Apple Ios18.2 And Ipados18.2 vulnerabilities

CVE-2024-54513 [MEDIUM] CVE-2024-54513: iOS18.2 and iPadOS18.2 Apple Security Update: About the security content of iOS18.2 and iPadOS18.2 Product: iOS18.2 and iPadOS18.2 CVE: CVE-2024-54513 Component: Crash Reporter Impact: An app may be able to access sensitive user data Description: A permissions issue was addressed with additional restrictions.

CVE-2024-54501 [MEDIUM] CVE-2024-54501: iOS18.2 and iPadOS18.2 Apple Security Update: About the security content of iOS18.2 and iPadOS18.2 Product: iOS18.2 and iPadOS18.2 CVE: CVE-2024-54501 Component: SceneKit Impact: Processing a maliciously crafted file may lead to a denial of service Description: The issue was addressed with improved checks.

CVE-2024-54488 [MEDIUM] CVE-2024-54488: iOS18.2 and iPadOS18.2 Apple Security Update: About the security content of iOS18.2 and iPadOS18.2 Product: iOS18.2 and iPadOS18.2 CVE: CVE-2024-54488 Component: Accounts Impact: Photos in the Hidden Photos Album may be viewed without authentication Description: A logic issue was addressed with improved file handling.

CVE-2024-54500 [MEDIUM] CVE-2024-54500: iOS18.2 and iPadOS18.2 Apple Security Update: About the security content of iOS18.2 and iPadOS18.2 Product: iOS18.2 and iPadOS18.2 CVE: CVE-2024-54500 Component: ImageIO Impact: Processing a maliciously crafted image may result in disclosure of process memory Description: The issue was addressed with improved checks.

CVE-2024-45306 [MEDIUM] CVE-2024-45306: iOS18.2 and iPadOS18.2 Apple Security Update: About the security content of iOS18.2 and iPadOS18.2 Product: iOS18.2 and iPadOS18.2 CVE: CVE-2024-45306 Component: CVE-2024-45306

CVE-2024-54523 [MEDIUM] CVE-2024-54523: iOS18.2 and iPadOS18.2 Apple Security Update: About the security content of iOS18.2 and iPadOS18.2 Product: iOS18.2 and iPadOS18.2 CVE: CVE-2024-54523 Component: IOMobileFrameBuffer Impact: An app may be able to corrupt coprocessor memory Description: The issue was addressed with improved bounds checks.

CVE-2024-54486 [MEDIUM] CVE-2024-54486: iOS18.2 and iPadOS18.2 Apple Security Update: About the security content of iOS18.2 and iPadOS18.2 Product: iOS18.2 and iPadOS18.2 CVE: CVE-2024-54486 Component: FontParser Impact: Processing a maliciously crafted font may result in the disclosure of process memory Description: The issue was addressed with improved checks.

CVE-2024-54527 [MEDIUM] CVE-2024-54527: iOS18.2 and iPadOS18.2 Apple Security Update: About the security content of iOS18.2 and iPadOS18.2 Product: iOS18.2 and iPadOS18.2 CVE: CVE-2024-54527 Component: AppleMobileFileIntegrity Impact: An app may be able to access sensitive user data Description: This issue was addressed with improved checks.

CVE-2024-54478 [MEDIUM] CVE-2024-54478: iOS18.2 and iPadOS18.2 Apple Security Update: About the security content of iOS18.2 and iPadOS18.2 Product: iOS18.2 and iPadOS18.2 CVE: CVE-2024-54478 Component: ICU Impact: Processing maliciously crafted web content may lead to an unexpected process crash Description: An out-of-bounds access issue was addressed with improved bounds checking.

CVE-2024-54503 [MEDIUM] CVE-2024-54503: iOS18.2 and iPadOS18.2 Apple Security Update: About the security content of iOS18.2 and iPadOS18.2 Product: iOS18.2 and iPadOS18.2 CVE: CVE-2024-54503 Component: Audio Impact: Muting a call while ringing may not result in mute being enabled Description: An inconsistent user interface issue was addressed with improved state management.

CVE-2024-54494 [MEDIUM] CVE-2024-54494: iOS18.2 and iPadOS18.2 Apple Security Update: About the security content of iOS18.2 and iPadOS18.2 Product: iOS18.2 and iPadOS18.2 CVE: CVE-2024-54494 Component: Kernel Impact: An attacker may be able to create a read-only memory mapping that can be written to Description: A race condition was addressed with additional validation.

CVE-2024-54550 [MEDIUM] CVE-2024-54550: iOS18.2 and iPadOS18.2 Apple Security Update: About the security content of iOS18.2 and iPadOS18.2 Product: iOS18.2 and iPadOS18.2 CVE: CVE-2024-54550 Component: Contacts Impact: An app may be able to view autocompleted contact information from Messages and Mail in system logs Description: This issue was addressed with improved redaction of sensitive information.

CVE-2024-54507 [MEDIUM] CVE-2024-54507: iOS18.2 and iPadOS18.2 Apple Security Update: About the security content of iOS18.2 and iPadOS18.2 Product: iOS18.2 and iPadOS18.2 CVE: CVE-2024-54507 Component: Kernel Impact: An attacker with user privileges may be able to read kernel memory Description: A type confusion issue was addressed with improved memory handling.

CVE-2024-54492 [MEDIUM] CVE-2024-54492: iOS18.2 and iPadOS18.2 Apple Security Update: About the security content of iOS18.2 and iPadOS18.2 Product: iOS18.2 and iPadOS18.2 CVE: CVE-2024-54492 Component: Passwords Impact: An attacker in a privileged network position may be able to alter network traffic Description: This issue was addressed by using HTTPS when sending information over the network.

CVE-2024-54541 [MEDIUM] CVE-2024-54541: iOS18.2 and iPadOS18.2 Apple Security Update: About the security content of iOS18.2 and iPadOS18.2 Product: iOS18.2 and iPadOS18.2 CVE: CVE-2024-54541 Component: APFS Impact: An app may be able to access user-sensitive data Description: This issue was addressed through improved state management.

CVE-2024-54510 [MEDIUM] CVE-2024-54510: iOS18.2 and iPadOS18.2 Apple Security Update: About the security content of iOS18.2 and iPadOS18.2 Product: iOS18.2 and iPadOS18.2 CVE: CVE-2024-54510 Component: Kernel Impact: An app may be able to leak sensitive kernel state Description: A race condition was addressed with improved locking.

CVE-2024-54502 [MEDIUM] CVE-2024-54502: iOS18.2 and iPadOS18.2 Apple Security Update: About the security content of iOS18.2 and iPadOS18.2 Product: iOS18.2 and iPadOS18.2 CVE: CVE-2024-54502 Component: WebKit Impact: Processing maliciously crafted web content may lead to an unexpected process crash Description: The issue was addressed with improved checks.

CVE-2024-54518 [MEDIUM] CVE-2024-54518: iOS18.2 and iPadOS18.2 Apple Security Update: About the security content of iOS18.2 and iPadOS18.2 Product: iOS18.2 and iPadOS18.2 CVE: CVE-2024-54518 Component: IOMobileFrameBuffer Impact: An app may be able to corrupt coprocessor memory Description: The issue was addressed with improved bounds checks.

CVE-2024-44246 [MEDIUM] CVE-2024-44246: iOS18.2 and iPadOS18.2 Apple Security Update: About the security content of iOS18.2 and iPadOS18.2 Product: iOS18.2 and iPadOS18.2 CVE: CVE-2024-44246 Component: Safari Impact: On a device with Private Relay enabled, adding a website to the Safari Reading List may reveal the originating IP address to the website Description: The issue was addressed with improved routing of Safari-originated requests.

CVE-2024-54485 [LOW] CVE-2024-54485: iOS18.2 and iPadOS18.2 Apple Security Update: About the security content of iOS18.2 and iPadOS18.2 Product: iOS18.2 and iPadOS18.2 CVE: CVE-2024-54485 Component: VoiceOver Impact: An attacker with physical access to an iOS device may be able to view notification content from the lock screen Description: The issue was addressed by adding additional logic.