Apple Security Advisory 2019-9-27-1 - iOS 13.1.1 and iPadOS 13.1.1 are now available and address a sandbox restriction issue.
75e4010ffeeb722017812b6c5ee4b36d379393ee31bb8d9562762aab2dbca406
Apple Security Advisory 2019-9-26-8 - iOS 13.1 and iPadOS 13.1 address a lock screen bypass vulnerability.
289cb39df90fc17629c9f84fd2c6e85a8535fb67556c7553469394b1f922e0b9
Apple Security Advisory 2019-9-26-3 - iOS 13 addresses code execution and cross site scripting vulnerabilities.
92e3606f938289b2e62685c3542d500b551d7a12d1c204c29beecbf0e7eaadaa
Apple Security Advisory 2019-9-26-1 - iOS 12.4.2 is now available and addresses a code execution vulnerability.
de6db8de5aca94c5935571a319528a94a87e92a65ec7b26dd3c5f7b1b88a69a1
Apple Security Advisory 2019-8-26-1 - iOS 12.4.1 is now available and addresses an arbitrary code execution vulnerability.
db3a0d4a10a885a865526035d793907bf26f045d78eb465f902fe33e0dc06480
Apple Security Advisory 2019-8-13-2 - iOS 12.4 addresses code execution, cross site scripting, denial of service, and use-after-free vulnerabilities.
b98e7cd927afee1903b1b3a7c757e97c4d76ba11e133c4498d01036e781da6da
Apple Security Advisory 2019-7-22-1 - iOS 12.4 is now available and addresses code execution, cross site scripting, denial of service, and use-after-free vulnerabilities.
98652db38a2c68e39ff0f8a5d43718e1f059313953f3baf2ab01cbbceebec0b7
Apple Security Advisory 2019-5-13-1 - iOS 12.3 is now available and addresses code execution vulnerabilities.
98f82c82387cbb5aa2121b69ad0c432e451a68e7b837a9bf0e4be86762e4853d
The Texture Canada Android and iOS applications (Android version 4.21.0.1, iOS version 5.11.6 and below) sends potentially sensitive information such as number of app launches, device model, Android or iOS version and screen resolution, unencrypted to a third party site (ScorecardResearch).
8efefb38edf3cb8569fef8c1e4d0115eaf21dbfcc1b58e5f8cb1a093faf95a5d
iOS version 12.1.3 cfprefsd memory corruption exploit.
c1a454b673b9c6b375cf0181560083c3376a36d37bb7bc6fcc390399237cc5d4
Apple Security Advisory 2019-3-25-1 - iOS 12.2 is now available and addresses buffer overflow, code execution, and cross site scripting vulnerabilities.
8b2388d689595cfb149767e2dd6554582de27ca957a31fbaf165e95d77afc380
Apple Security Advisory 2019-2-07-1 - iOS 12.1.4 is now available and addresses memory corruption vulnerabilities.
023cec1d8e3337599dbf973600fc1b8287142d496d0146a145707c50c8f577c7
Apple Security Advisory 2019-2-07-3 - Shortcuts 2.1.3 for iOS is now available and addresses information disclosure and sandbox escape vulnerabilities.
65531847afd9d520f000898444aae963fdc7b61e902aacb814789f5987e4721d
Apple Security Advisory 2019-2-07-1 - iOS 12.1.4 is now available and addresses memory corruption and logic issues.
c5d6f82cbefa18848dead9bac8bdb6df4221120b037ddf81eac68fb7a009a80e
iOS and MacOS suffer from a kernel heap overflow in PF_KEY due to lack of bounds checking when retrieving statistics.
bdaf091fad9a237fd95f4fa168b1b385cfb161f48fc179a6801b4e62a8099278
iOS and MacOS suffers from sandbox escape vulnerabilities due to type confusions and memory safety issues in iohideventsystem.
b146623feeb4a1369ee8ad78d27a529480b21c17737e192ad3c2686b0448d8cb
iOS and macOS suffer from an if_ports_used_update_wakeuuid() 16-byte uninitialized kernel stack disclosure vulnerability.
bdfda9bc65d52d6ed0d3984c8d4faf09c2f19226fdea8d12eea56e1cf1534dd7
task_swap_mach_voucher() on iOS and macOS have an issue where task_swap_mach_voucher() does not respect MIG semantics leading to a use-after-free condition.
0257494f6d9310ec9e5e1c1bff8a123fa3b6a565f2650f06da253e0be3adc7d9
Apple Security Advisory 2019-1-22-1 - iOS 12.1.3 is now available and addresses buffer overflow, code execution, cross site scripting, and denial of service vulnerabilities.
b0b91011b4fcb4c74afc071b7c0d0533b15c5c94660e562202e08ce47ea91216
Base Soundtouch iOS application version 18.1.4 suffers from a cross site scripting vulnerability.
67c8211022b176ba9ad191b333fa8db82dec6bea662fcf9aeb2fdd2a726d151c
Apple Security Advisory 2018-12-05-1 - iOS 12.1.1 is now available and addresses code execution and denial of service vulnerabilities.
df25f738299308219d60f05a90535c1efff6c5fb305f00166a385e4c963066d5
There is a memory corruption issue when processing a malformed RTP video stream in FaceTime that leads to a kernel panic due to a corrupted heap cookie or data abort. This bug can be reached if a user accepts a call from a malicious caller. This issue only affects FaceTime on iOS, it does not crash on a Mac.
b654a42ccec58f4aa8867fe675b6574d58dc4650d28d211847ba1d2a5837e8e6
The Google Cardboard Android and iOS applications (Android version 1.8, iOS version 1.2 and below) sends potentially sensitive information such as OS, CPU architecture, graphics chip vendor and version, CPU count, RAM, VRAM, screen size, device make and model, unencrypted to a third party site (Unity 3D Stats).
42361a507af264ec429f830956d8abdd01925163d38d47dcc127b1fc891edff6
Apple Security Advisory 2018-10-30-8 - iOS 12 addresses code execution and denial of service vulnerabilities.
825a0ccc19f8e1fa8eeab1ba84e8acbaabdacac74801a1855246bbe1bb1707f6
Apple Security Advisory 2018-10-30-1 - iOS 12.1 is now available and addresses code execution, cross site scripting, denial of service, and resource exhaustion vulnerabilities.
93a362567b72263d53b58c256f7884c72cb4ddbf8dc6666545a0ea17c505edc5