Posted by Apple Product Security via Fulldisclosure on Sep 16
APPLE-SA-09-16-2024-7 Xcode 16
Xcode 16 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/121239 .
Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.
IDE Documentation
Available for: macOS Sonoma 14.5 and later
Impact: A malicious application may gain access to a user’s Keychain
items…
Posted by Apple Product Security via Fulldisclosure on Sep 16
APPLE-SA-09-16-2024-6 Safari 18
Safari 18 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/121241 .
Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.
WebKit
Available for: macOS Ventura and macOS Sonoma
Impact: Visiting a malicious website may lead to address bar spoofing
Description: The…
Posted by Apple Product Security via Fulldisclosure on Sep 16
APPLE-SA-09-16-2024-5 visionOS 2
visionOS 2 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/121249 .
Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.
APFS
Available for: Apple Vision Pro
Impact: A malicious app with root privileges may be able to modify the
contents of system files…
Posted by Apple Product Security via Fulldisclosure on Sep 16
APPLE-SA-09-16-2024-4 watchOS 11
watchOS 11 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/121240 .
Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.
Accessibility
Available for: Apple Watch Series 6 and later
Impact: An attacker with physical access to a locked device may be able
to…
Posted by Apple Product Security via Fulldisclosure on Sep 16
APPLE-SA-09-16-2024-3 tvOS 18
tvOS 18 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/121248 .
Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.
Game Center
Available for: Apple TV HD and Apple TV 4K (all models)
Impact: An app may be able to access user-sensitive data
Description: A file…
Posted by Apple Product Security via Fulldisclosure on Sep 16
APPLE-SA-09-16-2024-2 macOS Sequoia 15
macOS Sequoia 15 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/121238 .
Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.
Accounts
Available for: Mac Studio (2022 and later), iMac (2019 and later), Mac
Pro (2019 and later), Mac Mini (2018 and…
Posted by Apple Product Security via Fulldisclosure on Sep 16
APPLE-SA-09-16-2024-1 iOS 18 and iPadOS 18
iOS 18 and iPadOS 18 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/121250 .
Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.
Accessibility
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch
3rd generation and later, iPad…
Fabien Potencier discovered that under some conditions the sandbox
mechanism of Twig, a template engine for PHP, could by bypassed.
https://security-tracker.debian.org/tracker/DSA-5771-1
Shang-Hung Wan discovered multiple vulnerabilities in the Expat
XML parsing C library, which could result in denial of service or
potentially the execution of arbitrary code.
https://security-tracker.debian.org/tracker/DSA-5770-1
Yufan You discovered that Libreoffice’s handling of documents based on
ZIP archives was suspectible to spoofing attacks when the repair mode
attempts to address a malformed archive structure.
For additional information please refer to
https://www.libreoffice.org/about-us/security/advisories/cve-2024-7788/
https://security-tracker.debian.org/tracker/DSA-5772-1
Posts navigation
News, Advisories and much more