Apple Ios 16.4 And Ipados vulnerabilities

CVE-2023-28201 [CRITICAL] CVE-2023-28201: iOS 16.4 and iPadOS 16.4 Apple Security Update: About the security content of iOS 16.4 and iPadOS 16.4 Product: iOS 16.4 and iPadOS Version: 16.4 CVE: CVE-2023-28201 Component: WebKit Web Inspector Impact: A remote attacker may be able to cause unexpected app termination or arbitrary code execution Description: This issue was addressed with improved state management.

CVE-2023-23526 [CRITICAL] CVE-2023-23526: iOS 16.4 and iPadOS 16.4 Apple Security Update: About the security content of iOS 16.4 and iPadOS 16.4 Product: iOS 16.4 and iPadOS Version: 16.4 CVE: CVE-2023-23526 Component: Foundation Impact: Parsing a maliciously crafted plist may lead to an unexpected app termination or arbitrary code execution Description: An integer overflow was addressed with improved input validation.

CVE-2023-32435 [HIGH] CVE-2023-32435: iOS 16.4 and iPadOS 16.4 Apple Security Update: About the security content of iOS 16.4 and iPadOS 16.4 Product: iOS 16.4 and iPadOS Version: 16.4 CVE: CVE-2023-32435 Component: WebKit Impact: Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7. Description: A memory corruption issue was addressed with improved state management

CVE-2023-28198 [HIGH] CVE-2023-28198: iOS 16.4 and iPadOS 16.4 Apple Security Update: About the security content of iOS 16.4 and iPadOS 16.4 Product: iOS 16.4 and iPadOS Version: 16.4 CVE: CVE-2023-28198 Component: WebKit Impact: Processing web content may lead to arbitrary code execution Description: A use-after-free issue was addressed with improved memory management.

CVE-2023-23536 [HIGH] CVE-2023-23536: iOS 16.4 and iPadOS 16.4 Apple Security Update: About the security content of iOS 16.4 and iPadOS 16.4 Product: iOS 16.4 and iPadOS Version: 16.4 CVE: CVE-2023-23536 Component: Kernel Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved bounds checks.

CVE-2023-41075 [HIGH] CVE-2023-41075: iOS 16.4 and iPadOS 16.4 Apple Security Update: About the security content of iOS 16.4 and iPadOS 16.4 Product: iOS 16.4 and iPadOS Version: 16.4 CVE: CVE-2023-41075 Component: LaunchServices Impact: An app may be able to gain root privileges Description: This issue was addressed with improved checks.

CVE-2023-27937 [HIGH] CVE-2023-27937: iOS 16.4 and iPadOS 16.4 Apple Security Update: About the security content of iOS 16.4 and iPadOS 16.4 Product: iOS 16.4 and iPadOS Version: 16.4 CVE: CVE-2023-27937 Component: Foundation Impact: Parsing a maliciously crafted plist may lead to an unexpected app termination or arbitrary code execution Description: An integer overflow was addressed with improved input validation.

CVE-2023-40398 [HIGH] CVE-2023-40398: iOS 16.4 and iPadOS 16.4 Apple Security Update: About the security content of iOS 16.4 and iPadOS 16.4 Product: iOS 16.4 and iPadOS Version: 16.4 CVE: CVE-2023-40398 Component: CoreServices Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: This issue was addressed with improved checks.

CVE-2023-23525 [HIGH] CVE-2023-23525: iOS 16.4 and iPadOS 16.4 Apple Security Update: About the security content of iOS 16.4 and iPadOS 16.4 Product: iOS 16.4 and iPadOS Version: 16.4 CVE: CVE-2023-23525 Component: LaunchServices Impact: An app may be able to gain root privileges Description: This issue was addressed with improved checks.

CVE-2023-23532 [HIGH] CVE-2023-23532: iOS 16.4 and iPadOS 16.4 Apple Security Update: About the security content of iOS 16.4 and iPadOS 16.4 Product: iOS 16.4 and iPadOS Version: 16.4 CVE: CVE-2023-23532 Impact: An app may be able to break out of its sandbox Description: This issue was addressed with improved checks.

CVE-2023-27970 [HIGH] CVE-2023-27970: iOS 16.4 and iPadOS 16.4 Apple Security Update: About the security content of iOS 16.4 and iPadOS 16.4 Product: iOS 16.4 and iPadOS Version: 16.4 CVE: CVE-2023-27970 Impact: An app may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved bounds checking.

CVE-2023-32366 [HIGH] CVE-2023-32366: iOS 16.4 and iPadOS 16.4 Apple Security Update: About the security content of iOS 16.4 and iPadOS 16.4 Product: iOS 16.4 and iPadOS Version: 16.4 CVE: CVE-2023-32366 Component: FontParser Impact: Processing a font file may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved input validation.

CVE-2023-27959 [HIGH] CVE-2023-27959: iOS 16.4 and iPadOS 16.4 Apple Security Update: About the security content of iOS 16.4 and iPadOS 16.4 Product: iOS 16.4 and iPadOS Version: 16.4 CVE: CVE-2023-27959 Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling.

CVE-2023-23540 [HIGH] CVE-2023-23540: iOS 16.4 and iPadOS 16.4 Apple Security Update: About the security content of iOS 16.4 and iPadOS 16.4 Product: iOS 16.4 and iPadOS Version: 16.4 CVE: CVE-2023-23540 Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling.

CVE-2023-28181 [HIGH] CVE-2023-28181: iOS 16.4 and iPadOS 16.4 Apple Security Update: About the security content of iOS 16.4 and iPadOS 16.4 Product: iOS 16.4 and iPadOS Version: 16.4 CVE: CVE-2023-28181 Component: CoreCapture Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling.

CVE-2023-27963 [HIGH] CVE-2023-27963: iOS 16.4 and iPadOS 16.4 Apple Security Update: About the security content of iOS 16.4 and iPadOS 16.4 Product: iOS 16.4 and iPadOS Version: 16.4 CVE: CVE-2023-27963 Component: Shortcuts Impact: A shortcut may be able to use sensitive data with certain actions without prompting the user Description: The issue was addressed with additional permissions checks.

CVE-2023-27969 [HIGH] CVE-2023-27969: iOS 16.4 and iPadOS 16.4 Apple Security Update: About the security content of iOS 16.4 and iPadOS 16.4 Product: iOS 16.4 and iPadOS Version: 16.4 CVE: CVE-2023-27969 Component: Kernel Impact: An app may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed with improved memory management.

CVE-2023-32358 [HIGH] CVE-2023-32358: iOS 16.4 and iPadOS 16.4 Apple Security Update: About the security content of iOS 16.4 and iPadOS 16.4 Product: iOS 16.4 and iPadOS Version: 16.4 CVE: CVE-2023-32358 Component: WebKit PDF Impact: Processing web content may lead to arbitrary code execution Description: A type confusion issue was addressed with improved checks.

CVE-2014-1745 [HIGH] CVE-2014-1745: iOS 16.4 and iPadOS 16.4 Apple Security Update: About the security content of iOS 16.4 and iPadOS 16.4 Product: iOS 16.4 and iPadOS Version: 16.4 CVE: CVE-2014-1745 Component: WebKit Impact: Processing a file may lead to a denial-of-service or potentially disclose memory contents Description: The issue was addressed with improved checks.

CVE-2023-28185 [MEDIUM] CVE-2023-28185: iOS 16.4 and iPadOS 16.4 Apple Security Update: About the security content of iOS 16.4 and iPadOS 16.4 Product: iOS 16.4 and iPadOS Version: 16.4 CVE: CVE-2023-28185 Component: Kernel Impact: An app may be able to cause a denial-of-service Description: An integer overflow was addressed through improved input validation.