": "An attacker may be able to cause unexpected system termination or read kernel memory", "links": [ "https://support.apple.com/en-us/126348", "https://support.apple.com/en-us/126349", "https://support.apple.com/en-us/126350" ], "module": "GPU Drivers", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Wang Yu of Cyberserval", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2026-20621", "impact": "An app may be able to cause unexpected system termination or corrupt kernel memory", "links": [ "https://support.apple.com/en-us/126346", "https://support.apple.com/en-us/126347", "https://support.apple.com/en-us/126348", "https://support.apple.com/en-us/126349", "https://support.apple.com/en-us/126350", "https://support.apple.com/en-us/126353" ], "module": "Wi-Fi", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Tahoe" ], "credit": "Csaba Fitzl (@theevilbit) of Iru", "description": "A privacy issue was addressed with improved handling of temporary files.", "id": "CVE-2026-20622", "impact": "An app may be able to capture a user's screen", "links": [ "https://support.apple.com/en-us/126348", "https://support.apple.com/en-us/126349" ], "module": "Shortcuts", "rsr": "", "update": "March 24, 2026" }, { "available": [ "macOS Tahoe" ], "credit": "an anonymous researcher", "description": "A permissions issue was addressed by removing the vulnerable code.", "id": "CVE-2026-20623", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/126348" ], "module": "Foundation", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Mickey Jin (@patch1t)", "description": "An injection issue was addressed with improved validation.", "id": "CVE-2026-20624", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/126348", "https://support.apple.com/en-us/126349", "https://support.apple.com/en-us/126350" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Mickey Jin (@patch1t), Ryan Dowd (@_rdowd)", "description": "A parsing issue in the handling of directory paths was addressed with improved path validation.", "id": "CVE-2026-20625", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/126348", "https://support.apple.com/en-us/126349", "https://support.apple.com/en-us/126350", "https://support.apple.com/en-us/126353" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Tahoe" ], "credit": "Keisuke Hosoda", "description": "This issue was addressed with improved checks.", "id": "CVE-2026-20626", "impact": "A malicious app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/126346", "https://support.apple.com/en-us/126348", "https://support.apple.com/en-us/126349", "https://support.apple.com/en-us/126353" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Sonoma", "macOS Tahoe" ], "credit": "an anonymous researcher", "description": "An issue existed in the handling of environment variables. This issue was addressed with improved validation.", "id": "CVE-2026-20627", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/126346", "https://support.apple.com/en-us/126348", "https://support.apple.com/en-us/126350", "https://support.apple.com/en-us/126352", "https://support.apple.com/en-us/126353" ], "module": "CoreServices", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Noah Gregory (wts.dev)", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2026-20628", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/126346", "https://support.apple.com/en-us/126347", "https://support.apple.com/en-us/126348", "https://support.apple.com/en-us/126349", "https://support.apple.com/en-us/126350", "https://support.apple.com/en-us/126351", "https://support.apple.com/en-us/126352", "https://support.apple.com/en-us/126353" ], "module": "Sandbox", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe" ], "credit": "Asaf Cohen", "description": "A privacy issue was addressed with improved handling of temporary files.", "id": "CVE-2026-20629", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/126348" ], "module": "Foundation", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe" ], "credit": "an anonymous researcher", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2026-20630", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/126348" ], "module": "LaunchServices", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe" ], "credit": "Gergely Kalman (@gergely_kalman)", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2026-20631", "impact": "A user may be able to elevate privileges", "links": [ "https://support.apple.com/en-us/126794" ], "module": "PackageKit", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe" ], "credit": "Rodolphe Brunetti (@eisw0lf) of Lupus Nova", "description": "A parsing issue in the handling of directory paths was addressed with improved path validation.", "id": "CVE-2026-20632", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/126794" ], "module": "Music", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed with improved handling of symlinks.", "id": "CVE-2026-20633", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126796" ], "module": "Archive Utility", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "George Karchemsky (@gkarchemsky) working with Trend Micro Zero Day Initiative", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2026-20634", "impact": "Processing a maliciously crafted image may result in disclosure of process memory", "links": [ "https://support.apple.com/en-us/126346", "https://support.apple.com/en-us/126347", "https://support.apple.com/en-us/126348", "https://support.apple.com/en-us/126349", "https://support.apple.com/en-us/126350", "https://support.apple.com/en-us/126351", "https://support.apple.com/en-us/126352", "https://support.apple.com/en-us/126353" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sonoma and macOS Sequoia", "macOS Tahoe" ], "bugzilla": "304661", "credit": "EntryHi", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2026-20635", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/126346", "https://support.apple.com/en-us/126347", "https://support.apple.com/en-us/126348", "https://support.apple.com/en-us/126351", "https://support.apple.com/en-us/126352", "https://support.apple.com/en-us/126353", "https://support.apple.com/en-us/126354" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Sonoma and macOS Sequoia", "macOS Tahoe" ], "bugzilla": "304657", "credit": "EntryHi", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2026-20636", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/126346", "https://support.apple.com/en-us/126348", "https://support.apple.com/en-us/126353", "https://support.apple.com/en-us/126354" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XR, iPhone XS, iPhone XS Max, iPhone 11 (all models), iPhone SE (2nd generation), iPhone 12 (all models), iPhone 13 (all models), iPhone SE (3rd generation), iPhone 14 (all models), iPhone 15 (all models), iPhone 16 (all models), iPhone 16e, iPad mini (5th generation - A17 Pro), iPad (7th generation - A16), iPad Air (3rd - 5th generation), iPad Air 11-inch (M2 - M3), iPad Air 13-inch (M2 - M3), iPad Pro 11-inch (1st generation - M4), iPad Pro 12.9-inch (3rd - 6th generation), and iPad Pro 13-inch (M4)", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Johnny Franks (zeroxjf), an anonymous researcher", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2026-20637", "impact": "An app may be able to cause unexpected system termination", "links": [ "https://support.apple.com/en-us/126346", "https://support.apple.com/en-us/126348", "https://support.apple.com/en-us/126351", "https://support.apple.com/en-us/126352", "https://support.apple.com/en-us/126353", "https://support.apple.com/en-us/126793", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126796" ], "module": "AppleKeyStore", "rsr": "", "update": "" }, { "available": [ "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later" ], "credit": "Nils Hanff (@nils1729@chaos.social) of Hasso Plattner Institute", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2026-20638", "impact": "A user with Live Caller ID app extensions turned off could have identifying information leaked to the extensions", "links": [ "https://support.apple.com/en-us/126346" ], "module": "Call History", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "@cloudlldb of @pixiepointsec", "description": "An integer overflow was addressed with improved input validation.", "id": "CVE-2026-20639", "impact": "Processing a maliciously crafted string may lead to heap corruption", "links": [ "https://support.apple.com/en-us/126348", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126796" ], "module": "configd", "rsr": "", "update": "" }, { "available": [ "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later" ], "credit": "Jacob Prezant (prezant.us)", "description": "An inconsistent user interface issue was addressed with improved state management.", "id": "CVE-2026-20640", "impact": "An attacker with physical access to iPhone may be able to take and view screenshots of sensitive data from the iPhone during iPhone Mirroring with Mac", "links": [ "https://support.apple.com/en-us/126346" ], "module": "UIKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Gongyu Ma (@Mezone0)", "description": "A privacy issue was addressed with improved checks.", "id": "CVE-2026-20641", "impact": "An app may be able to identify what other apps a user has installed", "links": [ "https://support.apple.com/en-us/126346", "https://support.apple.com/en-us/126347", "https://support.apple.com/en-us/126348", "https://support.apple.com/en-us/126349", "https://support.apple.com/en-us/126350", "https://support.apple.com/en-us/126351", "https://support.apple.com/en-us/126352", "https://support.apple.com/en-us/126353" ], "module": "StoreKit", "rsr": "", "update": "" }, { "available": [ "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later" ], "credit": "Dalibor Milanovic", "description": "An input validation issue was addressed.", "id": "CVE-2026-20642", "impact": "A person with physical access to an iOS device may be able to access photos from the lock screen", "links": [ "https://support.apple.com/en-us/126346" ], "module": "Photos", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "iOS 26.3.1, iPadOS 26.3.1, macOS 26.3.1, macOS 26.3.2", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XR, iPhone XS, iPhone XS Max, iPhone 11 (all models), iPhone SE (2nd generation), iPhone 12 (all models), iPhone 13 (all models), iPhone SE (3rd generation), iPhone 14 (all models), iPhone 15 (all models), iPhone 16 (all models), iPhone 16e, iPad mini (5th generation - A17 Pro), iPad (7th generation - A16), iPad Air (3rd - 5th generation), iPad Air 11-inch (M2 - M3), iPad Air 13-inch (M2 - M3), iPad Pro 11-inch (1st generation - M4), iPad Pro 12.9-inch (3rd - 6th generation), and iPad Pro 13-inch (M4)", "macOS Sonoma and macOS Sequoia", "macOS Tahoe" ], "bugzilla": "306050", "credit": "Thomas Espach", "description": "A cross-origin issue in the Navigation API was addressed with improved input validation.", "id": "CVE-2026-20643", "impact": "Processing maliciously crafted web content may bypass Same Origin Policy", "links": [ "https://support.apple.com/en-us/126604", "https://support.apple.com/en-us/126792", "https://support.apple.com/en-us/126793", "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126799", "https://support.apple.com/en-us/126800" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sonoma and macOS Sequoia", "macOS Tahoe" ], "bugzilla": "303444", "credit": "HanQing from TSDubhe and Nan Wang (@eternalsakura13)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2026-20644", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/126346", "https://support.apple.com/en-us/126347", "https://support.apple.com/en-us/126348", "https://support.apple.com/en-us/126353", "https://support.apple.com/en-us/126354" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation" ], "credit": "Wong Wee Xiang and Loh Boon Keat", "description": "An inconsistent user interface issue was addressed with improved state management.", "id": "CVE-2026-20645", "impact": "An attacker with physical access to a locked device may be able to view sensitive user information", "links": [ "https://support.apple.com/en-us/126346", "https://support.apple.com/en-us/126347" ], "module": "Accessibility", "rsr": "", "update": "March 24, 2026" }, { "available": [ "macOS Tahoe" ], "credit": "Morris Richman (@morrisinlife)", "description": "A logging issue was addressed with improved data redaction.", "id": "CVE-2026-20646", "impact": "A malicious app may be able to read sensitive location information", "links": [ "https://support.apple.com/en-us/126348" ], "module": "Weather", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe" ], "credit": "Kirin (@Pwnrin)", "description": "This issue was addressed with improved data protection.", "id": "CVE-2026-20647", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/126348" ], "module": "Siri", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe" ], "credit": "Morris Richman (@morrisinlife)", "description": "A privacy issue was addressed by moving sensitive data to a protected location.", "id": "CVE-2026-20648", "impact": "A malicious app may be able to access notifications from other iCloud devices", "links": [ "https://support.apple.com/en-us/126348" ], "module": "Siri", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Tahoe" ], "credit": "Asaf Cohen", "description": "A logging issue was addressed with improved data redaction.", "id": "CVE-2026-20649", "impact": "A user may be able to view sensitive user information", "links": [ "https://support.apple.com/en-us/126346", "https://support.apple.com/en-us/126348", "https://support.apple.com/en-us/126351", "https://support.apple.com/en-us/126352" ], "module": "Game Center", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Tahoe" ], "credit": "jioundai", "description": "A denial-of-service issue was addressed with improved validation.", "id": "CVE-2026-20650", "impact": "An attacker in a privileged network position may be able to perform denial-of-service attack using crafted Bluetooth packets", "links": [ "https://support.apple.com/en-us/126346", "https://support.apple.com/en-us/126348", "https://support.apple.com/en-us/126351", "https://support.apple.com/en-us/126352", "https://support.apple.com/en-us/126353" ], "module": "Bluetooth", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Chunyu Song of NorthSea", "description": "A privacy issue was addressed with improved handling of temporary files.", "id": "CVE-2026-20651", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/126348", "https://support.apple.com/en-us/126350", "https://support.apple.com/en-us/126795" ], "module": "Messages", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sonoma and macOS Sequoia", "macOS Tahoe" ], "bugzilla": "303959", "credit": "Nathaniel Oh (@calysteon)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2026-20652", "impact": "A remote attacker may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/126346", "https://support.apple.com/en-us/126347", "https://support.apple.com/en-us/126348", "https://support.apple.com/en-us/126353", "https://support.apple.com/en-us/126354" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Enis Maholli (enismaholli.com)", "description": "A parsing issue in the handling of directory paths was addressed with improved path validation.", "id": "CVE-2026-20653", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/126346", "https://support.apple.com/en-us/126347", "https://support.apple.com/en-us/126348", "https://support.apple.com/en-us/126349", "https://support.apple.com/en-us/126350", "https://support.apple.com/en-us/126353" ], "module": "Shortcuts", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Tahoe" ], "credit": "Jian Lee (@speedyfriend433)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2026-20654", "impact": "An app may be able to cause unexpected system termination", "links": [ "https://support.apple.com/en-us/126346", "https://support.apple.com/en-us/126348", "https://support.apple.com/en-us/126351", "https://support.apple.com/en-us/126352", "https://support.apple.com/en-us/126353" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation" ], "credit": "Richard Hyunho Im (@richeeta) at Route Zero Security (routezero.security)", "description": "An authorization issue was addressed with improved state management.", "id": "CVE-2026-20655", "impact": "An attacker with physical access to a locked device may be able to view sensitive user information", "links": [ "https://support.apple.com/en-us/126346", "https://support.apple.com/en-us/126347" ], "module": "Live Captions", "rsr": "", "update": "" }, { "available": [ "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sonoma and macOS Sequoia", "macOS Tahoe" ], "credit": "Mickey Jin (@patch1t)", "description": "A logic issue was addressed with improved validation.", "id": "CVE-2026-20656", "impact": "An app may be able to access a user's Safari history", "links": [ "https://support.apple.com/en-us/126347", "https://support.apple.com/en-us/126348", "https://support.apple.com/en-us/126354" ], "module": "Safari", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XR, iPhone XS, iPhone XS Max, iPhone 11 (all models), iPhone SE (2nd generation), iPhone 12 (all models), iPhone 13 (all models), iPhone SE (3rd generation), iPhone 14 (all models), iPhone 15 (all models), iPhone 16 (all models), iPhone 16e, iPad mini (5th generation - A17 Pro), iPad (7th generation - A16), iPad Air (3rd - 5th generation), iPad Air 11-inch (M2 - M3), iPad Air 13-inch (M2 - M3), iPad Pro 11-inch (1st generation - M4), iPad Pro 12.9-inch (3rd - 6th generation), and iPad Pro 13-inch (M4)", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Andrew Becker", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2026-20657", "impact": "Parsing a maliciously crafted file may lead to an unexpected app termination", "links": [ "https://support.apple.com/en-us/126792", "https://support.apple.com/en-us/126793", "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126796", "https://support.apple.com/en-us/126799" ], "module": "Vision", "rsr": "", "update": "May 11, 2026" }, { "available": [ "macOS Tahoe" ], "credit": "Pwn2car", "description": "A package validation issue was addressed by blocking the vulnerable package.", "id": "CVE-2026-20658", "impact": "An app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/126348" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sequoia", "macOS Sonoma", "macOS Sonoma and macOS Sequoia", "macOS Tahoe" ], "credit": "Amy (amys.website)", "description": "A path handling issue was addressed with improved logic.", "id": "CVE-2026-20660", "impact": "A remote user may be able to write arbitrary files", "links": [ "https://support.apple.com/en-us/126346", "https://support.apple.com/en-us/126347", "https://support.apple.com/en-us/126348", "https://support.apple.com/en-us/126350", "https://support.apple.com/en-us/126353", "https://support.apple.com/en-us/126354", "https://support.apple.com/en-us/126795" ], "module": "CFNetwork", "rsr": "", "update": "" }, { "available": [ "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation" ], "credit": "Dalibor Milanovic", "description": "An authorization issue was addressed with improved state management.", "id": "CVE-2026-20661", "impact": "An attacker with physical access to a locked device may be able to view sensitive user information", "links": [ "https://support.apple.com/en-us/126346", "https://support.apple.com/en-us/126347" ], "module": "VoiceOver", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Tahoe" ], "credit": "Vivek Dhar, ASI (RM) in Border Security Force, FTR HQ BSF Kashmir", "description": "An authorization issue was addressed with improved state management.", "id": "CVE-2026-20662", "impact": "An attacker with physical access to a locked device may be able to view sensitive user information", "links": [ "https://support.apple.com/en-us/126348", "https://support.apple.com/en-us/126349" ], "module": "Siri", "rsr": "", "update": "" }, { "available": [ "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation" ], "credit": "Zhongcheng Li from IES Red Team", "description": "The issue was resolved by sanitizing logging.", "id": "CVE-2026-20663", "impact": "An app may be able to enumerate a user's installed apps", "links": [ "https://support.apple.com/en-us/126346", "https://support.apple.com/en-us/126347" ], "module": "LaunchServices", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Sonoma and macOS Sequoia", "macOS Tahoe" ], "bugzilla": "306136", "credit": "Yeonghyeon Choi, Daniel Rhea, S\u00f6hnke Benedikt Fischedick (Tripton), Emrovsky & Switch3301, Yevhen Pervushyn", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2026-20664", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/126792", "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126799", "https://support.apple.com/en-us/126800" ], "module": "WebKit", "rsr": "", "update": "May 11, 2026" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XR, iPhone XS, iPhone XS Max, iPhone 11 (all models), iPhone SE (2nd generation), iPhone 12 (all models), iPhone 13 (all models), iPhone SE (3rd generation), iPhone 14 (all models), iPhone 15 (all models), iPhone 16 (all models), iPhone 16e, iPad mini (5th generation - A17 Pro), iPad (7th generation - A16), iPad Air (3rd - 5th generation), iPad Air 11-inch (M2 - M3), iPad Air 13-inch (M2 - M3), iPad Pro 11-inch (1st generation - M4), iPad Pro 12.9-inch (3rd - 6th generation), and iPad Pro 13-inch (M4)", "macOS Sonoma and macOS Sequoia", "macOS Tahoe" ], "bugzilla": "304951", "credit": "webb", "description": "This issue was addressed through improved state management.", "id": "CVE-2026-20665", "impact": "Processing maliciously crafted web content may prevent Content Security Policy from being enforced", "links": [ "https://support.apple.com/en-us/126792", "https://support.apple.com/en-us/126793", "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126797", "https://support.apple.com/en-us/126798", "https://support.apple.com/en-us/126799", "https://support.apple.com/en-us/126800" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe" ], "credit": "an anonymous researcher", "description": "An authorization issue was addressed with improved state management.", "id": "CVE-2026-20666", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/126348" ], "module": "NSOpenPanel", "rsr": "", "update": "" }, { "available": [ "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "an anonymous researcher", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2026-20667", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/126346", "https://support.apple.com/en-us/126348", "https://support.apple.com/en-us/126349", "https://support.apple.com/en-us/126350", "https://support.apple.com/en-us/126352" ], "module": "libxpc", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XR, iPhone XS, iPhone XS Max, iPhone 11 (all models), iPhone SE (2nd generation), iPhone 12 (all models), iPhone 13 (all models), iPhone SE (3rd generation), iPhone 14 (all models), iPhone 15 (all models), iPhone 16 (all models), iPhone 16e, iPad mini (5th generation - A17 Pro), iPad (7th generation - A16), iPad Air (3rd - 5th generation), iPad Air 11-inch (M2 - M3), iPad Air 13-inch (M2 - M3), iPad Pro 11-inch (1st generation - M4), iPad Pro 12.9-inch (3rd - 6th generation), and iPad Pro 13-inch (M4)", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Kirin (@Pwnrin)", "description": "A logging issue was addressed with improved data redaction.", "id": "CVE-2026-20668", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/126346", "https://support.apple.com/en-us/126348", "https://support.apple.com/en-us/126353", "https://support.apple.com/en-us/126793", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126796" ], "module": "Focus", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe" ], "credit": "Mickey Jin (@patch1t)", "description": "A parsing issue in the handling of directory paths was addressed with improved path validation.", "id": "CVE-2026-20669", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/126348" ], "module": "Admin Framework", "rsr": "", "update": "" }, { "available": [ "macOS Sonoma", "macOS Tahoe" ], "credit": "Noah Gregory (wts.dev)", "description": "An authorization issue was addressed with improved state management.", "id": "CVE-2026-20670", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/126348", "https://support.apple.com/en-us/126350" ], "module": "AppleEvents", "rsr": "", "update": "March 24, 2026" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Xin'an Zhou, Juefei Pu, Zhutian Liu, Zhiyun Qian, Zhaowei Tan, Srikanth V. Krishnamurthy, Mathy Vanhoef", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2026-20671", "impact": "An attacker in a privileged network position may be able to intercept network traffic", "links": [ "https://support.apple.com/en-us/126346", "https://support.apple.com/en-us/126347", "https://support.apple.com/en-us/126348", "https://support.apple.com/en-us/126349", "https://support.apple.com/en-us/126350", "https://support.apple.com/en-us/126351", "https://support.apple.com/en-us/126352", "https://support.apple.com/en-us/126353" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "an anonymous researcher", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2026-20673", "impact": "Turning off \"Load remote content in messages\u201d may not apply to all mail previews", "links": [ "https://support.apple.com/en-us/126347", "https://support.apple.com/en-us/126348", "https://support.apple.com/en-us/126349", "https://support.apple.com/en-us/126350" ], "module": "Mail", "rsr": "", "update": "" }, { "available": [ "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later" ], "credit": "Jacob Prezant (prezant.us)", "description": "A privacy issue was addressed by removing sensitive data.", "id": "CVE-2026-20674", "impact": "An attacker with physical access to a locked device may be able to view sensitive user information", "links": [ "https://support.apple.com/en-us/126346" ], "module": "Accessibility", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "George Karchemsky (@gkarchemsky) working with Trend Micro Zero Day Initiative", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2026-20675", "impact": "Processing a maliciously crafted image may lead to disclosure of user information", "links": [ "https://support.apple.com/en-us/126346", "https://support.apple.com/en-us/126347", "https://support.apple.com/en-us/126348", "https://support.apple.com/en-us/126349", "https://support.apple.com/en-us/126350", "https://support.apple.com/en-us/126351", "https://support.apple.com/en-us/126352", "https://support.apple.com/en-us/126353" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Sonoma and macOS Sequoia", "macOS Tahoe" ], "bugzilla": "305020", "credit": "Tom Van Goethem", "description": "This issue was addressed through improved state management.", "id": "CVE-2026-20676", "impact": "A website may be able to track users through Safari web extensions", "links": [ "https://support.apple.com/en-us/126346", "https://support.apple.com/en-us/126348", "https://support.apple.com/en-us/126353", "https://support.apple.com/en-us/126354" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sonoma", "macOS Tahoe" ], "credit": "Ron Masas of BreakPoint.SH", "description": "A race condition was addressed with improved handling of symbolic links.", "id": "CVE-2026-20677", "impact": "A shortcut may be able to bypass sandbox restrictions", "links": [ "https://support.apple.com/en-us/126346", "https://support.apple.com/en-us/126347", "https://support.apple.com/en-us/126348", "https://support.apple.com/en-us/126350", "https://support.apple.com/en-us/126353" ], "module": "Messages", "rsr": "", "update": "" }, { "available": [ "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation" ], "credit": "\u00d3scar Garc\u00eda P\u00e9rez, Stanislav Jelezoglo", "description": "An authorization issue was addressed with improved state management.", "id": "CVE-2026-20678", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/126346", "https://support.apple.com/en-us/126347" ], "module": "Sandbox Profiles", "rsr": "", "update": "" }, { "available": [ "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "an anonymous researcher", "description": "The issue was addressed with additional restrictions on the observability of app states.", "id": "CVE-2026-20680", "impact": "A sandboxed app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/126346", "https://support.apple.com/en-us/126347", "https://support.apple.com/en-us/126348", "https://support.apple.com/en-us/126349", "https://support.apple.com/en-us/126350" ], "module": "Spotlight", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe" ], "credit": "Kirin (@Pwnrin) and LFY (@secsys) from Fudan University", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2026-20681", "impact": "An app may be able to access information about a user's contacts", "links": [ "https://support.apple.com/en-us/126348" ], "module": "Contacts", "rsr": "", "update": "" }, { "available": [ "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation" ], "credit": "Viktor Lord H\u00e4rringt\u00f3n", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2026-20682", "impact": "An attacker may be able to discover a user\u2019s deleted notes", "links": [ "https://support.apple.com/en-us/126346", "https://support.apple.com/en-us/126347" ], "module": "Screenshots", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe" ], "credit": "Koh M. Nakagawa (@tsunek0h) of FFRI Security, Inc.", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2026-20684", "impact": "An app may bypass Gatekeeper checks", "links": [ "https://support.apple.com/en-us/126794" ], "module": "AppleScript", "rsr": "", "update": "" }, { "available": [ "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later" ], "credit": "Atul Kishor Jaiswal", "description": "This issue was addressed with improved input validation.", "id": "CVE-2026-20686", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/126346" ], "module": "Contacts", "rsr": "", "update": "March 24, 2026" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XR, iPhone XS, iPhone XS Max, iPhone 11 (all models), iPhone SE (2nd generation), iPhone 12 (all models), iPhone 13 (all models), iPhone SE (3rd generation), iPhone 14 (all models), iPhone 15 (all models), iPhone 16 (all models), iPhone 16e, iPad mini (5th generation - A17 Pro), iPad (7th generation - A16), iPad Air (3rd - 5th generation), iPad Air 11-inch (M2 - M3), iPad Air 13-inch (M2 - M3), iPad Pro 11-inch (1st generation - M4), iPad Pro 12.9-inch (3rd - 6th generation), and iPad Pro 13-inch (M4)", "macOS Sequoia", "macOS Tahoe" ], "credit": "Johnny Franks (@zeroxjf)", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2026-20687", "impact": "An app may be able to cause unexpected system termination or write kernel memory", "links": [ "https://support.apple.com/en-us/126792", "https://support.apple.com/en-us/126793", "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126797", "https://support.apple.com/en-us/126798" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "wdszzml and Atuin Automated Vulnerability Discovery Engine", "description": "A path handling issue was addressed with improved validation.", "id": "CVE-2026-20688", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/126792", "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126796", "https://support.apple.com/en-us/126799" ], "module": "Printing", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XR, iPhone XS, iPhone XS Max, iPhone 11 (all models), iPhone SE (2nd generation), iPhone 12 (all models), iPhone 13 (all models), iPhone SE (3rd generation), iPhone 14 (all models), iPhone 15 (all models), iPhone 16 (all models), iPhone 16e, iPad mini (5th generation - A17 Pro), iPad (7th generation - A16), iPad Air (3rd - 5th generation), iPad Air 11-inch (M2 - M3), iPad Air 13-inch (M2 - M3), iPad Pro 11-inch (1st generation - M4), iPad Pro 12.9-inch (3rd - 6th generation), and iPad Pro 13-inch (M4)", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Hossein Lotfi (@hosselot) of TrendAI Zero Day Initiative", "description": "An out-of-bounds access issue was addressed with improved bounds checking.", "id": "CVE-2026-20690", "impact": "Processing an audio stream in a maliciously crafted media file may terminate the process", "links": [ "https://support.apple.com/en-us/126792", "https://support.apple.com/en-us/126793", "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126796", "https://support.apple.com/en-us/126797", "https://support.apple.com/en-us/126798", "https://support.apple.com/en-us/126799" ], "module": "CoreMedia", "rsr": "", "update": "May 11, 2026" }, { "available": [ "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Sonoma and macOS Sequoia", "macOS Tahoe" ], "bugzilla": "306827", "credit": "Gongyu Ma (@Mezone0)", "description": "An authorization issue was addressed with improved state management.", "id": "CVE-2026-20691", "impact": "A maliciously crafted webpage may be able to fingerprint the user", "links": [ "https://support.apple.com/en-us/126792", "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126798", "https://support.apple.com/en-us/126799", "https://support.apple.com/en-us/126800" ], "module": "WebKit Sandboxing", "rsr": "", "update": "" }, { "available": [ "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Andreas Jaegersberger & Ro Achterberg of Nosebeard Labs, Himanshu Bharti (@Xpl0itme) from Khatima", "description": "A privacy issue was addressed with improved handling of user preferences.", "id": "CVE-2026-20692", "impact": "\"Hide IP Address\" and \"Block All Remote Content\" may not apply to all mail content", "links": [ "https://support.apple.com/en-us/126792", "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126796" ], "module": "Mail", "rsr": "", "update": "May 11, 2026" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed through improved state management.", "id": "CVE-2026-20693", "impact": "An attacker with root privileges may be able to delete protected system files", "links": [ "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126796" ], "module": "PackageKit", "rsr": "", "update": "" }, { "available": [ "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Rodolphe Brunetti (@eisw0lf) of Lupus Nova", "description": "This issue was addressed with improved handling of symlinks.", "id": "CVE-2026-20694", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/126346", "https://support.apple.com/en-us/126348", "https://support.apple.com/en-us/126349", "https://support.apple.com/en-us/126350", "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126796" ], "module": "MigrationKit", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Gor Aleksanyan, \uc774\ub3d9\ud558 (Lee Dong Ha of BoB 0xB6) working with TrendAI Zero Day Initiative, hari shanmugam", "description": "An information disclosure issue was addressed with improved memory management.", "id": "CVE-2026-20695", "impact": "An app may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126796" ], "module": "Kernel", "rsr": "", "update": "May 11, 2026" }, { "available": [ "macOS Tahoe" ], "credit": "an anonymous researcher", "description": "An authorization issue was addressed with improved state management.", "id": "CVE-2026-20696", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/126794" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "May 11, 2026" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "@pixiepointsec", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2026-20697", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126796" ], "module": "Spotlight", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Tahoe" ], "credit": "DARKNAVY (@DarkNavyOrg)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2026-20698", "impact": "An app may be able to cause unexpected system termination or corrupt kernel memory", "links": [ "https://support.apple.com/en-us/126792", "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126797", "https://support.apple.com/en-us/126798", "https://support.apple.com/en-us/126799" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Mickey Jin (@patch1t)", "description": "A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions.", "id": "CVE-2026-20699", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/126348", "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126796" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Tahoe" ], "credit": "Google Threat Analysis Group", "description": "A memory corruption issue was addressed with improved state management.", "id": "CVE-2026-20700", "impact": "An attacker with memory write capability may be able to execute arbitrary code. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26. CVE-2025-14174 and CVE-2025-43529 were also issued in response to this report.", "links": [ "https://support.apple.com/en-us/126346", "https://support.apple.com/en-us/126348", "https://support.apple.com/en-us/126351", "https://support.apple.com/en-us/126352", "https://support.apple.com/en-us/126353" ], "module": "dyld", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Matej Moravec (@MacejkoMoravec)", "description": "An access issue was addressed with additional sandbox restrictions.", "id": "CVE-2026-20701", "impact": "An app may be able to connect to a network share without user consent", "links": [ "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126796" ], "module": "NetAuth", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Dawuge of Shuffle Team and Hunan University", "description": "A path handling issue was addressed with improved validation.", "id": "CVE-2026-28816", "impact": "An app may be able to delete files for which it does not have permission", "links": [ "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126796" ], "module": "Notes", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Gyujeong Jin (@G1uN4sh) at Team.0xb6", "description": "A race condition was addressed with improved state handling.", "id": "CVE-2026-28817", "impact": "A sandboxed process may be able to circumvent sandbox restrictions", "links": [ "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126796" ], "module": "Printing", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "@pixiepointsec", "description": "A logging issue was addressed with improved data redaction.", "id": "CVE-2026-28818", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126796" ], "module": "Spotlight", "rsr": "", "update": "" }, { "available": [ "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Wang Yu", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2026-28819", "impact": "An app may be able to execute arbitrary code with kernel privileges", "links": [ "https://support.apple.com/en-us/127111", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127116", "https://support.apple.com/en-us/127117" ], "module": "Wi-Fi", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe" ], "credit": "Mickey Jin (@patch1t)", "description": "This issue was addressed with improved checks.", "id": "CVE-2026-28820", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/126794" ], "module": "StorageKit", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "YingQi Shi (@Mas0nShi) of DBAppSecurity's WeBin lab", "description": "A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement.", "id": "CVE-2026-28821", "impact": "An app may be able to gain elevated privileges", "links": [ "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126796" ], "module": "CoreServices", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Jex Amro", "description": "A type confusion issue was addressed with improved memory handling.", "id": "CVE-2026-28822", "impact": "An attacker may be able to cause unexpected app termination", "links": [ "https://support.apple.com/en-us/126792", "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126796", "https://support.apple.com/en-us/126797", "https://support.apple.com/en-us/126798", "https://support.apple.com/en-us/126799" ], "module": "Audio", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe" ], "credit": "Ryan Dowd (@_rdowd)", "description": "A path handling issue was addressed with improved validation.", "id": "CVE-2026-28823", "impact": "An app with root privileges may be able to delete protected system files", "links": [ "https://support.apple.com/en-us/126794" ], "module": "Admin Framework", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Mickey Jin (@patch1t)", "description": "An authorization issue was addressed with improved state management.", "id": "CVE-2026-28824", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126796" ], "module": "AppleMobileFileIntegrity", "rsr": "", "update": "May 11, 2026" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Sreejith Krishnan R and Dave G.", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2026-28825", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126796" ], "module": "SMB", "rsr": "", "update": "May 11, 2026" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "an anonymous researcher", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2026-28826", "impact": "A malicious app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126796" ], "module": "NSColorPanel", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Csaba Fitzl (@theevilbit) of Iru, an anonymous researcher", "description": "A parsing issue in the handling of directory paths was addressed with improved path validation.", "id": "CVE-2026-28827", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126796" ], "module": "NetFSFramework", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Mickey Jin (@patch1t)", "description": "A permissions issue was addressed by removing the vulnerable code.", "id": "CVE-2026-28828", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126796" ], "module": "TCC", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Sreejith Krishnan R", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2026-28829", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126796" ], "module": "WebDAV", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe" ], "credit": "an anonymous researcher", "description": "A race condition was addressed with additional validation.", "id": "CVE-2026-28830", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/126794" ], "module": "Security", "rsr": "", "update": "May 11, 2026" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "an anonymous researcher", "description": "An authorization issue was addressed with improved state management.", "id": "CVE-2026-28831", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126796" ], "module": "Printing", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "DARKNAVY (@DarkNavyOrg)", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2026-28832", "impact": "An app may be able to disclose kernel memory", "links": [ "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126796" ], "module": "File System", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Tahoe" ], "credit": "Zhongcheng Li from IES Red Team", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2026-28833", "impact": "An app may be able to enumerate a user's installed apps", "links": [ "https://support.apple.com/en-us/126792", "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126799" ], "module": "iCloud", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "an anonymous researcher", "description": "A race condition was addressed with improved state handling.", "id": "CVE-2026-28834", "impact": "An app may be able to cause unexpected system termination", "links": [ "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126796" ], "module": "GPU Drivers", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Christian Kohlsch\u00fctter", "description": "A use-after-free issue was addressed with improved memory management.", "id": "CVE-2026-28835", "impact": "Mounting a maliciously crafted SMB network share may lead to system termination", "links": [ "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126796" ], "module": "SMB", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe" ], "credit": "Luke Roberts (@rookuu)", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2026-28837", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/126794" ], "module": "System Settings", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "an anonymous researcher", "description": "A permissions issue was addressed with additional sandbox restrictions.", "id": "CVE-2026-28838", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126796" ], "module": "CoreServices", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Mickey Jin (@patch1t)", "description": "The issue was addressed with improved checks.", "id": "CVE-2026-28839", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126796" ], "module": "NetAuth", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Morris Richman (@morrisinlife), Andrei Dodu", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2026-28840", "impact": "An app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/127116", "https://support.apple.com/en-us/127117" ], "module": "PackageKit", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe" ], "credit": "Joseph Ravichandran (@0xjprx) of MIT CSAIL", "description": "A buffer overflow was addressed with improved size validation.", "id": "CVE-2026-28841", "impact": "A buffer overflow may result in memory corruption and unexpected app termination", "links": [ "https://support.apple.com/en-us/126794" ], "module": "IOGraphics", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe" ], "credit": "Joseph Ravichandran (@0xjprx) of MIT CSAIL", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2026-28842", "impact": "A buffer overflow may result in memory corruption and unexpected app termination", "links": [ "https://support.apple.com/en-us/126794" ], "module": "IOGraphics", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe" ], "credit": "Pedro T\u00f4rres (@t0rr3sp3dr0)", "description": "A file access issue was addressed with improved input validation.", "id": "CVE-2026-28844", "impact": "An attacker may gain access to protected parts of the file system", "links": [ "https://support.apple.com/en-us/126794" ], "module": "SystemMigration", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe" ], "credit": "Yuebin Sun (@yuebinsun2020), an anonymous researcher, Nathaniel Oh (@calysteon), Kirin (@Pwnrin), Wojciech Regula of SecuRing (wojciechregula.blog), Joshua Jewett (@JoshJewett33), an anonymous researcher", "description": "An authorization issue was addressed with improved state management.", "id": "CVE-2026-28845", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/126794" ], "module": "LaunchServices", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Peter Malone", "description": "A buffer overflow was addressed with improved bounds checking.", "id": "CVE-2026-28846", "impact": "A remote attacker may be able to cause unexpected app termination", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127111", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127116", "https://support.apple.com/en-us/127117", "https://support.apple.com/en-us/127118", "https://support.apple.com/en-us/127119", "https://support.apple.com/en-us/127120" ], "module": "SceneKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Tahoe" ], "bugzilla": "308707", "credit": "DARKNAVY (@DarkNavyOrg), Anonymous working with TrendAI Zero Day Initiative, Daniel Rhea", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2026-28847", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127111", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127118", "https://support.apple.com/en-us/127119", "https://support.apple.com/en-us/127120" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Tahoe" ], "credit": "Peter Malone, Dave G. and Alex Radocea of Supernetworks", "description": "A buffer overflow was addressed with improved bounds checking.", "id": "CVE-2026-28848", "impact": "A remote attacker may be able to cause unexpected system termination", "links": [ "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127116" ], "module": "SMB", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XR, iPhone XS, iPhone XS Max, iPhone 11 (all models), iPhone SE (2nd generation), iPhone 12 (all models), iPhone 13 (all models), iPhone SE (3rd generation), iPhone 14 (all models), iPhone 15 (all models), iPhone 16 (all models), iPhone 16e, iPad mini (5th generation - A17 Pro), iPad (7th generation - A16), iPad Air (3rd - 5th generation), iPad Air 11-inch (M2 - M3), iPad Air 13-inch (M2 - M3), iPad Pro 11-inch (1st generation - M4), iPad Pro 12.9-inch (3rd - 6th generation), and iPad Pro 13-inch (M4)", "macOS Sequoia", "macOS Tahoe" ], "credit": "Caspian Tarafdar", "description": "A stack overflow was addressed with improved input validation.", "id": "CVE-2026-28852", "impact": "An app may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/126792", "https://support.apple.com/en-us/126793", "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126797", "https://support.apple.com/en-us/126798", "https://support.apple.com/en-us/126799" ], "module": "UIFoundation", "rsr": "", "update": "" }, { "available": [ "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Tahoe" ], "credit": "Kirin (@Pwnrin)", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2026-28855", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/126346", "https://support.apple.com/en-us/126348" ], "module": "Screen Time", "rsr": "", "update": "March 24, 2026" }, { "available": [ "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later" ], "credit": "an anonymous researcher", "description": "The issue was addressed with improved authentication.", "id": "CVE-2026-28856", "impact": "An attacker with physical access to a locked device may be able to view sensitive user information", "links": [ "https://support.apple.com/en-us/126792", "https://support.apple.com/en-us/126798", "https://support.apple.com/en-us/126799" ], "module": "Siri", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Sonoma and macOS Sequoia", "macOS Tahoe" ], "bugzilla": "307723", "credit": "Minse Kim, Narcis Oliveras Font\u00e0s, S\u00f6hnke Benedikt Fischedick (Tripton), Daniel Rhea, Nathaniel Oh (@calysteon)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2026-28857", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/126792", "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126799", "https://support.apple.com/en-us/126800" ], "module": "WebKit", "rsr": "", "update": "May 11, 2026" }, { "available": [ "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later" ], "credit": "Hazem Issa and Yongdae Kim @ SysSec, KAIST", "description": "A buffer overflow was addressed with improved bounds checking.", "id": "CVE-2026-28858", "impact": "A remote user may be able to cause unexpected system termination or corrupt kernel memory", "links": [ "https://support.apple.com/en-us/126792" ], "module": "Telephony", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Sonoma and macOS Sequoia", "macOS Tahoe" ], "bugzilla": "308248", "credit": "greenbynox, Arni Hardarson, and an anonymous researcher", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2026-28859", "impact": "A malicious website may be able to process restricted web content outside the sandbox", "links": [ "https://support.apple.com/en-us/126792", "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126797", "https://support.apple.com/en-us/126798", "https://support.apple.com/en-us/126799", "https://support.apple.com/en-us/126800" ], "module": "WebKit", "rsr": "", "update": "May 11, 2026" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XR, iPhone XS, iPhone XS Max, iPhone 11 (all models), iPhone SE (2nd generation), iPhone 12 (all models), iPhone 13 (all models), iPhone SE (3rd generation), iPhone 14 (all models), iPhone 15 (all models), iPhone 16 (all models), iPhone 16e, iPad mini (5th generation - A17 Pro), iPad (7th generation - A16), iPad Air (3rd - 5th generation), iPad Air 11-inch (M2 - M3), iPad Air 13-inch (M2 - M3), iPad Pro 11-inch (1st generation - M4), iPad Pro 12.9-inch (3rd - 6th generation), and iPad Pro 13-inch (M4)", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Alex Radocea", "description": "The issue was addressed with improved input validation.", "id": "CVE-2026-28860", "impact": "A local attacker may be able to modify the state of the Keychain", "links": [ "https://support.apple.com/en-us/126792", "https://support.apple.com/en-us/126793", "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126796", "https://support.apple.com/en-us/126797", "https://support.apple.com/en-us/126798", "https://support.apple.com/en-us/126799" ], "module": "Security", "rsr": "", "update": "May 11, 2026" }, { "available": [ "Apple Vision Pro (all models)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XR, iPhone XS, iPhone XS Max, iPhone 11 (all models), iPhone SE (2nd generation), iPhone 12 (all models), iPhone 13 (all models), iPhone SE (3rd generation), iPhone 14 (all models), iPhone 15 (all models), iPhone 16 (all models), iPhone 16e, iPad mini (5th generation - A17 Pro), iPad (7th generation - A16), iPad Air (3rd - 5th generation), iPad Air 11-inch (M2 - M3), iPad Air 13-inch (M2 - M3), iPad Pro 11-inch (1st generation - M4), iPad Pro 12.9-inch (3rd - 6th generation), and iPad Pro 13-inch (M4)", "macOS Sonoma and macOS Sequoia", "macOS Tahoe" ], "bugzilla": "307014", "credit": "Hongze Wu and Shuaike Dong from Ant Group Infrastructure Security Team, and webb", "description": "A logic issue was addressed with improved state management.", "id": "CVE-2026-28861", "impact": "A malicious website may be able to access script message handlers intended for other origins", "links": [ "https://support.apple.com/en-us/126792", "https://support.apple.com/en-us/126793", "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126799", "https://support.apple.com/en-us/126800" ], "module": "WebKit", "rsr": "", "update": "May 11, 2026" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Kun Peeks (@SwayZGl1tZyyy)", "description": "A privacy issue was addressed with improved private data redaction for log entries.", "id": "CVE-2026-28862", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126796" ], "module": "Phone", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later" ], "credit": "Gongyu Ma (@Mezone0)", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2026-28863", "impact": "An app may be able to fingerprint the user", "links": [ "https://support.apple.com/en-us/126792", "https://support.apple.com/en-us/126797", "https://support.apple.com/en-us/126798", "https://support.apple.com/en-us/126799" ], "module": "Sandbox Profiles", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XR, iPhone XS, iPhone XS Max, iPhone 11 (all models), iPhone SE (2nd generation), iPhone 12 (all models), iPhone 13 (all models), iPhone SE (3rd generation), iPhone 14 (all models), iPhone 15 (all models), iPhone 16 (all models), iPhone 16e, iPad mini (5th generation - A17 Pro), iPad (7th generation - A16), iPad Air (3rd - 5th generation), iPad Air 11-inch (M2 - M3), iPad Air 13-inch (M2 - M3), iPad Pro 11-inch (1st generation - M4), iPad Pro 12.9-inch (3rd - 6th generation), and iPad Pro 13-inch (M4)", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Alex Radocea", "description": "This issue was addressed with improved permissions checking.", "id": "CVE-2026-28864", "impact": "A local attacker may gain access to user's Keychain items", "links": [ "https://support.apple.com/en-us/126792", "https://support.apple.com/en-us/126793", "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126796", "https://support.apple.com/en-us/126798", "https://support.apple.com/en-us/126799" ], "module": "Security", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XR, iPhone XS, iPhone XS Max, iPhone 11 (all models), iPhone SE (2nd generation), iPhone 12 (all models), iPhone 13 (all models), iPhone SE (3rd generation), iPhone 14 (all models), iPhone 15 (all models), iPhone 16 (all models), iPhone 16e, iPad mini (5th generation - A17 Pro), iPad (7th generation - A16), iPad Air (3rd - 5th generation), iPad Air 11-inch (M2 - M3), iPad Air 13-inch (M2 - M3), iPad Pro 11-inch (1st generation - M4), iPad Pro 12.9-inch (3rd - 6th generation), and iPad Pro 13-inch (M4)", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "H\u00e9lo\u00efse Gollier and Mathy Vanhoef (KU Leuven)", "description": "An authentication issue was addressed with improved state management.", "id": "CVE-2026-28865", "impact": "An attacker in a privileged network position may be able to intercept network traffic", "links": [ "https://support.apple.com/en-us/126792", "https://support.apple.com/en-us/126793", "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126796", "https://support.apple.com/en-us/126797", "https://support.apple.com/en-us/126798", "https://support.apple.com/en-us/126799" ], "module": "802.1X", "rsr": "", "update": "" }, { "available": [ "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XR, iPhone XS, iPhone XS Max, iPhone 11 (all models), iPhone SE (2nd generation), iPhone 12 (all models), iPhone 13 (all models), iPhone SE (3rd generation), iPhone 14 (all models), iPhone 15 (all models), iPhone 16 (all models), iPhone 16e, iPad mini (5th generation - A17 Pro), iPad (7th generation - A16), iPad Air (3rd - 5th generation), iPad Air 11-inch (M2 - M3), iPad Air 13-inch (M2 - M3), iPad Pro 11-inch (1st generation - M4), iPad Pro 12.9-inch (3rd - 6th generation), and iPad Pro 13-inch (M4)", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Cristian Dinca (icmd.tech)", "description": "This issue was addressed with improved validation of symlinks.", "id": "CVE-2026-28866", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/126792", "https://support.apple.com/en-us/126793", "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126796" ], "module": "Clipboard", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XR, iPhone XS, iPhone XS Max, iPhone 11 (all models), iPhone SE (2nd generation), iPhone 12 (all models), iPhone 13 (all models), iPhone SE (3rd generation), iPhone 14 (all models), iPhone 15 (all models), iPhone 16 (all models), iPhone 16e, iPad mini (5th generation - A17 Pro), iPad (7th generation - A16), iPad Air (3rd - 5th generation), iPad Air 11-inch (M2 - M3), iPad Air 13-inch (M2 - M3), iPad Pro 11-inch (1st generation - M4), iPad Pro 12.9-inch (3rd - 6th generation), and iPad Pro 13-inch (M4)", "macOS Sequoia", "macOS Tahoe" ], "credit": "Jian Lee (@speedyfriend433)", "description": "This issue was addressed with improved authentication.", "id": "CVE-2026-28867", "impact": "An app may be able to leak sensitive kernel state", "links": [ "https://support.apple.com/en-us/126792", "https://support.apple.com/en-us/126793", "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126797", "https://support.apple.com/en-us/126798", "https://support.apple.com/en-us/126799" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XR, iPhone XS, iPhone XS Max, iPhone 11 (all models), iPhone SE (2nd generation), iPhone 12 (all models), iPhone 13 (all models), iPhone SE (3rd generation), iPhone 14 (all models), iPhone 15 (all models), iPhone 16 (all models), iPhone 16e, iPad mini (5th generation - A17 Pro), iPad (7th generation - A16), iPad Air (3rd - 5th generation), iPad Air 11-inch (M2 - M3), iPad Air 13-inch (M2 - M3), iPad Pro 11-inch (1st generation - M4), iPad Pro 12.9-inch (3rd - 6th generation), and iPad Pro 13-inch (M4)", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Gor Aleksanyan, Dhiyanesh Selvaraj (@redroot97), \uc774\ub3d9\ud558 (Lee Dong Ha of BoB 0xB6)", "description": "A logging issue was addressed with improved data redaction.", "id": "CVE-2026-28868", "impact": "An app may be able to disclose kernel memory", "links": [ "https://support.apple.com/en-us/126792", "https://support.apple.com/en-us/126793", "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126796", "https://support.apple.com/en-us/126798", "https://support.apple.com/en-us/126799" ], "module": "Kernel", "rsr": "", "update": "May 11, 2026" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Tahoe" ], "credit": "XiguaSec", "description": "An information leakage was addressed with additional validation.", "id": "CVE-2026-28870", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/126792", "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126797", "https://support.apple.com/en-us/126798", "https://support.apple.com/en-us/126799", "https://support.apple.com/en-us/127111" ], "module": "GeoServices", "rsr": "", "update": "" }, { "available": [ "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XR, iPhone XS, iPhone XS Max, iPhone 11 (all models), iPhone SE (2nd generation), iPhone 12 (all models), iPhone 13 (all models), iPhone SE (3rd generation), iPhone 14 (all models), iPhone 15 (all models), iPhone 16 (all models), iPhone 16e, iPad mini (5th generation - A17 Pro), iPad (7th generation - A16), iPad Air (3rd - 5th generation), iPad Air 11-inch (M2 - M3), iPad Air 13-inch (M2 - M3), iPad Pro 11-inch (1st generation - M4), iPad Pro 12.9-inch (3rd - 6th generation), and iPad Pro 13-inch (M4)", "macOS Sonoma and macOS Sequoia", "macOS Tahoe" ], "bugzilla": "305859", "credit": "@hamayanhamayan", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2026-28871", "impact": "Visiting a maliciously crafted website may lead to a cross-site scripting attack", "links": [ "https://support.apple.com/en-us/126792", "https://support.apple.com/en-us/126793", "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126800" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation" ], "credit": "Alvin Aries Tapia", "description": "A resource exhaustion issue was addressed with improved input validation.", "id": "CVE-2026-28872", "impact": "A remote attacker may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/126792", "https://support.apple.com/en-us/127111" ], "module": "Calendar", "rsr": "", "update": "" }, { "available": [ "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation" ], "credit": "Guy Dor", "description": "This issue was addressed with additional entitlement checks.", "id": "CVE-2026-28873", "impact": "An app may be able to circumvent App Privacy Report logging", "links": [ "https://support.apple.com/en-us/126792", "https://support.apple.com/en-us/127111" ], "module": "Privacy", "rsr": "", "update": "" }, { "available": [ "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later" ], "credit": "Hazem Issa, Tuan D. Hoang, and Yongdae Kim @ SysSec, KAIST", "description": "The issue was addressed with improved checks.", "id": "CVE-2026-28874", "impact": "A remote attacker may cause an unexpected app termination", "links": [ "https://support.apple.com/en-us/126792" ], "module": "Baseband", "rsr": "", "update": "" }, { "available": [ "iPhone 16e" ], "credit": "Tuan D. Hoang, Hazem Issa, and Yongdae Kim @ KAIST SysSec Lab", "description": "A buffer overflow was addressed with improved bounds checking.", "id": "CVE-2026-28875", "impact": "A remote attacker may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/126792" ], "module": "Baseband", "rsr": "", "update": "May 11, 2026" }, { "available": [ "Apple Vision Pro (all models)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XR, iPhone XS, iPhone XS Max, iPhone 11 (all models), iPhone SE (2nd generation), iPhone 12 (all models), iPhone 13 (all models), iPhone SE (3rd generation), iPhone 14 (all models), iPhone 15 (all models), iPhone 16 (all models), iPhone 16e, iPad mini (5th generation - A17 Pro), iPad (7th generation - A16), iPad Air (3rd - 5th generation), iPad Air 11-inch (M2 - M3), iPad Air 13-inch (M2 - M3), iPad Pro 11-inch (1st generation - M4), iPad Pro 12.9-inch (3rd - 6th generation), and iPad Pro 13-inch (M4)", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Andreas Jaegersberger & Ro Achterberg of Nosebeard Labs", "description": "A parsing issue in the handling of directory paths was addressed with improved path validation.", "id": "CVE-2026-28876", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/126792", "https://support.apple.com/en-us/126793", "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126796", "https://support.apple.com/en-us/126799" ], "module": "DeviceLink", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Rosyna Keller of Totally Not Malicious Software", "description": "An authorization issue was addressed with improved state management.", "id": "CVE-2026-28877", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/126792", "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126796", "https://support.apple.com/en-us/126798", "https://support.apple.com/en-us/126799", "https://support.apple.com/en-us/127111" ], "module": "Accounts", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XR, iPhone XS, iPhone XS Max, iPhone 11 (all models), iPhone SE (2nd generation), iPhone 12 (all models), iPhone 13 (all models), iPhone SE (3rd generation), iPhone 14 (all models), iPhone 15 (all models), iPhone 16 (all models), iPhone 16e, iPad mini (5th generation - A17 Pro), iPad (7th generation - A16), iPad Air (3rd - 5th generation), iPad Air 11-inch (M2 - M3), iPad Air 13-inch (M2 - M3), iPad Pro 11-inch (1st generation - M4), iPad Pro 12.9-inch (3rd - 6th generation), and iPad Pro 13-inch (M4)", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Zhongcheng Li from IES Red Team", "description": "A privacy issue was addressed by removing sensitive data.", "id": "CVE-2026-28878", "impact": "An app may be able to enumerate a user's installed apps", "links": [ "https://support.apple.com/en-us/126792", "https://support.apple.com/en-us/126793", "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126796", "https://support.apple.com/en-us/126797", "https://support.apple.com/en-us/126798", "https://support.apple.com/en-us/126799", "https://support.apple.com/en-us/127116" ], "module": "Crash Reporter", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XR, iPhone XS, iPhone XS Max, iPhone 11 (all models), iPhone SE (2nd generation), iPhone 12 (all models), iPhone 13 (all models), iPhone SE (3rd generation), iPhone 14 (all models), iPhone 15 (all models), iPhone 16 (all models), iPhone 16e, iPad mini (5th generation - A17 Pro), iPad (7th generation - A16), iPad Air (3rd - 5th generation), iPad Air 11-inch (M2 - M3), iPad Air 13-inch (M2 - M3), iPad Pro 11-inch (1st generation - M4), iPad Pro 12.9-inch (3rd - 6th generation), and iPad Pro 13-inch (M4)", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Justin Cohen of Google", "description": "A use-after-free issue was addressed with improved memory management.", "id": "CVE-2026-28879", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/126792", "https://support.apple.com/en-us/126793", "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126796", "https://support.apple.com/en-us/126797", "https://support.apple.com/en-us/126798", "https://support.apple.com/en-us/126799" ], "module": "Audio", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XR, iPhone XS, iPhone XS Max, iPhone 11 (all models), iPhone SE (2nd generation), iPhone 12 (all models), iPhone 13 (all models), iPhone SE (3rd generation), iPhone 14 (all models), iPhone 15 (all models), iPhone 16 (all models), iPhone 16e, iPad mini (5th generation - A17 Pro), iPad (7th generation - A16), iPad Air (3rd - 5th generation), iPad Air 11-inch (M2 - M3), iPad Air 13-inch (M2 - M3), iPad Pro 11-inch (1st generation - M4), iPad Pro 12.9-inch (3rd - 6th generation), and iPad Pro 13-inch (M4)", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Zhongcheng Li from IES Red Team", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2026-28880", "impact": "An app may be able to enumerate a user's installed apps", "links": [ "https://support.apple.com/en-us/126792", "https://support.apple.com/en-us/126793", "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126796", "https://support.apple.com/en-us/126799" ], "module": "iCloud", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe" ], "credit": "Ye Zhang of Baidu Security, Ryan Dowd (@_rdowd), Csaba Fitzl (@theevilbit) of Iru", "description": "A privacy issue was addressed by moving sensitive data.", "id": "CVE-2026-28881", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/126794" ], "module": "iCloud", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Tahoe" ], "credit": "Ilya Andr (andrd3v), Ilias Morad (A2nkF) of Voynich Group, Duy Tr\u1ea7n (@khanhduytran0), @hugeBlack", "description": "This issue was addressed with improved checks.", "id": "CVE-2026-28882", "impact": "An app may be able to enumerate a user's installed apps", "links": [ "https://support.apple.com/en-us/126792", "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126797", "https://support.apple.com/en-us/126798", "https://support.apple.com/en-us/126799", "https://support.apple.com/en-us/127111" ], "module": "libxpc", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Tahoe" ], "bugzilla": "313939", "credit": "kwak kiyong / kakaogames", "description": "A use-after-free issue was addressed with improved memory management.", "id": "CVE-2026-28883", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127118", "https://support.apple.com/en-us/127119", "https://support.apple.com/en-us/127120" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XR, iPhone XS, iPhone XS Max, iPhone 11 (all models), iPhone SE (2nd generation), iPhone 12 (all models), iPhone 13 (all models), iPhone SE (3rd generation), iPhone 14 (all models), iPhone 15 (all models), iPhone 16 (all models), iPhone 16e, iPad mini (5th generation - A17 Pro), iPad (7th generation - A16), iPad Air (3rd - 5th generation), iPad Air 11-inch (M2 - M3), iPad Air 13-inch (M2 - M3), iPad Pro 11-inch (1st generation - M4), iPad Pro 12.9-inch (3rd - 6th generation), and iPad Pro 13-inch (M4)", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Etienne Charron (Renault) and Victoria Martini (Renault)", "description": "A null pointer dereference was addressed with improved input validation.", "id": "CVE-2026-28886", "impact": "A user in a privileged network position may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/126792", "https://support.apple.com/en-us/126793", "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126796", "https://support.apple.com/en-us/126797", "https://support.apple.com/en-us/126798", "https://support.apple.com/en-us/126799" ], "module": "CoreUtils", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Andreas Jaegersberger & Ro Achterberg of Nosebeard Labs", "description": "A race condition was addressed with improved state handling.", "id": "CVE-2026-28888", "impact": "An app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126796" ], "module": "CUPS", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe 26.2 and later" ], "credit": "Mihai Marin", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2026-28889", "impact": "An app may be able to read arbitrary files as root", "links": [ "https://support.apple.com/en-us/126801" ], "module": "Simulator", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe 26.2 and later" ], "credit": "Nathaniel Oh (@calysteon)", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2026-28890", "impact": "An app may be able to cause unexpected system termination", "links": [ "https://support.apple.com/en-us/126801" ], "module": "otool", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "an anonymous researcher", "description": "A race condition was addressed with additional validation.", "id": "CVE-2026-28891", "impact": "An app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126796" ], "module": "NetAuth", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "\u98ce\u6c90\u4e91\u70df (@binary_fmyy) and Minghao Lin (@Y1nKoc)", "description": "A permissions issue was addressed by removing the vulnerable code.", "id": "CVE-2026-28892", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126796" ], "module": "Diagnostics", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe" ], "credit": "Asaf Cohen", "description": "A privacy issue was addressed with improved handling of temporary files.", "id": "CVE-2026-28893", "impact": "A document may be written to a temporary file when using print preview", "links": [ "https://support.apple.com/en-us/126794" ], "module": "CUPS", "rsr": "", "update": "" }, { "available": [ "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "an anonymous researcher", "description": "A denial-of-service issue was addressed with improved input validation.", "id": "CVE-2026-28894", "impact": "A remote attacker may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/126792", "https://support.apple.com/en-us/126794", "https://support.apple.com/en-us/126795", "https://support.apple.com/en-us/126796", "https://support.apple.com/en-us/127111" ], "module": "Calling Framework", "rsr": "", "update": "" }, { "available": [ "iPhone 11 and later" ], "credit": "Adri\u00e1n P\u00e9rez Mart\u00ednez, Uluk Abylbekov, and Zack Tickman", "description": "The issue was addressed with improved checks.", "id": "CVE-2026-28895", "impact": "An attacker with physical access to an iOS device with Stolen Device Protection enabled may be able to access biometrics-gated Protected Apps with the passcode", "links": [ "https://support.apple.com/en-us/126792" ], "module": "App Protection", "rsr": "", "update": "April 9, 2026" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "popku1337, Billy Jheng Bing Jhong and Pan Zhenpeng (@Peterpan0927) of STAR Labs SG Pte. Ltd., Robert Tran, Aswin kumar Gokulakannan", "description": "A buffer overflow was addressed with improved input validation.", "id": "CVE-2026-28897", "impact": "A local user may be able to cause unexpected system termination or read kernel memory", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127111", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127116", "https://support.apple.com/en-us/127117", "https://support.apple.com/en-us/127118", "https://support.apple.com/en-us/127119", "https://support.apple.com/en-us/127120" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Tahoe" ], "bugzilla": "310207", "credit": "Aisle offensive security research team (Joshua Rogers, Luigino Camastra, Igor Morgenstern, and Guido Vranken), Maher Azzouzi, Ngan Nguyen of Calif.io", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2026-28901", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127118", "https://support.apple.com/en-us/127119", "https://support.apple.com/en-us/127120" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Tahoe" ], "bugzilla": "309861", "credit": "Tristan Madani (@TristanInSec) from Talence Security, Nathaniel Oh (@calysteon)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2026-28902", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127118", "https://support.apple.com/en-us/127119", "https://support.apple.com/en-us/127120" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Tahoe" ], "bugzilla": "310303", "credit": "Mateusz Krzywicki (iVerify.io)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2026-28903", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127111", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127118", "https://support.apple.com/en-us/127119", "https://support.apple.com/en-us/127120" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Tahoe" ], "bugzilla": "309601", "credit": "Luka Ra\u010dki", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2026-28904", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127111", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127118", "https://support.apple.com/en-us/127119", "https://support.apple.com/en-us/127120" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Tahoe" ], "bugzilla": "308545", "credit": "Yuhao Hu, Yuanming Lai, Chenggang Wu, and Zhe Wang", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2026-28905", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127118", "https://support.apple.com/en-us/127120" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Ilya Sc. Jowell A.", "description": "This issue was addressed through improved state management.", "id": "CVE-2026-28906", "impact": "An attacker may be able to track users through their IP address", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127111", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127116", "https://support.apple.com/en-us/127117", "https://support.apple.com/en-us/127120" ], "module": "Networking", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Tahoe" ], "bugzilla": "308675", "credit": "Cantina", "description": "The issue was addressed with improved input validation.", "id": "CVE-2026-28907", "impact": "Processing maliciously crafted web content may prevent Content Security Policy from being enforced", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127111", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127118", "https://support.apple.com/en-us/127119", "https://support.apple.com/en-us/127120" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "beist", "description": "A denial of service issue was addressed by removing the vulnerable code.", "id": "CVE-2026-28908", "impact": "An app may be able to modify protected parts of the file system", "links": [ "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127116", "https://support.apple.com/en-us/127117" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe" ], "credit": "Talal Haj Bakry and Tommy Mysk of Mysk Inc. (@mysk_co), Zhongquan Li (@Guluisacat)", "description": "This issue was addressed with improved permissions checking.", "id": "CVE-2026-28910", "impact": "A malicious app may be able to access arbitrary files", "links": [ "https://support.apple.com/en-us/126794" ], "module": "Archive Utility", "rsr": "", "update": "May 11, 2026" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Tahoe" ], "bugzilla": "311631", "credit": "an anonymous researcher", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2026-28913", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127118", "https://support.apple.com/en-us/127119" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe" ], "credit": "Andreas Jaegersberger & Ro Achterberg of Nosebeard Labs (nosebeard.co)", "description": "A logic issue was addressed with improved file handling.", "id": "CVE-2026-28914", "impact": "A maliciously crafted ZIP archive may bypass Gatekeeper checks", "links": [ "https://support.apple.com/en-us/127115" ], "module": "zip", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Andreas Jaegersberger & Ro Achterberg of Nosebeard Labs", "description": "A parsing issue in the handling of directory paths was addressed with improved path validation.", "id": "CVE-2026-28915", "impact": "An app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127116", "https://support.apple.com/en-us/127117" ], "module": "CUPS", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Tahoe" ], "bugzilla": "310527", "credit": "Vitaly Simonovich", "description": "The issue was addressed with improved input validation.", "id": "CVE-2026-28917", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127111", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127118", "https://support.apple.com/en-us/127119", "https://support.apple.com/en-us/127120" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Tahoe" ], "credit": "Niels Hofmans, Anonymous working with TrendAI Zero Day Initiative", "description": "An out-of-bounds access issue was addressed with improved bounds checking.", "id": "CVE-2026-28918", "impact": "Parsing a maliciously crafted file may lead to an unexpected app termination", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127118", "https://support.apple.com/en-us/127119", "https://support.apple.com/en-us/127120" ], "module": "CoreSymbolication", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Amy (amys.website)", "description": "A consistency issue was addressed with improved state handling.", "id": "CVE-2026-28919", "impact": "An app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127116", "https://support.apple.com/en-us/127117" ], "module": "StorageKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Brendon Tiszka of Google Project Zero", "description": "An information leakage was addressed with additional validation.", "id": "CVE-2026-28920", "impact": "Visiting a maliciously crafted website may leak sensitive data", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127111", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127116", "https://support.apple.com/en-us/127117", "https://support.apple.com/en-us/127118", "https://support.apple.com/en-us/127119", "https://support.apple.com/en-us/127120" ], "module": "zlib", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Arni Hardarson", "description": "This issue was addressed through improved state management.", "id": "CVE-2026-28922", "impact": "An app may be able to access private information", "links": [ "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127116", "https://support.apple.com/en-us/127117" ], "module": "CoreMedia", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Kun Peeks (@SwayZGl1tZyyy)", "description": "A logging issue was addressed with improved data redaction.", "id": "CVE-2026-28923", "impact": "A malicious app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127116", "https://support.apple.com/en-us/127117" ], "module": "GPU Drivers", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Andreas Jaegersberger & Ro Achterberg of Nosebeard Labs, YingQi Shi (@Mas0nShi) of DBAppSecurity's WeBin lab", "description": "A race condition was addressed with improved handling of symbolic links.", "id": "CVE-2026-28924", "impact": "An app may be able to access Contacts without user consent", "links": [ "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127116", "https://support.apple.com/en-us/127117" ], "module": "Sync Services", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Aswin Kumar Gokula Kannan, Dave G.", "description": "A buffer overflow was addressed with improved bounds checking.", "id": "CVE-2026-28925", "impact": "An app may be able to cause unexpected system termination or write kernel memory", "links": [ "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127116", "https://support.apple.com/en-us/127117" ], "module": "HFS", "rsr": "", "update": "" }, { "available": [ "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Yi\u011fit Can YILMAZ (@yilmazcanyigit)", "description": "A logic issue was addressed with improved checks.", "id": "CVE-2026-28929", "impact": "Replying to an email could display remote images in Mail in Lockdown Mode", "links": [ "https://support.apple.com/en-us/127111", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127116", "https://support.apple.com/en-us/127117" ], "module": "Mail Drafts", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe" ], "credit": "Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte. Ltd.", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2026-28930", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/127115" ], "module": "Spotlight", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sonoma", "macOS Tahoe" ], "credit": "Andreas Jaegersberger & Ro Achterberg of Nosebeard Labs", "description": "The issue was addressed with improved checks.", "id": "CVE-2026-28936", "impact": "Processing a maliciously crafted file may lead to unexpected app termination", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127111", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127117", "https://support.apple.com/en-us/127120" ], "module": "CoreServices", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sequoia", "macOS Tahoe" ], "credit": "Michael DePlante (@izobashi) of TrendAI Zero Day Initiative", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2026-28940", "impact": "Processing a maliciously crafted image may corrupt process memory", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127111", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127116", "https://support.apple.com/en-us/127118", "https://support.apple.com/en-us/127120" ], "module": "Model I/O", "rsr": "", "update": "" }, { "available": [ "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sequoia", "macOS Tahoe" ], "credit": "Michael DePlante (@izobashi) of TrendAI Zero Day Initiative", "description": "The issue was addressed with improved checks.", "id": "CVE-2026-28941", "impact": "Processing a maliciously crafted file may lead to a denial-of-service or potentially disclose memory contents", "links": [ "https://support.apple.com/en-us/127111", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127116" ], "module": "Model I/O", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Tahoe" ], "bugzilla": "312180", "credit": "Milad Nasr and Nicholas Carlini with Claude, Anthropic", "description": "A use-after-free issue was addressed with improved memory management.", "id": "CVE-2026-28942", "impact": "Processing maliciously crafted web content may lead to an unexpected Safari crash", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127118", "https://support.apple.com/en-us/127119", "https://support.apple.com/en-us/127120" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Google Threat Analysis Group", "description": "A logging issue was addressed with improved data redaction.", "id": "CVE-2026-28943", "impact": "An app may be able to determine kernel memory layout", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127111", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127116", "https://support.apple.com/en-us/127117", "https://support.apple.com/en-us/127118", "https://support.apple.com/en-us/127119" ], "module": "IOHIDFamily", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Tahoe" ], "bugzilla": "311131", "credit": "Kenneth Hsu of Palo Alto Networks, J\u00e9r\u00f4me DJOUDER, dr3dd", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2026-28944", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127120" ], "module": "WebRTC", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe" ], "bugzilla": "310544", "credit": "Gia Bui (@yabeow) from Calif.io, dr3dd, w0wbox", "description": "A use-after-free issue was addressed with improved memory management.", "id": "CVE-2026-28946", "impact": "Processing maliciously crafted web content may lead to an unexpected Safari crash", "links": [ "https://support.apple.com/en-us/127115" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Tahoe" ], "bugzilla": "310234", "credit": "dr3dd", "description": "A use-after-free issue was addressed with improved memory management.", "id": "CVE-2026-28947", "impact": "Processing maliciously crafted web content may lead to an unexpected Safari crash", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127118", "https://support.apple.com/en-us/127119", "https://support.apple.com/en-us/127120" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", "iPhone XR, iPhone XS, iPhone XS Max, iPhone 11 (all models), iPhone SE (2nd generation), iPhone 12 (all models), iPhone 13 (all models), iPhone SE (3rd generation), iPhone 14 (all models), iPhone 15 (all models), iPhone 16 (all models), iPhone 16e, iPad mini (5th generation - A17 Pro), iPad (7th generation - A16), iPad Air (3rd - 5th generation), iPad Air 11-inch (M2 - M3), iPad Air 13-inch (M2 - M3), iPad Pro 11-inch (1st generation - M4), iPad Pro 12.9-inch (3rd - 6th generation), and iPad Pro 13-inch (M4)" ], "credit": "", "description": "A logging issue was addressed with improved data redaction.", "id": "CVE-2026-28950", "impact": "Notifications marked for deletion could be unexpectedly retained on the device", "links": [ "https://support.apple.com/en-us/127002", "https://support.apple.com/en-us/127003", "https://support.apple.com/en-us/127112", "https://support.apple.com/en-us/127113", "https://support.apple.com/en-us/127114" ], "module": "Notification Services", "rsr": "", "update": "" }, { "available": [ "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Csaba Fitzl (@theevilbit) of Iru", "description": "An authorization issue was addressed with improved state management.", "id": "CVE-2026-28951", "impact": "An app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127111", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127116", "https://support.apple.com/en-us/127117" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Calif.io in collaboration with Claude and Anthropic Research", "description": "An integer overflow was addressed with improved input validation.", "id": "CVE-2026-28952", "impact": "An app may be able to cause unexpected system termination", "links": [ "https://support.apple.com/en-us/127111", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127116", "https://support.apple.com/en-us/127117" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Tahoe" ], "bugzilla": "309628", "credit": "Maher Azzouzi", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2026-28953", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127111", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127118", "https://support.apple.com/en-us/127119", "https://support.apple.com/en-us/127120" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Yi\u011fit Can YILMAZ (@yilmazcanyigit)", "description": "A file quarantine bypass was addressed with additional checks.", "id": "CVE-2026-28954", "impact": "A maliciously crafted disk image may bypass Gatekeeper checks", "links": [ "https://support.apple.com/en-us/127111", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127116", "https://support.apple.com/en-us/127117" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Tahoe" ], "bugzilla": "310880", "credit": "wac and Kookhwan Lee working with TrendAI Zero Day Initiative", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2026-28955", "impact": "Processing maliciously crafted web content may lead to an unexpected process crash", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127111", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127118", "https://support.apple.com/en-us/127119", "https://support.apple.com/en-us/127120" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "impost0r (ret2plt)", "description": "A memory corruption issue was addressed with improved input validation.", "id": "CVE-2026-28956", "impact": "Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127116", "https://support.apple.com/en-us/127117", "https://support.apple.com/en-us/127118", "https://support.apple.com/en-us/127119", "https://support.apple.com/en-us/127120" ], "module": "AppleJPEG", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation" ], "credit": "Adriatik Raci", "description": "An issue with app access to camera metadata was addressed with improved logic.", "id": "CVE-2026-28957", "impact": "An app may be able to capture a user's screen", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127111", "https://support.apple.com/en-us/127120" ], "module": "Status Bar", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Tahoe" ], "bugzilla": "311228", "credit": "Cantina", "description": "This issue was addressed with improved data protection.", "id": "CVE-2026-28958", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127120" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Dave G.", "description": "A buffer overflow was addressed with improved bounds checking.", "id": "CVE-2026-28959", "impact": "An app may be able to cause unexpected system termination", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127111", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127116", "https://support.apple.com/en-us/127117", "https://support.apple.com/en-us/127118", "https://support.apple.com/en-us/127119", "https://support.apple.com/en-us/127120" ], "module": "APFS", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe" ], "credit": "Dan Raviv", "description": "This issue was addressed with improved checks.", "id": "CVE-2026-28961", "impact": "An attacker with physical access to a locked device may be able to view sensitive user information", "links": [ "https://support.apple.com/en-us/127115" ], "module": "Network Extensions", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Tahoe" ], "bugzilla": "309698", "credit": "Luke Francis, Vaagn Vardanian, kwak kiyong / kakaogames, Vitaly Simonovich, Adel Bouachraoui, greenbynox", "description": "This issue was addressed with improved access restrictions.", "id": "CVE-2026-28962", "impact": "Processing maliciously crafted web content may disclose sensitive user information", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127111", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127120" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "iPhone 15 and later" ], "credit": "Jorge Welch", "description": "A privacy issue was addressed by removing the vulnerable code.", "id": "CVE-2026-28963", "impact": "An attacker with physical access may be able to use Visual Intelligence to access sensitive user data during iPhone Mirroring", "links": [ "https://support.apple.com/en-us/127110" ], "module": "Screenshots", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later" ], "credit": "Alan Wang, Christopher W. Fletcher, Hovav Shacham, David Kohlbrenner, Riccardo Paccagnella", "description": "An inconsistent user interface issue was addressed with improved state management.", "id": "CVE-2026-28964", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127120" ], "module": "CoreAnimation", "rsr": "", "update": "" }, { "available": [ "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later" ], "credit": "Abhay Kailasia (@abhay_kailasia) from Safran Mumbai India", "description": "A privacy issue was addressed with improved checks.", "id": "CVE-2026-28965", "impact": "A user may be able to view restricted content from the lock screen", "links": [ "https://support.apple.com/en-us/127110" ], "module": "WidgetKit", "rsr": "", "update": "" }, { "available": [ "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XR, iPhone XS, iPhone XS Max, iPhone 11 (all models), iPhone SE (2nd generation), iPhone 12 (all models), iPhone 13 (all models), iPhone SE (3rd generation), iPhone 14 (all models), iPhone 15 (all models), iPhone 16 (all models), iPhone 16e, iPad mini (5th generation - A17 Pro), iPad (7th generation - A16), iPad Air (3rd - 5th generation), iPad Air 11-inch (M2 - M3), iPad Air 13-inch (M2 - M3), iPad Pro 11-inch (1st generation - M4), iPad Pro 12.9-inch (3rd - 6th generation), and iPad Pro 13-inch (M4)" ], "credit": "Hazem Issa and Yongdae Kim @ SysSec, KAIST", "description": "A denial-of-service issue was addressed with improved input validation.", "id": "CVE-2026-28967", "impact": "An attacker in a privileged network position may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/126792", "https://support.apple.com/en-us/126793" ], "module": "Telephony", "rsr": "", "update": "May 11, 2026" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Mihalis Haatainen, Ari Hawking, Ashish Kunwar", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2026-28969", "impact": "An app may be able to cause unexpected system termination", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127111", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127116", "https://support.apple.com/en-us/127117", "https://support.apple.com/en-us/127118", "https://support.apple.com/en-us/127119", "https://support.apple.com/en-us/127120" ], "module": "IOKit", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Tahoe" ], "bugzilla": "311288", "credit": "Khiem Tran", "description": "The issue was addressed with improved UI handling.", "id": "CVE-2026-28971", "impact": "A malicious iframe may use another website\u2019s download settings", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127120" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Billy Jheng Bing Jhong and Pan Zhenpeng (@Peterpan0927) of STAR Labs SG Pte. Ltd., Ryan Hileman via Xint Code (xint.io)", "description": "An out-of-bounds write issue was addressed with improved input validation.", "id": "CVE-2026-28972", "impact": "An app may be able to cause unexpected system termination or write kernel memory", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127111", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127116", "https://support.apple.com/en-us/127117", "https://support.apple.com/en-us/127118", "https://support.apple.com/en-us/127119", "https://support.apple.com/en-us/127120" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Tahoe" ], "credit": "Andy Koo (@andykoo) of Hexens", "description": "This issue was addressed with improved checks to prevent unauthorized actions.", "id": "CVE-2026-28974", "impact": "An app may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127116", "https://support.apple.com/en-us/127118", "https://support.apple.com/en-us/127119", "https://support.apple.com/en-us/127120" ], "module": "Spotlight", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe" ], "credit": "David Ige - Beryllium Security", "description": "An information leakage was addressed with additional validation.", "id": "CVE-2026-28976", "impact": "An app may be able to gain root privileges", "links": [ "https://support.apple.com/en-us/127115" ], "module": "UserAccountUpdater", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Suresh Sundaram", "description": "The issue was addressed with improved bounds checks.", "id": "CVE-2026-28977", "impact": "Processing a maliciously crafted file may lead to unexpected app termination", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127111", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127116", "https://support.apple.com/en-us/127117", "https://support.apple.com/en-us/127118", "https://support.apple.com/en-us/127119", "https://support.apple.com/en-us/127120" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "wdszzml and Atuin Automated Vulnerability Discovery Engine", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2026-28978", "impact": "A malicious app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127116", "https://support.apple.com/en-us/127117" ], "module": "Installer", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Tahoe" ], "credit": "Ruslan Dautov", "description": "A type confusion issue was addressed with improved checks.", "id": "CVE-2026-28983", "impact": "A remote attacker may be able to cause a denial of service", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127111", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127118", "https://support.apple.com/en-us/127119", "https://support.apple.com/en-us/127120" ], "module": "LaunchServices", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Tahoe" ], "credit": "Omar Cerrito", "description": "A null pointer dereference was addressed with improved input validation.", "id": "CVE-2026-28985", "impact": "An attacker on the local network may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127118" ], "module": "mDNSResponder", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Chris Betz, Tristan Madani (@TristanInSec) from Talence Security, Ryan Hileman via Xint Code (xint.io)", "description": "A race condition was addressed with additional validation.", "id": "CVE-2026-28986", "impact": "An app may be able to cause unexpected system termination", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127111", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127116", "https://support.apple.com/en-us/127117", "https://support.apple.com/en-us/127118", "https://support.apple.com/en-us/127119" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Dhiyanesh Selvaraj (@redroot97)", "description": "A logging issue was addressed with improved data redaction.", "id": "CVE-2026-28987", "impact": "An app may be able to leak sensitive kernel state", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127111", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127116", "https://support.apple.com/en-us/127117", "https://support.apple.com/en-us/127118", "https://support.apple.com/en-us/127119" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Tahoe" ], "credit": "Asaf Cohen", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2026-28988", "impact": "An app may be able to bypass certain Privacy preferences", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127119", "https://support.apple.com/en-us/127120" ], "module": "Accounts", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Jiri Ha, Arni Hardarson", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2026-28990", "impact": "Processing a maliciously crafted image may corrupt process memory", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127116", "https://support.apple.com/en-us/127117", "https://support.apple.com/en-us/127118", "https://support.apple.com/en-us/127119", "https://support.apple.com/en-us/127120" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Tahoe" ], "credit": "Seiji Sakurai (@HeapSmasher)", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2026-28991", "impact": "An app may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127118", "https://support.apple.com/en-us/127119", "https://support.apple.com/en-us/127120" ], "module": "Accelerate", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Johnny Franks (@zeroxjf)", "description": "A memory corruption vulnerability was addressed with improved locking.", "id": "CVE-2026-28992", "impact": "An attacker may be able to cause unexpected app termination", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127111", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127116", "https://support.apple.com/en-us/127117", "https://support.apple.com/en-us/127118", "https://support.apple.com/en-us/127119", "https://support.apple.com/en-us/127120" ], "module": "IOHIDFamily", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Doron Assness", "description": "This issue was addressed by adding an additional prompt for user consent.", "id": "CVE-2026-28993", "impact": "An app may be able to access user-sensitive data", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127111", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127116", "https://support.apple.com/en-us/127117", "https://support.apple.com/en-us/127120" ], "module": "Shortcuts", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Alex Radocea", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2026-28994", "impact": "An attacker in a privileged network position may be able to perform denial-of-service attack using crafted Wi-Fi packets", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127111", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127116", "https://support.apple.com/en-us/127117", "https://support.apple.com/en-us/127118", "https://support.apple.com/en-us/127119" ], "module": "Wi-Fi", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Tahoe" ], "credit": "Vamshi Paili, Tony Gorez (@tonygo_) for Reverse Society", "description": "A logic issue was addressed with improved restrictions.", "id": "CVE-2026-28995", "impact": "A malicious app may be able to break out of its sandbox", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127111", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127118", "https://support.apple.com/en-us/127119", "https://support.apple.com/en-us/127120" ], "module": "App Intents", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Alex Radocea", "description": "A race condition was addressed with additional validation.", "id": "CVE-2026-28996", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127116", "https://support.apple.com/en-us/127117", "https://support.apple.com/en-us/127118", "https://support.apple.com/en-us/127119", "https://support.apple.com/en-us/127120" ], "module": "Storage", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "David Ige of Beryllium Security", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2026-39869", "impact": "Processing an audio stream in a maliciously crafted media file may terminate the process", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127111", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127116", "https://support.apple.com/en-us/127117", "https://support.apple.com/en-us/127118", "https://support.apple.com/en-us/127119", "https://support.apple.com/en-us/127120" ], "module": "Audio", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Peter Malone", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2026-39870", "impact": "Processing a maliciously crafted image may corrupt process memory", "links": [ "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127116", "https://support.apple.com/en-us/127117" ], "module": "SceneKit", "rsr": "", "update": "" }, { "available": [ "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "an anonymous researcher", "description": "A path handling issue was addressed with improved logic.", "id": "CVE-2026-39871", "impact": "An app may be able to observe unprotected user data", "links": [ "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127116", "https://support.apple.com/en-us/127117" ], "module": "TV App", "rsr": "", "update": "" }, { "available": [ "macOS Tahoe" ], "credit": "Asaf Cohen", "description": "A permissions issue was addressed with additional restrictions.", "id": "CVE-2026-43652", "impact": "An app may be able to access protected user data", "links": [ "https://support.apple.com/en-us/127115" ], "module": "Sandbox", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sonoma", "macOS Tahoe" ], "credit": "Atul R V", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2026-43653", "impact": "An attacker on the local network may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127111", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127117", "https://support.apple.com/en-us/127118" ], "module": "mDNSResponder", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Vaagn Vardanian, Nathaniel Oh (@calysteon)", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2026-43654", "impact": "An app may be able to disclose kernel memory", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127111", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127116", "https://support.apple.com/en-us/127117", "https://support.apple.com/en-us/127118", "https://support.apple.com/en-us/127119", "https://support.apple.com/en-us/127120" ], "module": "Kernel", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Tahoe" ], "credit": "Somair Ansar and an anonymous researcher", "description": "An out-of-bounds read was addressed with improved bounds checking.", "id": "CVE-2026-43655", "impact": "An app may be able to cause unexpected system termination or read kernel memory", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127118", "https://support.apple.com/en-us/127119" ], "module": "IOSurfaceAccelerator", "rsr": "", "update": "" }, { "available": [ "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Peter Malone", "description": "An out-of-bounds write issue was addressed with improved input validation.", "id": "CVE-2026-43656", "impact": "Parsing a maliciously crafted file may lead to an unexpected app termination", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127111", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127116", "https://support.apple.com/en-us/127117" ], "module": "Quick Look", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Tahoe" ], "bugzilla": "307669", "credit": "Do Young Park", "description": "The issue was addressed with improved memory handling.", "id": "CVE-2026-43658", "impact": "Processing maliciously crafted web content may lead to an unexpected Safari crash", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127118", "https://support.apple.com/en-us/127119", "https://support.apple.com/en-us/127120" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple Vision Pro (all models)", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Alex Radocea", "description": "A race condition was addressed with additional validation.", "id": "CVE-2026-43659", "impact": "An app may be able to access sensitive user data", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127111", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127116", "https://support.apple.com/en-us/127117", "https://support.apple.com/en-us/127120" ], "module": "FileProvider", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Tahoe" ], "bugzilla": "308906", "credit": "Cantina", "description": "A validation issue was addressed with improved logic.", "id": "CVE-2026-43660", "impact": "Processing maliciously crafted web content may prevent Content Security Policy from being enforced", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127111", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127118", "https://support.apple.com/en-us/127119", "https://support.apple.com/en-us/127120" ], "module": "WebKit", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "macOS Tahoe" ], "credit": "an anonymous researcher", "description": "A buffer overflow issue was addressed with improved memory handling.", "id": "CVE-2026-43661", "impact": "Processing a maliciously crafted image may corrupt process memory", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127118", "https://support.apple.com/en-us/127119" ], "module": "ImageIO", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Ian van der Wurff (ian.nl)", "description": "An out-of-bounds write issue was addressed with improved bounds checking.", "id": "CVE-2026-43666", "impact": "An attacker on the local network may be able to cause a denial-of-service", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127111", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127116", "https://support.apple.com/en-us/127117", "https://support.apple.com/en-us/127118", "https://support.apple.com/en-us/127119", "https://support.apple.com/en-us/127120" ], "module": "mDNSResponder", "rsr": "", "update": "" }, { "available": [ "Apple TV HD and Apple TV 4K (all models)", "Apple Vision Pro (all models)", "Apple Watch Series 6 and later", "iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", "iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation", "macOS Sequoia", "macOS Sonoma", "macOS Tahoe" ], "credit": "Anton Pakhunov, Ricardo Prado", "description": "A use after free issue was addressed with improved memory management.", "id": "CVE-2026-43668", "impact": "A remote attacker may be able to cause unexpected system termination or corrupt kernel memory", "links": [ "https://support.apple.com/en-us/127110", "https://support.apple.com/en-us/127111", "https://support.apple.com/en-us/127115", "https://support.apple.com/en-us/127116", "https://support.apple.com/en-us/127117", "https://support.apple.com/en-us/127118", "https://support.apple.com/en-us/127119", "https://support.apple.com/en-us/127120" ], "module": "mDNSResponder", "rsr": "", "update": "" } ] ================================================ FILE: 2026/README.md ================================================ # Apple CVE 2026 * data source: https://support.apple.com/en-us/HT201222 * [2026.json](2026.json) ## ITW | Index | CVE ID | Module | |:-----:|:------:|:------------------ | | 1 | CVE-2026-20700 | dyld | ## Modules | Index | Module Name | CVE Count | |:-----:|:------------------ |:---------:| | 1 | WebKit | 37 | | 2 | Kernel | 18 | | 3 | ImageIO | 7 | | 4 | Multi-Touch | 7 | | 5 | CoreServices | 7 | | 6 | Spotlight | 6 | | 7 | Security | 5 | | 8 | apache | 5 | | 9 | AppleMobileFileIntegrity | 5 | | 10 | PackageKit | 4 | | 11 | LaunchServices | 4 | | 12 | Siri | 4 | | 13 | mDNSResponder | 4 | | 14 | Foundation | 3 | | 15 | libxpc | 3 | | 16 | CoreMedia | 3 | | 17 | Model I/O | 3 | | 18 | System Settings | 3 | | 19 | GPU Drivers | 3 | | 20 | Wi-Fi | 3 | | 21 | Shortcuts | 3 | | 22 | Printing | 3 | | 23 | NetAuth | 3 | | 24 | Audio | 3 | | 25 | SMB | 3 | | 26 | iCloud | 3 | | 27 | CUPS | 3 | | 28 | WindowServer | 2 | | 29 | AppleJPEG | 2 | | 30 | UIKit | 2 | | 31 | Sandbox | 2 | | 32 | Archive Utility | 2 | | 33 | Accessibility | 2 | | 34 | Messages | 2 | | 35 | Admin Framework | 2 | | 36 | Mail | 2 | | 37 | Sandbox Profiles | 2 | | 38 | Contacts | 2 | | 39 | Screenshots | 2 | | 40 | StorageKit | 2 | | 41 | IOGraphics | 2 | | 42 | SceneKit | 2 | | 43 | Telephony | 2 | | 44 | Baseband | 2 | | 45 | Accounts | 2 | | 46 | IOHIDFamily | 2 | | 47 | curl | 1 | | 48 | Compression | 1 | | 49 | File Bookmark | 1 | | 50 | Icons | 1 | | 51 | iTunes Store | 1 | | 52 | Books | 1 | | 53 | Keynote | 1 | | 54 | Pages | 1 | | 55 | libexpat | 1 | | 56 | Notification Center | 1 | | 57 | Voice Control | 1 | | 58 | Setup Assistant | 1 | | 59 | CoreAudio | 1 | | 60 | Remote Management | 1 | | 61 | Music | 1 | | 62 | AppleKeyStore | 1 | | 63 | Call History | 1 | | 64 | configd | 1 | | 65 | StoreKit | 1 | | 66 | Photos | 1 | | 67 | Weather | 1 | | 68 | Game Center | 1 | | 69 | Bluetooth | 1 | | 70 | Live Captions | 1 | | 71 | Safari | 1 | | 72 | Vision | 1 | | 73 | CFNetwork | 1 | | 74 | VoiceOver | 1 | | 75 | NSOpenPanel | 1 | | 76 | Focus | 1 | | 77 | AppleEvents | 1 | | 78 | AppleScript | 1 | | 79 | WebKit Sandboxing | 1 | | 80 | MigrationKit | 1 | | 81 | dyld | 1 | | 82 | Notes | 1 | | 83 | NSColorPanel | 1 | | 84 | NetFSFramework | 1 | | 85 | TCC | 1 | | 86 | WebDAV | 1 | | 87 | File System | 1 | | 88 | SystemMigration | 1 | | 89 | UIFoundation | 1 | | 90 | Screen Time | 1 | | 91 | Phone | 1 | | 92 | 802.1X | 1 | | 93 | Clipboard | 1 | | 94 | GeoServices | 1 | | 95 | Calendar | 1 | | 96 | Privacy | 1 | | 97 | DeviceLink | 1 | | 98 | Crash Reporter | 1 | | 99 | CoreUtils | 1 | | 100 | Simulator | 1 | | 101 | otool | 1 | | 102 | Diagnostics | 1 | | 103 | Calling Framework | 1 | | 104 | App Protection | 1 | | 105 | Networking | 1 | | 106 | zip | 1 | | 107 | CoreSymbolication | 1 | | 108 | zlib | 1 | | 109 | Sync Services | 1 | | 110 | HFS | 1 | | 111 | Mail Drafts | 1 | | 112 | WebRTC | 1 | | 113 | Notification Services | 1 | | 114 | Status Bar | 1 | | 115 | APFS | 1 | | 116 | Network Extensions | 1 | | 117 | CoreAnimation | 1 | | 118 | WidgetKit | 1 | | 119 | IOKit | 1 | | 120 | UserAccountUpdater | 1 | | 121 | Installer | 1 | | 122 | Accelerate | 1 | | 123 | App Intents | 1 | | 124 | Storage | 1 | | 125 | TV App | 1 | | 126 | IOSurfaceAccelerator | 1 | | 127 | Quick Look | 1 | | 128 | FileProvider | 1 | ================================================ FILE: README.md ================================================ # Apple CVE List * data source: https://support.apple.com/en-us/HT201222 1. [2011](./2011/), count: 400 2. [2012](./2012/), count: 500 3. [2013](./2013/), count: 395 4. [2014](./2014/), count: 364 5. [2015](./2015/), count: 836 6. [2016](./2016/), count: 605 7. [2017](./2017/), count: 779 8. [2018](./2018/), count: 418 9. [2019](./2019/), count: 468 10. [2020](./2020/), count: 449 11. [2021](./2021/), count: 521 12. [2022](./2022/), count: 541 13. [2023](./2023/), count: 591 14. [2024](./2024/), count: 587 15. [2025](./2025/), count: 716 16. [2026](./2026/), count: 275 ## ITW | Index | CVE ID | Module | |:-----:|:------:|:------------------ | | 1 | CVE-2020-27930 | FontParser | | 2 | CVE-2020-27932 | Kernel | | 3 | CVE-2020-27950 | Kernel | | 4 | CVE-2021-1782 | Kernel | | 5 | CVE-2021-1870 | WebKit | | 6 | CVE-2021-1871 | WebKit | | 7 | CVE-2021-1879 | WebKit | | 8 | CVE-2021-30657 | System Preferences | | 9 | CVE-2021-30661 | WebKit Storage | | 10 | CVE-2021-30665 | WebKit | | 11 | CVE-2021-30666 | WebKit | | 12 | CVE-2021-30761 | WebKit | | 13 | CVE-2021-30762 | WebKit | | 14 | CVE-2021-30807 | IOMobileFrameBuffer | | 15 | CVE-2021-30858 | WebKit | | 16 | CVE-2021-30860 | CoreGraphics | | 17 | CVE-2021-30869 | XNU | | 18 | CVE-2021-30883 | IOMobileFrameBuffer | | 19 | CVE-2022-22587 | IOMobileFrameBuffer | | 20 | CVE-2022-22620 | WebKit | | 21 | CVE-2022-22675 | AppleAVD | | 22 | CVE-2022-32893 | WebKit | | 23 | CVE-2022-32894 | Kernel | | 24 | CVE-2022-42827 | Kernel | | 25 | CVE-2022-42856 | WebKit | | 26 | CVE-2022-42856 | WebKit | | 27 | CVE-2022-48618 | Kernel | | 28 | CVE-2023-23529 | WebKit | | 29 | CVE-2023-28204 | WebKit | | 30 | CVE-2023-28205 | WebKit | | 31 | CVE-2023-28206 | IOSurfaceAccelerator | | 32 | CVE-2023-32373 | WebKit | | 33 | CVE-2023-32409 | WebKit | | 34 | CVE-2023-32434 | Kernel | | 35 | CVE-2023-32435 | WebKit | | 36 | CVE-2023-32439 | WebKit | | 37 | CVE-2023-37450 | WebKit | | 38 | CVE-2023-38606 | Kernel | | 39 | CVE-2023-41061 | Wallet | | 40 | CVE-2023-41064 | ImageIO | | 41 | CVE-2023-41990 | FontParser | | 42 | CVE-2023-41991 | Security | | 43 | CVE-2023-41992 | Kernel | | 44 | CVE-2023-41993 | WebKit | | 45 | CVE-2023-42824 | Kernel | | 46 | CVE-2023-42916 | WebKit | | 47 | CVE-2023-42916 | WebKit | | 48 | CVE-2023-42917 | WebKit | | 49 | CVE-2023-42917 | WebKit | | 50 | CVE-2024-23222 | WebKit | | 51 | CVE-2024-23225 | Kernel | | 52 | CVE-2024-23296 | RTKit | | 53 | CVE-2024-44308 | JavaScriptCore | | 54 | CVE-2024-44309 | WebKit | | 55 | CVE-2025-14174 | WebKit | | 56 | CVE-2025-24085 | CoreMedia | | 57 | CVE-2025-24200 | Accessibility | | 58 | CVE-2025-24201 | WebKit | | 59 | CVE-2025-31200 | CoreAudio | | 60 | CVE-2025-31201 | RPAC | | 61 | CVE-2025-43200 | Messages | | 62 | CVE-2025-43300 | ImageIO | | 63 | CVE-2025-43529 | WebKit | | 64 | CVE-2026-20700 | dyld |