iPadOS

iPadOS 16.7.8

24 CVE corrigées par cette release.

Date de sortie: 2024-05-13
Fin de support: 2025-03-31 EOL
CVE corrigées: 24

KEV CISA: 1
Critique: 0
Élevé: 0
En attente NVD: 24

CVE corrigées

CVE	Sévérité	KEV	Publié	Description
CVE-2024-23296 2024-07-29 KEV [Apple RTKit] An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protectio…	N/A	KEV	2024-07-29	[Apple RTKit] An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this…
CVE-2024-23251 2024-05-13 [Apple Mail] An attacker with physical access may be able to leak Mail account credentials	N/A	—	2024-05-13	[Apple Mail] An attacker with physical access may be able to leak Mail account credentials
CVE-2024-23282 2024-05-13 [Apple Mail] A maliciously crafted email may be able to initiate FaceTime calls without user authorization	N/A	—	2024-05-13	[Apple Mail] A maliciously crafted email may be able to initiate FaceTime calls without user authorization
CVE-2024-27789 2024-05-13 [Apple Foundation] An app may be able to access user-sensitive data	N/A	—	2024-05-13	[Apple Foundation] An app may be able to access user-sensitive data
CVE-2024-27796 2024-05-13 [Apple AVEVideoEncoder] A user may be able to elevate privileges	N/A	—	2024-05-13	[Apple AVEVideoEncoder] A user may be able to elevate privileges
CVE-2024-27799 2024-05-13 [Apple AVEVideoEncoder] An unprivileged app may be able to log keystrokes in other apps including those using secure in…	N/A	—	2024-05-13	[Apple AVEVideoEncoder] An unprivileged app may be able to log keystrokes in other apps including those using secure input mode
CVE-2024-27800 2024-05-13 [Apple AVEVideoEncoder] Processing a maliciously crafted message may lead to a denial-of-service	N/A	—	2024-05-13	[Apple AVEVideoEncoder] Processing a maliciously crafted message may lead to a denial-of-service
CVE-2024-27802 2024-05-13 [Apple AVEVideoEncoder] Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code …	N/A	—	2024-05-13	[Apple AVEVideoEncoder] Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution
CVE-2024-27805 2024-05-13 [Apple AVEVideoEncoder] An app may be able to access sensitive user data	N/A	—	2024-05-13	[Apple AVEVideoEncoder] An app may be able to access sensitive user data
CVE-2024-27806 2024-05-13 [Apple AVEVideoEncoder] An app may be able to access sensitive user data	N/A	—	2024-05-13	[Apple AVEVideoEncoder] An app may be able to access sensitive user data
CVE-2024-27807 2024-05-13 [Apple Symptom Framework] An app may be able to circumvent App Privacy Report logging	N/A	—	2024-05-13	[Apple Symptom Framework] An app may be able to circumvent App Privacy Report logging
CVE-2024-27817 2024-05-13 [Apple AVEVideoEncoder] An app may be able to execute arbitrary code with kernel privileges	N/A	—	2024-05-13	[Apple AVEVideoEncoder] An app may be able to execute arbitrary code with kernel privileges
CVE-2024-27818 2024-05-13 [Apple Kernel] An attacker may be able to cause unexpected app termination or arbitrary code execution	N/A	—	2024-05-13	[Apple Kernel] An attacker may be able to cause unexpected app termination or arbitrary code execution
CVE-2024-27820 2024-05-13 [Apple WebKit Web Inspector] Processing web content may lead to arbitrary code execution	N/A	—	2024-05-13	[Apple WebKit Web Inspector] Processing web content may lead to arbitrary code execution
CVE-2024-27823 2024-05-13 [Apple AVEVideoEncoder] An attacker in a privileged network position may be able to spoof network packets	N/A	—	2024-05-13	[Apple AVEVideoEncoder] An attacker in a privileged network position may be able to spoof network packets
CVE-2024-27831 2024-05-13 [Apple AVEVideoEncoder] Processing a file may lead to unexpected app termination or arbitrary code execution	N/A	—	2024-05-13	[Apple AVEVideoEncoder] Processing a file may lead to unexpected app termination or arbitrary code execution
CVE-2024-27833 2024-05-13 [Apple WebKit] Processing maliciously crafted web content may lead to arbitrary code execution	N/A	—	2024-05-13	[Apple WebKit] Processing maliciously crafted web content may lead to arbitrary code execution
CVE-2024-27834 2024-05-13 [Apple WebKit] An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication	N/A	—	2024-05-13	[Apple WebKit] An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication
CVE-2024-27838 2024-05-13 [Apple WebKit] A maliciously crafted webpage may be able to fingerprint the user	N/A	—	2024-05-13	[Apple WebKit] A maliciously crafted webpage may be able to fingerprint the user
CVE-2024-27840 2024-05-13 [Apple AVEVideoEncoder] An attacker that has already achieved kernel code execution may be able to bypass kernel memory…	N/A	—	2024-05-13	[Apple AVEVideoEncoder] An attacker that has already achieved kernel code execution may be able to bypass kernel memory protections
CVE-2024-27847 2024-05-13 [Apple AVEVideoEncoder] An app may be able to bypass Privacy preferences	N/A	—	2024-05-13	[Apple AVEVideoEncoder] An app may be able to bypass Privacy preferences
CVE-2024-27855 2024-05-13 [Apple AVEVideoEncoder] A shortcut may be able to use sensitive data with certain actions without prompting the user	N/A	—	2024-05-13	[Apple AVEVideoEncoder] A shortcut may be able to use sensitive data with certain actions without prompting the user
CVE-2024-27856 2024-05-13 [Apple WebKit] Processing a file may lead to unexpected app termination or arbitrary code execution	N/A	—	2024-05-13	[Apple WebKit] Processing a file may lead to unexpected app termination or arbitrary code execution
CVE-2024-40771 2024-05-13 [Apple AVEVideoEncoder] An app may be able to execute arbitrary code with kernel privileges	N/A	—	2024-05-13	[Apple AVEVideoEncoder] An app may be able to execute arbitrary code with kernel privileges