iPadOS
iPadOS 16.7.6
Official advisory19 CVEs fixed by this release.
- Release date
- 2024-03-05
- End of support
- 2025-03-31 EOL
- CVEs fixed
- 19
- CISA KEV
- 1
- Critical
- 0
- High
- 0
- NVD pending
- 19
CVEs fixed
| CVE | Severity | KEV | Published | Description |
|---|---|---|---|---|
|
CVE-2024-23225
KEV
[Apple Kernel] An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protecti… |
N/A | KEV | [Apple Kernel] An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that thi… | |
|
CVE-2023-28826
[Apple MediaRemote] An app may be able to access sensitive user data |
N/A | — | [Apple MediaRemote] An app may be able to access sensitive user data | |
|
CVE-2024-23203
[Apple macOS Sonoma 14.3] A malicious website may cause unexpected cross-origin behavior |
N/A | — | [Apple macOS Sonoma 14.3] A malicious website may cause unexpected cross-origin behavior | |
|
CVE-2024-23204
[Apple macOS Sonoma 14.3] A malicious website may cause unexpected cross-origin behavior |
N/A | — | [Apple macOS Sonoma 14.3] A malicious website may cause unexpected cross-origin behavior | |
|
CVE-2024-23218
[Apple macOS Sonoma 14.3] A malicious website may cause unexpected cross-origin behavior |
N/A | — | [Apple macOS Sonoma 14.3] A malicious website may cause unexpected cross-origin behavior | |
|
CVE-2024-23231
[Apple Share Sheet] An app may be able to access user-sensitive data |
N/A | — | [Apple Share Sheet] An app may be able to access user-sensitive data | |
|
CVE-2024-23235
[Apple Kernel] An app may be able to access user-sensitive data |
N/A | — | [Apple Kernel] An app may be able to access user-sensitive data | |
|
CVE-2024-23246
[Apple UIKit] An app may be able to break out of its sandbox |
N/A | — | [Apple UIKit] An app may be able to break out of its sandbox | |
|
CVE-2024-23257
[Apple ImageIO] Processing an image may result in disclosure of process memory |
N/A | — | [Apple ImageIO] Processing an image may result in disclosure of process memory | |
|
CVE-2024-23259
[Apple Safari] Processing web content may lead to a denial-of-service |
N/A | — | [Apple Safari] Processing web content may lead to a denial-of-service | |
|
CVE-2024-23263
[Apple WebKit] Processing maliciously crafted web content may prevent Content Security Policy from being enforced |
N/A | — | [Apple WebKit] Processing maliciously crafted web content may prevent Content Security Policy from being enforced | |
|
CVE-2024-23264
[Apple Metal] An application may be able to read restricted memory |
N/A | — | [Apple Metal] An application may be able to read restricted memory | |
|
CVE-2024-23265
[Apple Kernel] An app may be able to cause unexpected system termination or write kernel memory |
N/A | — | [Apple Kernel] An app may be able to cause unexpected system termination or write kernel memory | |
|
CVE-2024-23278
[Apple libxpc] An app may be able to break out of its sandbox |
N/A | — | [Apple libxpc] An app may be able to break out of its sandbox | |
|
CVE-2024-23283
[Apple Notes] An app may be able to access user-sensitive data |
N/A | — | [Apple Notes] An app may be able to access user-sensitive data | |
|
CVE-2024-23284
[Apple WebKit] Processing maliciously crafted web content may prevent Content Security Policy from being enforced |
N/A | — | [Apple WebKit] Processing maliciously crafted web content may prevent Content Security Policy from being enforced | |
|
CVE-2024-23286
[Apple ImageIO] Processing an image may lead to arbitrary code execution |
N/A | — | [Apple ImageIO] Processing an image may lead to arbitrary code execution | |
|
CVE-2024-23289
[Apple Siri] A person with physical access to a device may be able to use Siri to access private calendar information |
N/A | — | [Apple Siri] A person with physical access to a device may be able to use Siri to access private calendar information | |
|
CVE-2024-23262
[Apple Accessibility] An app may be able to spoof system notifications and UI |
N/A | — | [Apple Accessibility] An app may be able to spoof system notifications and UI |