Apple Ios 16.3 And Ipados vulnerabilities

CVE-2023-23519 [HIGH] CVE-2023-23519: iOS 16.3 and iPadOS 16.3 Apple Security Update: About the security content of iOS 16.3 and iPadOS 16.3 Product: iOS 16.3 and iPadOS Version: 16.3 CVE: CVE-2023-23519 Component: ImageIO Impact: Processing an image may lead to a denial-of-service Description: A memory corruption issue was addressed with improved state management.

CVE-2023-23517 [HIGH] CVE-2023-23517: iOS 16.3 and iPadOS 16.3 Apple Security Update: About the security content of iOS 16.3 and iPadOS 16.3 Product: iOS 16.3 and iPadOS Version: 16.3 CVE: CVE-2023-23517 Component: WebKit Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: The issue was addressed with improved memory handling.

CVE-2023-23518 [HIGH] CVE-2023-23518: iOS 16.3 and iPadOS 16.3 Apple Security Update: About the security content of iOS 16.3 and iPadOS 16.3 Product: iOS 16.3 and iPadOS Version: 16.3 CVE: CVE-2023-23518 Component: WebKit Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: The issue was addressed with improved memory handling.

CVE-2023-32393 [HIGH] CVE-2023-32393: iOS 16.3 and iPadOS 16.3 Apple Security Update: About the security content of iOS 16.3 and iPadOS 16.3 Product: iOS 16.3 and iPadOS Version: 16.3 CVE: CVE-2023-32393 Component: WebKit Impact: Processing web content may lead to arbitrary code execution Description: The issue was addressed with improved memory handling.

CVE-2023-23531 [HIGH] CVE-2023-23531: iOS 16.3 and iPadOS 16.3 Apple Security Update: About the security content of iOS 16.3 and iPadOS 16.3 Product: iOS 16.3 and iPadOS Version: 16.3 CVE: CVE-2023-23531 Component: Foundation Impact: An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges Description: The issue was addressed with improved memory handling.

CVE-2023-23504 [HIGH] CVE-2023-23504: iOS 16.3 and iPadOS 16.3 Apple Security Update: About the security content of iOS 16.3 and iPadOS 16.3 Product: iOS 16.3 and iPadOS Version: 16.3 CVE: CVE-2023-23504 Component: Kernel Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling.

CVE-2023-23496 [HIGH] CVE-2023-23496: iOS 16.3 and iPadOS 16.3 Apple Security Update: About the security content of iOS 16.3 and iPadOS 16.3 Product: iOS 16.3 and iPadOS Version: 16.3 CVE: CVE-2023-23496 Component: WebKit Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: The issue was addressed with improved checks.

CVE-2023-23530 [HIGH] CVE-2023-23530: iOS 16.3 and iPadOS 16.3 Apple Security Update: About the security content of iOS 16.3 and iPadOS 16.3 Product: iOS 16.3 and iPadOS Version: 16.3 CVE: CVE-2023-23530 Component: Foundation Impact: An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges Description: The issue was addressed with improved memory handling.

CVE-2023-41990 [HIGH] CVE-2023-41990: iOS 16.3 and iPadOS 16.3 Apple Security Update: About the security content of iOS 16.3 and iPadOS 16.3 Product: iOS 16.3 and iPadOS Version: 16.3 CVE: CVE-2023-41990 Component: FontParser Impact: Processing a font file may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.1. Description: The issue was addressed with improved handling of caches.

CVE-2023-23511 [MEDIUM] CVE-2023-23511: iOS 16.3 and iPadOS 16.3 Apple Security Update: About the security content of iOS 16.3 and iPadOS 16.3 Product: iOS 16.3 and iPadOS Version: 16.3 CVE: CVE-2023-23511 Component: Weather Impact: An app may be able to bypass Privacy preferences Description: The issue was addressed with improved memory handling.

CVE-2023-23503 [MEDIUM] CVE-2023-23503: iOS 16.3 and iPadOS 16.3 Apple Security Update: About the security content of iOS 16.3 and iPadOS 16.3 Product: iOS 16.3 and iPadOS Version: 16.3 CVE: CVE-2023-23503 Component: Maps Impact: An app may be able to bypass Privacy preferences Description: A logic issue was addressed with improved state management.

CVE-2022-0108 [MEDIUM] CVE-2022-0108: iOS 16.3 and iPadOS 16.3 Apple Security Update: About the security content of iOS 16.3 and iPadOS 16.3 Product: iOS 16.3 and iPadOS Version: 16.3 CVE: CVE-2022-0108 Component: WebKit Impact: An HTML document may be able to render iframes with sensitive user information Description: This issue was addressed with improved iframe sandbox enforcement.

CVE-2023-23520 [MEDIUM] CVE-2023-23520: iOS 16.3 and iPadOS 16.3 Apple Security Update: About the security content of iOS 16.3 and iPadOS 16.3 Product: iOS 16.3 and iPadOS Version: 16.3 CVE: CVE-2023-23520 Component: Crash Reporter Impact: A user may be able to read arbitrary files as root Description: A race condition was addressed with additional validation.

CVE-2023-23502 [MEDIUM] CVE-2023-23502: iOS 16.3 and iPadOS 16.3 Apple Security Update: About the security content of iOS 16.3 and iPadOS 16.3 Product: iOS 16.3 and iPadOS Version: 16.3 CVE: CVE-2023-23502 Component: Kernel Impact: An app may be able to determine kernel memory layout Description: An information disclosure issue was addressed by removing the vulnerable code.

CVE-2023-23512 [MEDIUM] CVE-2023-23512: iOS 16.3 and iPadOS 16.3 Apple Security Update: About the security content of iOS 16.3 and iPadOS 16.3 Product: iOS 16.3 and iPadOS Version: 16.3 CVE: CVE-2023-23512 Component: Safari Impact: Visiting a website may lead to an app denial-of-service Description: The issue was addressed with improved handling of caches.

CVE-2023-23499 [MEDIUM] CVE-2023-23499: iOS 16.3 and iPadOS 16.3 Apple Security Update: About the security content of iOS 16.3 and iPadOS 16.3 Product: iOS 16.3 and iPadOS Version: 16.3 CVE: CVE-2023-23499 Component: AppleMobileFileIntegrity Impact: An app may be able to access user-sensitive data Description: This issue was addressed by enabling hardened runtime.

CVE-2023-28208 [MEDIUM] CVE-2023-28208: iOS 16.3 and iPadOS 16.3 Apple Security Update: About the security content of iOS 16.3 and iPadOS 16.3 Product: iOS 16.3 and iPadOS Version: 16.3 CVE: CVE-2023-28208 Component: Messages Impact: A user may send a text from a secondary eSIM despite configuring a contact to use a primary eSIM Description: A logic issue was addressed with improved state management.

CVE-2023-23500 [MEDIUM] CVE-2023-23500: iOS 16.3 and iPadOS 16.3 Apple Security Update: About the security content of iOS 16.3 and iPadOS 16.3 Product: iOS 16.3 and iPadOS Version: 16.3 CVE: CVE-2023-23500 Component: Kernel Impact: An app may be able to leak sensitive kernel state Description: The issue was addressed with improved memory handling.

CVE-2023-32438 [MEDIUM] CVE-2023-32438: iOS 16.3 and iPadOS 16.3 Apple Security Update: About the security content of iOS 16.3 and iPadOS 16.3 Product: iOS 16.3 and iPadOS Version: 16.3 CVE: CVE-2023-32438 Component: AppleMobileFileIntegrity Impact: An app may be able to bypass Privacy preferences Description: This issue was addressed with improved checks to prevent unauthorized actions.

CVE-2023-23505 [LOW] CVE-2023-23505: iOS 16.3 and iPadOS 16.3 Apple Security Update: About the security content of iOS 16.3 and iPadOS 16.3 Product: iOS 16.3 and iPadOS Version: 16.3 CVE: CVE-2023-23505 Component: Screen Time Impact: An app may be able to access information about a user’s contacts Description: A privacy issue was addressed with improved private data redaction for log entries.