Apple Ios 16.4 And Ipados vulnerabilities

CVE-2022-46705 [MEDIUM] CVE-2022-46705: iOS 16.4 and iPadOS 16.4 Apple Security Update: About the security content of iOS 16.4 and iPadOS 16.4 Product: iOS 16.4 and iPadOS Version: 16.4 CVE: CVE-2022-46705 Component: WebKit Impact: Visiting a malicious website may lead to address bar spoofing Description: A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation.

CVE-2023-27933 [MEDIUM] CVE-2023-27933: iOS 16.4 and iPadOS 16.4 Apple Security Update: About the security content of iOS 16.4 and iPadOS 16.4 Product: iOS 16.4 and iPadOS Version: 16.4 CVE: CVE-2023-27933 Component: Kernel Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling.

CVE-2023-28188 [MEDIUM] CVE-2023-28188: iOS 16.4 and iPadOS 16.4 Apple Security Update: About the security content of iOS 16.4 and iPadOS 16.4 Product: iOS 16.4 and iPadOS Version: 16.4 CVE: CVE-2023-28188 Component: TextKit Impact: A remote user may be able to cause a denial-of-service Description: A denial-of-service issue was addressed with improved input validation.

CVE-2023-27961 [MEDIUM] CVE-2023-27961: iOS 16.4 and iPadOS 16.4 Apple Security Update: About the security content of iOS 16.4 and iPadOS 16.4 Product: iOS 16.4 and iPadOS Version: 16.4 CVE: CVE-2023-27961 Component: Calendar Impact: Importing a maliciously crafted calendar invitation may exfiltrate user information Description: Multiple validation issues were addressed with improved input sanitization.

CVE-2023-23494 [MEDIUM] CVE-2023-23494: iOS 16.4 and iPadOS 16.4 Apple Security Update: About the security content of iOS 16.4 and iPadOS 16.4 Product: iOS 16.4 and iPadOS Version: 16.4 CVE: CVE-2023-23494 Component: CarPlay Impact: A user in a privileged network position may be able to cause a denial-of-service Description: A buffer overflow was addressed with improved bounds checking.

CVE-2023-27931 [MEDIUM] CVE-2023-27931: iOS 16.4 and iPadOS 16.4 Apple Security Update: About the security content of iOS 16.4 and iPadOS 16.4 Product: iOS 16.4 and iPadOS Version: 16.4 CVE: CVE-2023-27931 Component: AppleMobileFileIntegrity Impact: An app may be able to access user-sensitive data Description: This issue was addressed by removing the vulnerable code.

CVE-2023-23527 [MEDIUM] CVE-2023-23527: iOS 16.4 and iPadOS 16.4 Apple Security Update: About the security content of iOS 16.4 and iPadOS 16.4 Product: iOS 16.4 and iPadOS Version: 16.4 CVE: CVE-2023-23527 Component: AppleMobileFileIntegrity Impact: A user may gain access to protected parts of the file system Description: The issue was addressed with improved checks.

CVE-2023-27943 [MEDIUM] CVE-2023-27943: iOS 16.4 and iPadOS 16.4 Apple Security Update: About the security content of iOS 16.4 and iPadOS 16.4 Product: iOS 16.4 and iPadOS Version: 16.4 CVE: CVE-2023-27943 Component: LaunchServices Impact: Files downloaded from the internet may not have the quarantine flag applied Description: This issue was addressed with improved checks.

CVE-2023-27932 [MEDIUM] CVE-2023-27932: iOS 16.4 and iPadOS 16.4 Apple Security Update: About the security content of iOS 16.4 and iPadOS 16.4 Product: iOS 16.4 and iPadOS Version: 16.4 CVE: CVE-2023-27932 Component: WebKit Impact: Processing maliciously crafted web content may bypass Same Origin Policy Description: This issue was addressed with improved state management.

CVE-2023-32424 [MEDIUM] CVE-2023-32424: iOS 16.4 and iPadOS 16.4 Apple Security Update: About the security content of iOS 16.4 and iPadOS 16.4 Product: iOS 16.4 and iPadOS Version: 16.4 CVE: CVE-2023-32424 Component: Kernel Impact: An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations Description: The issue was addressed with improved memory handling.

CVE-2023-42865 [MEDIUM] CVE-2023-42865: iOS 16.4 and iPadOS 16.4 Apple Security Update: About the security content of iOS 16.4 and iPadOS 16.4 Product: iOS 16.4 and iPadOS Version: 16.4 CVE: CVE-2023-42865 Component: ImageIO Impact: Processing an image may result in disclosure of process memory Description: An out-of-bounds read was addressed with improved input validation.

CVE-2023-27942 [MEDIUM] CVE-2023-27942: iOS 16.4 and iPadOS 16.4 Apple Security Update: About the security content of iOS 16.4 and iPadOS 16.4 Product: iOS 16.4 and iPadOS Version: 16.4 CVE: CVE-2023-27942 Component: Podcasts Impact: An app may be able to access user-sensitive data Description: The issue was addressed with improved checks.

CVE-2023-23537 [MEDIUM] CVE-2023-23537: iOS 16.4 and iPadOS 16.4 Apple Security Update: About the security content of iOS 16.4 and iPadOS 16.4 Product: iOS 16.4 and iPadOS Version: 16.4 CVE: CVE-2023-23537 Component: Find My Impact: An app may be able to read sensitive location information Description: A privacy issue was addressed with improved private data redaction for log entries.

CVE-2023-28178 [MEDIUM] CVE-2023-28178: iOS 16.4 and iPadOS 16.4 Apple Security Update: About the security content of iOS 16.4 and iPadOS 16.4 Product: iOS 16.4 and iPadOS Version: 16.4 CVE: CVE-2023-28178 Component: Sandbox Impact: An app may be able to bypass Privacy preferences Description: A logic issue was addressed with improved validation.

CVE-2023-28182 [MEDIUM] CVE-2023-28182: iOS 16.4 and iPadOS 16.4 Apple Security Update: About the security content of iOS 16.4 and iPadOS 16.4 Product: iOS 16.4 and iPadOS Version: 16.4 CVE: CVE-2023-28182 Component: NetworkExtension Impact: A user in a privileged network position may be able to spoof a VPN server that is configured with EAP-only authentication on a device Description: The issue was addressed with improved authentication.

CVE-2023-27956 [MEDIUM] CVE-2023-27956: iOS 16.4 and iPadOS 16.4 Apple Security Update: About the security content of iOS 16.4 and iPadOS 16.4 Product: iOS 16.4 and iPadOS Version: 16.4 CVE: CVE-2023-27956 Component: FontParser Impact: Processing a maliciously crafted image may result in disclosure of process memory Description: The issue was addressed with improved memory handling.

CVE-2023-42862 [MEDIUM] CVE-2023-42862: iOS 16.4 and iPadOS 16.4 Apple Security Update: About the security content of iOS 16.4 and iPadOS 16.4 Product: iOS 16.4 and iPadOS Version: 16.4 CVE: CVE-2023-42862 Component: ImageIO Impact: Processing an image may result in disclosure of process memory Description: An out-of-bounds read was addressed with improved input validation.

CVE-2022-46725 [MEDIUM] CVE-2022-46725: iOS 16.4 and iPadOS 16.4 Apple Security Update: About the security content of iOS 16.4 and iPadOS 16.4 Product: iOS 16.4 and iPadOS Version: 16.4 CVE: CVE-2022-46725 Component: WebKit Impact: Visiting a malicious website may lead to address bar spoofing Description: A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation.

CVE-2023-32370 [MEDIUM] CVE-2023-32370: iOS 16.4 and iPadOS 16.4 Apple Security Update: About the security content of iOS 16.4 and iPadOS 16.4 Product: iOS 16.4 and iPadOS Version: 16.4 CVE: CVE-2023-32370 Component: WebKit Impact: Content Security Policy to block domains with wildcards may fail Description: A logic issue was addressed with improved validation.

CVE-2023-27929 [MEDIUM] CVE-2023-27929: iOS 16.4 and iPadOS 16.4 Apple Security Update: About the security content of iOS 16.4 and iPadOS 16.4 Product: iOS 16.4 and iPadOS Version: 16.4 CVE: CVE-2023-27929 Component: ImageIO Impact: Processing a maliciously crafted image may result in disclosure of process memory Description: An out-of-bounds read was addressed with improved input validation.