Apple Security Advisory 2023-01-23-3 - iOS 12.5.7 addresses a code execution vulnerability.
ca20c54235d1a4f84eeec3a278849a37e4ef1d9e2f491eaed9b3aa083fde48a7
Apple Security Advisory 2023-01-23-2 - iOS 15.7.3 and iPadOS 15.7.3 addresses bypass and code execution vulnerabilities.
ee21407e59469cf735e9640ce25355cae5d95a4bc602316d8f031114e7f5f84a
Apple Security Advisory 2023-01-23-1 - iOS 16.3 and iPadOS 16.3 addresses bypass, code execution, and information leakage vulnerabilities.
e1d38963e60058292ec5d46d069abb5e8a1cf75d83dab5ba0137f6766a463715
On newer macOS/iOS versions, entitlements in binary signature blobs are stored in the DER format. libCoreEntitlements.dylib is the userspace library for parsing and querying such entitlements. The kernel has its own version of this library inside the AppleMobileFileIntegrity module. libCoreEntitlements exposes several functions, such as, for example, to convert entitlements to a dictionary representation (e.g. CEQueryContextToCFDictionary) or to query a specific entitlement (CEContextQuery). Unfortunately, different functions traverse the DER structure in a subtly different way, which allows one API to see one set of entitlements and another API to see a different set of entitlements.
9313c983a56ba7500d8b9861b16b1c103ae3a9454de12a836126f89cec59a1b8
Apple Security Advisory 2022-12-13-3 - iOS 16.1.2 addresses a code execution vulnerability.
3b5d9bba95f3634a64c2835668e5a726e2c51758bd9516987236fb25666d5d7f
Apple Security Advisory 2022-12-13-2 - iOS 15.7.2 and iPadOS 15.7.2 addresses bypass, code execution, integer overflow, out of bounds write, and spoofing vulnerabilities.
e526cdedd8ce35da09dee49922c773c4c21c09a4f4ffb9a56567d00adb6def9c
Apple Security Advisory 2022-12-13-1 - iOS 16.2 and iPadOS 16.2 addresses bypass, code execution, out of bounds write, spoofing, and use-after-free vulnerabilities.
78f3785639474b90779ccf98f62a9a102f01f943fd8dbf08927b91ea945c5a8c
Apple Security Advisory 2022-11-09-1 - iOS 16.1.1 and iPadOS 16.1.1 addresses code execution and integer overflow vulnerabilities.
991b1f0f1c1f623df67f682fb82885b28002056c66e1c73a9fcc14f5d20a12ad
Apple Security Advisory 2022-10-27-4 - iOS 15.7 and iPadOS 15.7 addresses buffer overflow, bypass, code execution, out of bounds read, out of bounds write, and spoofing vulnerabilities.
4902f4ec7c393425d4199aa79346c1b41c0cb8e0e85aa019ebaa053a774b2ae9
Apple Security Advisory 2022-10-27-3 - iOS 16 addresses buffer overflow, bypass, code execution, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities.
f72f652240009ad6885c95e399eeada938afdca8ed7e90acdcc02793817280ae
Apple Security Advisory 2022-10-27-2 - iOS 16.1 and iPadOS 16 addresses buffer overflow, code execution, out of bounds write, spoofing, and use-after-free vulnerabilities.
fa8aff25e290408474231f102e178103103fffa3ac41cb52525a65742f65d465
Apple Security Advisory 2022-10-27-1 - iOS 15.7.1 and iPadOS 15.7.1 addresses buffer overflow, code execution, and out of bounds write vulnerabilities.
5f79f9b1f390df8f73a589b60c59a30fa9350ede8b0511ed0a429df4bf8f297c
Apple Security Advisory 2022-10-24-1 - iOS 16.1 and iPadOS 16 addresses code execution, out of bounds write, spoofing, and use-after-free vulnerabilities.
a55c466c0032ee8e2e3f1127fc69e279cc437cfe64c27aada0b63aaa2787bd5e
Apple Security Advisory 2022-10-10-1 - iOS 16.0.3 addresses a denial of service vulnerability.
a4b773bb7f41edd8369a4dcb77b9292c68963637d732442112a830760dd4659a
Apple Security Advisory 2022-09-12-2 - iOS 15.7 and iPadOS 15.7 addresses buffer overflow, bypass, code execution, out of bounds read, and spoofing vulnerabilities.
946f3b9378e61429d928e26152780512f159d4f6be9cf42f14ddcddc88039083
Apple Security Advisory 2022-09-12-1 - iOS 16 addresses buffer overflow, bypass, code execution, out of bounds read, and spoofing vulnerabilities.
49ca8cbbcee2035343bb4ea9b1bc214cd2c11bfe4287d9a6319003041ed6dc59
Apple Security Advisory 2022-08-31-1 - iOS 12.5.6 addresses code execution and out of bounds write vulnerabilities.
96f69bff8e10c2de02e94068825893e0f3d9a8eb9d67d26ebdebf9b890b57b37
Apple Security Advisory 2022-08-17-1 - iOS 15.6.1 and iPadOS 15.6.1 addresses code execution and out of bounds write vulnerabilities.
cbee4e9fc7c740c41a49067a3c009147281d4c13d3bae7260fba2e4e7e94eb84
Apple Security Advisory 2022-07-20-1 - iOS 15.6 and iPadOS 15.6 addresses buffer overflow, bypass, code execution, information leakage, null pointer, out of bounds read, out of bounds write, and spoofing vulnerabilities.
e78e010a4bea2ea77407fa1f36dd85e44d56dc1216952e6d8cdb14def80805a3
Apple Security Advisory 2022-05-16-1 - iOS 15.5 and iPadOS 15.5 addresses bypass, code execution, denial of service, integer overflow, out of bounds access, out of bounds write, and use-after-free vulnerabilities.
dde1d552c35f2995a88956c43d2ed8e85b607bc8d90f69562c2416a22d95e796
This is a research paper titled Goodbye Tracking? Impact Of iOS App Tracking Transparency And Privacy Labels. It analyzes 1,759 iOS apps before and after the changes in iOS 14.
f2c94b3fe30d62f6090a9abdcdc56152591090977c196e48ef151cadea9e410a
Apple Security Advisory 2022-03-31-1 - iOS 15.4.1 and iPadOS 15.4.1 addresses code execution and out of bounds write vulnerabilities.
9ae2b5da95ff8d6c0595615ff2b6d1a454d32e644c97de390b1ff0e6119d7c85
Foxit PDF Editor (iOS) version 11.3.1 suffers from an arbitrary file upload vulnerability.
eee6585def5e7c7d4e32865c6af95620ceb8365f388cac02687c0e833289acfa
The 3CX Client for Windows (legacy), Android, and iOS fails to properly validate TLS certificates.
074017ebf0abca4d37a8b67b240f167c0bec4bbfda44f67fe65cc2c9c71455a1
Apple Security Advisory 2022-03-14-1 - iOS 15.4 and iPadOS 15.4 addresses buffer overflow, bypass, code execution, denial of service, null pointer, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
ced4eba6bddb15d34b4e77182ed4c0af3a79eaaf76f437dbfed78c8a915de3ea