Security
Headlines
HeadlinesLatestCVEs

Tag

#apple

CVE-2023-46867: Bugs from Fuzzing · Issue #54 · InternationalColorConsortium/DemoIccMAX

In International Color Consortium DemoIccMAX 79ecb74, CIccXformMatrixTRC::GetCurve in IccCmm.cpp in libSampleICC.a has a NULL pointer dereference.

CVE
Open in Source
#xss#vulnerability#apple#c++#buffer_overflow#chrome
iLeakage Attack: Theft of Sensitive Data from Apple’s Safari Browser

By Deeba Ahmed What happens in iLeakage attacks is that the CPU is tricked into executing speculative code that reads sensitive data from memory. This is a post from HackRead.com Read the original post: iLeakage Attack: Theft of Sensitive Data from Apple’s Safari Browser

Safari Side-Channel Attack Enables Browser Theft

The "iLeakage" attack affects all recent iPhone, iPad, and MacBook models, allowing attackers to peruse your Gmail inbox, steal your Instagram password, or scrutinize your YouTube history.

Update now! Apple patches a raft of vulnerabilities

Categories: Exploits and vulnerabilities Categories: News Tags: iLeakage Tags: side-channel Tags: Safari Tags: CVE-2023-40413 Tags: CVE-2023-40416 Tags: CVE-2023-40423 Tags: CVE-2023-42487 Tags: CVE-2023-42841 Tags: CVE-2023-41982 Tags: CVE-2023-41997 Tags: CVE-2023-41988 Tags: CVE-2023-40447 Tags: CVE-2023-42852 Tags: CVE-2023-32434 Tags: CVE-2023-41989 Tags: CVE-2023-38403 Tags: CVE-2023-42856 Tags: CVE-2023-40404 Tags: CVE-2023-41977 Tags: Vim Apple has released security updates for its phones, iPads, Macs, watches and TVs. (Read more...) The post Update now! Apple patches a raft of vulnerabilities appeared first on Malwarebytes Labs.

Patch...later? Safari iLeakage bug not fixed

Categories: Exploits and vulnerabilities Categories: News Apple has fixed a bunch of security flaws, but not iLeakage, a side-channel vulnerability in Safari. (Read more...) The post Patch...later? Safari iLeakage bug not fixed appeared first on Malwarebytes Labs.

Longer Support Periods Raise the Bar for Mobile Security

With Google's announcement of seven years of support, other smartphone makers risk falling behind.

iLeakage: New Safari Exploit Impacts Apple iPhones and Macs with A and M-Series CPUs

A group of academics has devised a novel side-channel attack dubbed iLeakage that exploits a weakness in the A- and M-series CPUs running on Apple iOS, iPadOS, and macOS devices, enabling the extraction of sensitive information from the Safari web browser. "An attacker can induce Safari to render an arbitrary webpage, subsequently recovering sensitive information present within it using

Apple Security Advisory 10-25-2023-9

Apple Security Advisory 10-25-2023-9 - Safari 17.1 addresses code execution and use-after-free vulnerabilities.

Apple Security Advisory 10-25-2023-5

Apple Security Advisory 10-25-2023-5 - macOS Ventura 13.6.1 addresses bypass and code execution vulnerabilities.