A local attacker may be able to elevate their privileges. This issue is fixed in macOS Monterey 12.7, macOS Ventura 13.6, iOS 16.7 and iPadOS 16.7. The issue was addressed with improved checks. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7. Processing web content may lead to arbitrary code execution. This issue is fixed in Safari 17, iOS 16.7 and iPadOS 16.7, macOS Sonoma 14. An app may be able to execute arbitrary code with kernel privileges. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.6.Ī use-after-free issue was addressed with improved memory management. Inappropriate implementation in App Launcher in Google Chrome on iOS prior to 1.96 allowed a remote attacker to potentially spoof elements of the security UI via a crafted HTML page. Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 1.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Lack of TLS certificate verification in log transmission of a financial module within LINE Client for iOS prior to 13.16.0.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |