Security
Headlines
HeadlinesLatestCVEs

Tag

#apple

CVE-2022-22668: About the security content of iOS 15.4 and iPadOS 15.4

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3. A malicious application may be able to leak sensitive user information.

CVE
Open in Source
#web#ios#mac#apple#google#dos#pdf#buffer_overflow#auth#zero_day#webkit#wifi
CVE-2023-23529: About the security content of Safari 16.3

A type confusion issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.2.1, iOS 16.3.1 and iPadOS 16.3.1, Safari 16.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited..

CVE-2023-23514: About the security content of iOS 16.3.1 and iPadOS 16.3.1

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.2.1, iOS 16.3.1 and iPadOS 16.3.1. An app may be able to execute arbitrary code with kernel privileges..

CVE-2023-23522: About the security content of macOS Ventura 13.2.1

A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Ventura 13.2.1. An app may be able to observe unprotected user data..

CVE-2023-23512: About the security content of macOS Ventura 13.2

The issue was addressed with improved handling of caches. This issue is fixed in macOS Ventura 13.2, tvOS 16.3, iOS 16.3 and iPadOS 16.3, watchOS 9.3. Visiting a website may lead to an app denial-of-service.

CVE-2022-32836: About the security content of Apple Music 3.9.10 for Android

This issue was addressed with improved state management. This issue is fixed in Apple Music 3.9.10 for Android. An app may be able to access user-sensitive data.

CVE-2021-46841: About the security content of Apple Music 3.5.0 for Android

This issue was addressed by using HTTPS when sending information over the network. This issue is fixed in Apple Music 3.5.0 for Android. An attacker in a privileged network position can track a user's activity.

CVE-2023-23524: About the security content of watchOS 9.3.1

A denial-of-service issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.2.1, iOS 16.3.1 and iPadOS 16.3.1, tvOS 16.3.2, watchOS 9.3.1. Processing a maliciously crafted certificate may lead to a denial-of-service.

Fighting online censorship, or, encryption's latest surprise use-case, with Mallory Knodel: Lock and Code S04E05

Categories: Podcast This week on Lock and Code, we speak with Mallory Knodel about the stories that countries tell their people to fear encryption, and why the most recent threats to encryption are different. (Read more...) The post Fighting online censorship, or, encryption's latest surprise use-case, with Mallory Knodel: Lock and Code S04E05 appeared first on Malwarebytes Labs.

TikTok probed over child privacy practices

Categories: News Categories: Privacy Tags: Canada Tags: TikTok Tags: privacy Tags: young Tags: bans Tags: Netherlands Tags: EU Tags: UK Tags: state employees Canadian privacy protection authorities have announced they will start an investigation into TikTok's privacy practices, especially in relation to its younger users. (Read more...) The post TikTok probed over child privacy practices appeared first on Malwarebytes Labs.