Apple Ios 16.5 And Ipados vulnerabilities

CVE-2023-32419 [CRITICAL] CVE-2023-32419: iOS 16.5 and iPadOS 16.5 Apple Security Update: About the security content of iOS 16.5 and iPadOS 16.5 Product: iOS 16.5 and iPadOS Version: 16.5 CVE: CVE-2023-32419 Component: Cellular Impact: A remote attacker may be able to cause arbitrary code execution Description: The issue was addressed with improved bounds checks.

CVE-2023-32412 [CRITICAL] CVE-2023-32412: iOS 16.5 and iPadOS 16.5 Apple Security Update: About the security content of iOS 16.5 and iPadOS 16.5 Product: iOS 16.5 and iPadOS Version: 16.5 CVE: CVE-2023-32412 Component: Telephony Impact: A remote attacker may be able to cause unexpected app termination or arbitrary code execution Description: A use-after-free issue was addressed with improved memory management.

CVE-2023-32437 [HIGH] CVE-2023-32437: iOS 16.5 and iPadOS 16.5 Apple Security Update: About the security content of iOS 16.5 and iPadOS 16.5 Product: iOS 16.5 and iPadOS Version: 16.5 CVE: CVE-2023-32437 Component: NSURLSession Impact: An app may be able to break out of its sandbox Description: The issue was addressed with improvements to the file handling protocol.

CVE-2023-32384 [HIGH] CVE-2023-32384: iOS 16.5 and iPadOS 16.5 Apple Security Update: About the security content of iOS 16.5 and iPadOS 16.5 Product: iOS 16.5 and iPadOS Version: 16.5 CVE: CVE-2023-32384 Component: ImageIO Impact: Processing an image may lead to arbitrary code execution Description: A buffer overflow was addressed with improved bounds checking.

CVE-2023-32413 [HIGH] CVE-2023-32413: iOS 16.5 and iPadOS 16.5 Apple Security Update: About the security content of iOS 16.5 and iPadOS 16.5 Product: iOS 16.5 and iPadOS Version: 16.5 CVE: CVE-2023-32413 Component: Kernel Impact: An app may be able to gain root privileges Description: A race condition was addressed with improved state handling.

CVE-2023-32357 [HIGH] CVE-2023-32357: iOS 16.5 and iPadOS 16.5 Apple Security Update: About the security content of iOS 16.5 and iPadOS 16.5 Product: iOS 16.5 and iPadOS Version: 16.5 CVE: CVE-2023-32357 Component: Sandbox Impact: An app may be able to retain access to system configuration files even after its permission is revoked Description: An authorization issue was addressed with improved state management.

CVE-2023-32398 [HIGH] CVE-2023-32398: iOS 16.5 and iPadOS 16.5 Apple Security Update: About the security content of iOS 16.5 and iPadOS 16.5 Product: iOS 16.5 and iPadOS Version: 16.5 CVE: CVE-2023-32398 Component: Kernel Impact: An app may be able to execute arbitrary code with kernel privileges Description: A use-after-free issue was addressed with improved memory management.

CVE-2023-32428 [HIGH] CVE-2023-32428: iOS 16.5 and iPadOS 16.5 Apple Security Update: About the security content of iOS 16.5 and iPadOS 16.5 Product: iOS 16.5 and iPadOS Version: 16.5 CVE: CVE-2023-32428 Component: MallocStackLogging Impact: An app may be able to gain root privileges Description: This issue was addressed with improved file handling.

CVE-2023-32409 [HIGH] CVE-2023-32409: iOS 16.5 and iPadOS 16.5 Apple Security Update: About the security content of iOS 16.5 and iPadOS 16.5 Product: iOS 16.5 and iPadOS Version: 16.5 CVE: CVE-2023-32409 Component: WebKit Impact: A remote attacker may be able to break out of Web Content sandbox. Apple is aware of a report that this issue may have been actively exploited. Description: The issue was addressed with improved bounds checks.

CVE-2023-42869 [HIGH] CVE-2023-42869: iOS 16.5 and iPadOS 16.5 Apple Security Update: About the security content of iOS 16.5 and iPadOS 16.5 Product: iOS 16.5 and iPadOS Version: 16.5 CVE: CVE-2023-42869 Component: LaunchServices Impact: An app may bypass Gatekeeper checks Description: A logic issue was addressed with improved checks.

CVE-2023-32420 [HIGH] CVE-2023-32420: iOS 16.5 and iPadOS 16.5 Apple Security Update: About the security content of iOS 16.5 and iPadOS 16.5 Product: iOS 16.5 and iPadOS Version: 16.5 CVE: CVE-2023-32420 Component: IOSurfaceAccelerator Impact: An app may be able to cause unexpected system termination or read kernel memory Description: An out-of-bounds read was addressed with improved input validation.

CVE-2023-32373 [HIGH] CVE-2023-32373: iOS 16.5 and iPadOS 16.5 Apple Security Update: About the security content of iOS 16.5 and iPadOS 16.5 Product: iOS 16.5 and iPadOS Version: 16.5 CVE: CVE-2023-32373 Component: WebKit Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. Description: A use-after-free issue was addressed with improved memory management.

CVE-2023-27930 [HIGH] CVE-2023-27930: iOS 16.5 and iPadOS 16.5 Apple Security Update: About the security content of iOS 16.5 and iPadOS 16.5 Product: iOS 16.5 and iPadOS Version: 16.5 CVE: CVE-2023-27930 Component: Kernel Impact: An app may be able to execute arbitrary code with kernel privileges Description: A type confusion issue was addressed with improved checks.

CVE-2023-32425 [HIGH] CVE-2023-32425: iOS 16.5 and iPadOS 16.5 Apple Security Update: About the security content of iOS 16.5 and iPadOS 16.5 Product: iOS 16.5 and iPadOS Version: 16.5 CVE: CVE-2023-32425 Impact: An app may be able to gain elevated privileges Description: The issue was addressed with improved memory handling.

CVE-2023-32400 [MEDIUM] CVE-2023-32400: iOS 16.5 and iPadOS 16.5 Apple Security Update: About the security content of iOS 16.5 and iPadOS 16.5 Product: iOS 16.5 and iPadOS Version: 16.5 CVE: CVE-2023-32400 Component: Accessibility Impact: Entitlements and privacy permissions granted to this app may be used by a malicious app Description: This issue was addressed with improved checks.

CVE-2023-32367 [MEDIUM] CVE-2023-32367: iOS 16.5 and iPadOS 16.5 Apple Security Update: About the security content of iOS 16.5 and iPadOS 16.5 Product: iOS 16.5 and iPadOS Version: 16.5 CVE: CVE-2023-32367 Component: Security Impact: An app may be able to access user-sensitive data Description: This issue was addressed with improved entitlements.

CVE-2023-32422 [MEDIUM] CVE-2023-32422: iOS 16.5 and iPadOS 16.5 Apple Security Update: About the security content of iOS 16.5 and iPadOS 16.5 Product: iOS 16.5 and iPadOS Version: 16.5 CVE: CVE-2023-32422 Component: SQLite Impact: An app may be able to bypass Privacy preferences Description: This issue was addressed by adding additional SQLite logging restrictions.

CVE-2023-32415 [MEDIUM] CVE-2023-32415: iOS 16.5 and iPadOS 16.5 Apple Security Update: About the security content of iOS 16.5 and iPadOS 16.5 Product: iOS 16.5 and iPadOS Version: 16.5 CVE: CVE-2023-32415 Component: Weather Impact: An app may be able to read sensitive location information Description: This issue was addressed with improved redaction of sensitive information.

CVE-2023-32385 [MEDIUM] CVE-2023-32385: iOS 16.5 and iPadOS 16.5 Apple Security Update: About the security content of iOS 16.5 and iPadOS 16.5 Product: iOS 16.5 and iPadOS Version: 16.5 CVE: CVE-2023-32385 Component: PDFKit Impact: Opening a PDF file may lead to unexpected app termination Description: A denial-of-service issue was addressed with improved memory handling.

CVE-2023-28204 [MEDIUM] CVE-2023-28204: iOS 16.5 and iPadOS 16.5 Apple Security Update: About the security content of iOS 16.5 and iPadOS 16.5 Product: iOS 16.5 and iPadOS Version: 16.5 CVE: CVE-2023-28204 Component: WebKit Impact: Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been actively exploited. Description: An out-of-bounds read was addressed with improved input validation.