Apple Ios 17.6 And Ipados vulnerabilities

CVE-2024-40836 [MEDIUM] CVE-2024-40836: iOS 17.6 and iPadOS 17.6 Apple Security Update: About the security content of iOS 17.6 and iPadOS 17.6 Product: iOS 17.6 and iPadOS Version: 17.6 CVE: CVE-2024-40836 Component: Shortcuts Impact: A shortcut may be able to use sensitive data with certain actions without prompting the user Description: A logic issue was addressed with improved checks.

CVE-2024-40794 [MEDIUM] CVE-2024-40794: iOS 17.6 and iPadOS 17.6 Apple Security Update: About the security content of iOS 17.6 and iPadOS 17.6 Product: iOS 17.6 and iPadOS Version: 17.6 CVE: CVE-2024-40794 Component: WebKit Impact: Private Browsing tabs may be accessed without authentication Description: This issue was addressed through improved state management.

CVE-2024-40776 [MEDIUM] CVE-2024-40776: iOS 17.6 and iPadOS 17.6 Apple Security Update: About the security content of iOS 17.6 and iPadOS 17.6 Product: iOS 17.6 and iPadOS Version: 17.6 CVE: CVE-2024-40776 Component: WebKit Impact: Processing maliciously crafted web content may lead to an unexpected process crash Description: A use-after-free issue was addressed with improved memory management.

CVE-2024-44185 [MEDIUM] CVE-2024-44185: iOS 17.6 and iPadOS 17.6 Apple Security Update: About the security content of iOS 17.6 and iPadOS 17.6 Product: iOS 17.6 and iPadOS Version: 17.6 CVE: CVE-2024-44185 Component: WebKit Impact: Processing maliciously crafted web content may lead to an unexpected process crash Description: The issue was addressed with improved checks.

CVE-2024-40793 [MEDIUM] CVE-2024-40793: iOS 17.6 and iPadOS 17.6 Apple Security Update: About the security content of iOS 17.6 and iPadOS 17.6 Product: iOS 17.6 and iPadOS Version: 17.6 CVE: CVE-2024-40793 Component: Shortcuts Impact: An app may be able to access user-sensitive data Description: This issue was addressed by removing the vulnerable code.

CVE-2024-40835 [MEDIUM] CVE-2024-40835: iOS 17.6 and iPadOS 17.6 Apple Security Update: About the security content of iOS 17.6 and iPadOS 17.6 Product: iOS 17.6 and iPadOS Version: 17.6 CVE: CVE-2024-40835 Component: Shortcuts Impact: A shortcut may be able to use sensitive data with certain actions without prompting the user Description: A logic issue was addressed with improved checks.

CVE-2024-40777 [MEDIUM] CVE-2024-40777: iOS 17.6 and iPadOS 17.6 Apple Security Update: About the security content of iOS 17.6 and iPadOS 17.6 Product: iOS 17.6 and iPadOS Version: 17.6 CVE: CVE-2024-40777 Component: ImageIO Impact: Processing a maliciously crafted file may lead to unexpected app termination Description: An out-of-bounds access issue was addressed with improved bounds checking.

CVE-2024-27863 [MEDIUM] CVE-2024-27863: iOS 17.6 and iPadOS 17.6 Apple Security Update: About the security content of iOS 17.6 and iPadOS 17.6 Product: iOS 17.6 and iPadOS Version: 17.6 CVE: CVE-2024-27863 Component: Kernel Impact: A local attacker may be able to determine kernel memory layout Description: An information disclosure issue was addressed with improved private data redaction for log entries.

CVE-2024-27871 [MEDIUM] CVE-2024-27871: iOS 17.6 and iPadOS 17.6 Apple Security Update: About the security content of iOS 17.6 and iPadOS 17.6 Product: iOS 17.6 and iPadOS Version: 17.6 CVE: CVE-2024-27871 Component: Sandbox Impact: An app may be able to access protected user data Description: A path handling issue was addressed with improved validation.

CVE-2024-40818 [MEDIUM] CVE-2024-40818: iOS 17.6 and iPadOS 17.6 Apple Security Update: About the security content of iOS 17.6 and iPadOS 17.6 Product: iOS 17.6 and iPadOS Version: 17.6 CVE: CVE-2024-40818 Component: Siri Impact: An attacker with physical access may be able to use Siri to access sensitive user data Description: This issue was addressed by restricting options offered on a locked device.

CVE-2024-27873 [MEDIUM] CVE-2024-27873: iOS 17.6 and iPadOS 17.6 Apple Security Update: About the security content of iOS 17.6 and iPadOS 17.6 Product: iOS 17.6 and iPadOS Version: 17.6 CVE: CVE-2024-27873 Component: CoreMedia Impact: Processing a maliciously crafted video file may lead to unexpected app termination Description: An out-of-bounds write issue was addressed with improved input validation.

CVE-2024-40780 [MEDIUM] CVE-2024-40780: iOS 17.6 and iPadOS 17.6 Apple Security Update: About the security content of iOS 17.6 and iPadOS 17.6 Product: iOS 17.6 and iPadOS Version: 17.6 CVE: CVE-2024-40780 Component: WebKit Impact: Processing maliciously crafted web content may lead to an unexpected process crash Description: An out-of-bounds read was addressed with improved bounds checking.

CVE-2024-40785 [MEDIUM] CVE-2024-40785: iOS 17.6 and iPadOS 17.6 Apple Security Update: About the security content of iOS 17.6 and iPadOS 17.6 Product: iOS 17.6 and iPadOS Version: 17.6 CVE: CVE-2024-40785 Component: WebKit Impact: Processing maliciously crafted web content may lead to a cross site scripting attack Description: This issue was addressed with improved checks.

CVE-2024-40779 [MEDIUM] CVE-2024-40779: iOS 17.6 and iPadOS 17.6 Apple Security Update: About the security content of iOS 17.6 and iPadOS 17.6 Product: iOS 17.6 and iPadOS Version: 17.6 CVE: CVE-2024-40779 Component: WebKit Impact: Processing maliciously crafted web content may lead to an unexpected process crash Description: An out-of-bounds read was addressed with improved bounds checking.

CVE-2024-40784 [MEDIUM] CVE-2024-40784: iOS 17.6 and iPadOS 17.6 Apple Security Update: About the security content of iOS 17.6 and iPadOS 17.6 Product: iOS 17.6 and iPadOS Version: 17.6 CVE: CVE-2024-40784 Component: ImageIO Impact: Processing a maliciously crafted file may lead to unexpected app termination Description: An integer overflow was addressed with improved input validation.

CVE-2024-44205 [MEDIUM] CVE-2024-44205: iOS 17.6 and iPadOS 17.6 Apple Security Update: About the security content of iOS 17.6 and iPadOS 17.6 Product: iOS 17.6 and iPadOS Version: 17.6 CVE: CVE-2024-44205 Component: Siri Impact: A sandboxed app may be able to access sensitive user data in system logs Description: A privacy issue was addressed with improved private data redaction for log entries.

CVE-2024-40813 [MEDIUM] CVE-2024-40813: iOS 17.6 and iPadOS 17.6 Apple Security Update: About the security content of iOS 17.6 and iPadOS 17.6 Product: iOS 17.6 and iPadOS Version: 17.6 CVE: CVE-2024-40813 Component: Phone Impact: An attacker with physical access may be able to use Siri to access sensitive user data Description: A lock screen issue was addressed with improved state management.

CVE-2024-40778 [LOW] CVE-2024-40778: iOS 17.6 and iPadOS 17.6 Apple Security Update: About the security content of iOS 17.6 and iPadOS 17.6 Product: iOS 17.6 and iPadOS Version: 17.6 CVE: CVE-2024-40778 Component: Photos Storage Impact: Photos in the Hidden Photos Album may be viewed without authentication Description: An authentication issue was addressed with improved state management.

CVE-2024-40822 [LOW] CVE-2024-40822: iOS 17.6 and iPadOS 17.6 Apple Security Update: About the security content of iOS 17.6 and iPadOS 17.6 Product: iOS 17.6 and iPadOS Version: 17.6 CVE: CVE-2024-40822 Component: Siri Impact: An attacker with physical access to a device may be able to access contacts from the lock screen Description: This issue was addressed by restricting options offered on a locked device.

CVE-2024-40795 [LOW] CVE-2024-40795: iOS 17.6 and iPadOS 17.6 Apple Security Update: About the security content of iOS 17.6 and iPadOS 17.6 Product: iOS 17.6 and iPadOS Version: 17.6 CVE: CVE-2024-40795 Component: Family Sharing Impact: An app may be able to read sensitive location information Description: This issue was addressed with improved data protection.