Apple Ios 17.4 And Ipados vulnerabilities

CVE-2024-23288 [HIGH] CVE-2024-23288: iOS 17.4 and iPadOS 17.4 Apple Security Update: About the security content of iOS 17.4 and iPadOS 17.4 Product: iOS 17.4 and iPadOS Version: 17.4 CVE: CVE-2024-23288 Component: AppleMobileFileIntegrity Impact: An app may be able to elevate privileges Description: This issue was addressed by removing the vulnerable code.

CVE-2024-0258 [HIGH] CVE-2024-0258: iOS 17.4 and iPadOS 17.4 Apple Security Update: About the security content of iOS 17.4 and iPadOS 17.4 Product: iOS 17.4 and iPadOS Version: 17.4 CVE: CVE-2024-0258 Component: Kernel Impact: An app may be able to cause unexpected system termination or write kernel memory Description: A memory corruption vulnerability was addressed with improved locking.

CVE-2024-23246 [HIGH] CVE-2024-23246: iOS 17.4 and iPadOS 17.4 Apple Security Update: About the security content of iOS 17.4 and iPadOS 17.4 Product: iOS 17.4 and iPadOS Version: 17.4 CVE: CVE-2024-23246 Component: UIKit Impact: An app may be able to break out of its sandbox Description: This issue was addressed by removing the vulnerable code.

CVE-2024-23225 [HIGH] CVE-2024-23225: iOS 17.4 and iPadOS 17.4 Apple Security Update: About the security content of iOS 17.4 and iPadOS 17.4 Product: iOS 17.4 and iPadOS Version: 17.4 CVE: CVE-2024-23225 Component: CVE-2024-23225

CVE-2024-23286 [HIGH] CVE-2024-23286: iOS 17.4 and iPadOS 17.4 Apple Security Update: About the security content of iOS 17.4 and iPadOS 17.4 Product: iOS 17.4 and iPadOS Version: 17.4 CVE: CVE-2024-23286 Component: ImageIO Impact: Processing an image may lead to arbitrary code execution Description: A buffer overflow issue was addressed with improved memory handling.

CVE-2024-27859 [HIGH] CVE-2024-27859: iOS 17.4 and iPadOS 17.4 Apple Security Update: About the security content of iOS 17.4 and iPadOS 17.4 Product: iOS 17.4 and iPadOS Version: 17.4 CVE: CVE-2024-27859 Component: WebKit Impact: Processing web content may lead to arbitrary code execution Description: The issue was addressed with improved memory handling.

CVE-2024-23226 [HIGH] CVE-2024-23226: iOS 17.4 and iPadOS 17.4 Apple Security Update: About the security content of iOS 17.4 and iPadOS 17.4 Product: iOS 17.4 and iPadOS Version: 17.4 CVE: CVE-2024-23226 Component: WebKit Impact: Processing web content may lead to arbitrary code execution Description: The issue was addressed with improved memory handling.

CVE-2024-23278 [HIGH] CVE-2024-23278: iOS 17.4 and iPadOS 17.4 Apple Security Update: About the security content of iOS 17.4 and iPadOS 17.4 Product: iOS 17.4 and iPadOS Version: 17.4 CVE: CVE-2024-23278 Component: Kernel Impact: An app may be able to cause unexpected system termination or write kernel memory Description: A memory corruption vulnerability was addressed with improved locking.

CVE-2024-23296 [HIGH] CVE-2024-23296: iOS 17.4 and iPadOS 17.4 Apple Security Update: About the security content of iOS 17.4 and iPadOS 17.4 Product: iOS 17.4 and iPadOS Version: 17.4 CVE: CVE-2024-23296 Component: CVE-2024-23296

CVE-2024-23270 [HIGH] CVE-2024-23270: iOS 17.4 and iPadOS 17.4 Apple Security Update: About the security content of iOS 17.4 and iPadOS 17.4 Product: iOS 17.4 and iPadOS Version: 17.4 CVE: CVE-2024-23270 Component: Image Processing Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling.

CVE-2024-23265 [HIGH] CVE-2024-23265: iOS 17.4 and iPadOS 17.4 Apple Security Update: About the security content of iOS 17.4 and iPadOS 17.4 Product: iOS 17.4 and iPadOS Version: 17.4 CVE: CVE-2024-23265 Component: Kernel Impact: An app may be able to cause unexpected system termination or write kernel memory Description: A memory corruption vulnerability was addressed with improved locking.

CVE-2024-23293 [MEDIUM] CVE-2024-23293: iOS 17.4 and iPadOS 17.4 Apple Security Update: About the security content of iOS 17.4 and iPadOS 17.4 Product: iOS 17.4 and iPadOS Version: 17.4 CVE: CVE-2024-23293 Component: Siri Impact: An attacker with physical access may be able to use Siri to access sensitive user data Description: This issue was addressed through improved state management.

CVE-2024-23205 [MEDIUM] CVE-2024-23205: iOS 17.4 and iPadOS 17.4 Apple Security Update: About the security content of iOS 17.4 and iPadOS 17.4 Product: iOS 17.4 and iPadOS Version: 17.4 CVE: CVE-2024-23205 Component: CVE-2024-23205 Impact: Processing a file may lead to a denial-of-service or potentially disclose memory contents Description: This issue was addressed with improved checks.

CVE-2024-23239 [MEDIUM] CVE-2024-23239: iOS 17.4 and iPadOS 17.4 Apple Security Update: About the security content of iOS 17.4 and iPadOS 17.4 Product: iOS 17.4 and iPadOS Version: 17.4 CVE: CVE-2024-23239 Component: Sandbox Impact: An app may be able to leak sensitive user information Description: A race condition was addressed with improved state handling.

CVE-2024-23273 [MEDIUM] CVE-2024-23273: iOS 17.4 and iPadOS 17.4 Apple Security Update: About the security content of iOS 17.4 and iPadOS 17.4 Product: iOS 17.4 and iPadOS Version: 17.4 CVE: CVE-2024-23273 Component: Safari Private Browsing Impact: Private Browsing tabs may be accessed without authentication Description: This issue was addressed through improved state management.

CVE-2022-48554 [MEDIUM] CVE-2022-48554: iOS 17.4 and iPadOS 17.4 Apple Security Update: About the security content of iOS 17.4 and iPadOS 17.4 Product: iOS 17.4 and iPadOS Version: 17.4 CVE: CVE-2022-48554 Component: CVE-2022-48554

CVE-2024-23277 [MEDIUM] CVE-2024-23277: iOS 17.4 and iPadOS 17.4 Apple Security Update: About the security content of iOS 17.4 and iPadOS 17.4 Product: iOS 17.4 and iPadOS Version: 17.4 CVE: CVE-2024-23277 Component: Bluetooth Impact: An attacker in a privileged network position may be able to inject keystrokes by spoofing a keyboard Description: The issue was addressed with improved checks.

CVE-2024-23264 [MEDIUM] CVE-2024-23264: iOS 17.4 and iPadOS 17.4 Apple Security Update: About the security content of iOS 17.4 and iPadOS 17.4 Product: iOS 17.4 and iPadOS Version: 17.4 CVE: CVE-2024-23264 Component: Metal Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization.

CVE-2024-23254 [MEDIUM] CVE-2024-23254: iOS 17.4 and iPadOS 17.4 Apple Security Update: About the security content of iOS 17.4 and iPadOS 17.4 Product: iOS 17.4 and iPadOS Version: 17.4 CVE: CVE-2024-23254 Component: WebKit Impact: A malicious website may exfiltrate audio data cross-origin Description: The issue was addressed with improved UI handling.

CVE-2024-23263 [MEDIUM] CVE-2024-23263: iOS 17.4 and iPadOS 17.4 Apple Security Update: About the security content of iOS 17.4 and iPadOS 17.4 Product: iOS 17.4 and iPadOS Version: 17.4 CVE: CVE-2024-23263 Component: WebKit Impact: Processing maliciously crafted web content may prevent Content Security Policy from being enforced Description: A logic issue was addressed with improved validation.