Jianjun Dai

**Name of the Vulnerable Software and Affected Versions** Apple iOS versions prior to 16.4 Apple iPadOS versions prior to 16.4 Apple tvOS versions prior to 16.4 **Description** An out-of-bounds read issue was addressed with improved bounds checking. Processing a maliciously crafted Bluetooth packet may result in disclosure of process memory. **Recommendations** For Apple iOS versions prior to 16.4, update to iOS 16.4 or later. For Apple iPadOS versions prior to 16.4, update to iPadOS 16.4 or later. For Apple tvOS versions prior to 16.4, update to tvOS 16.4 or later.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 14.8 iPadOS versions prior to 14.8 **Description** A logic issue was addressed with improved state management, allowing a remote attacker to potentially cause arbitrary code execution. **Recommendations** For iOS versions prior to 14.8, update to iOS 14.8 or later. For iPadOS versions prior to 14.8, update to iPadOS 14.8 or later.

**Name of the Vulnerable Software and Affected Versions** tvOS versions prior to 15.2 macOS Monterey versions prior to 12.1 Safari versions prior to 15.2 iOS versions prior to 15.2 iPadOS versions prior to 15.2 watchOS versions prior to 8.3 **Description** The issue is related to an out-of-bounds read and can be exploited by a remote attacker, allowing them to execute arbitrary code when processing maliciously crafted web content. This can occur due to insufficient bounds checking, which has been improved in the fixed versions. **Recommendations** For tvOS versions prior to 15.2, update to tvOS 15.2 or later. For macOS Monterey versions prior to 12.1, update to macOS Monterey 12.1 or later. For Safari versions prior to 15.2, update to Safari 15.2 or later. For iOS versions prior to 15.2, update to iOS 15.2 or later. For iPadOS versions prior to 15.2, update to iPadOS 15.2 or later. For watchOS versions prior to 8.3, update to watchOS 8.3 or later.

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 14.4 iPadOS versions prior to 14.4 Description: The issue is related to an out-of-bounds write that can be addressed with improved input validation. A remote attacker may be able to cause arbitrary code execution. Recommendations: For iOS versions prior to 14.4, update to iOS 14.4 or later. For iPadOS versions prior to 14.4, update to iPadOS 14.4 or later.

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 14.4 iPadOS versions prior to 14.4 Description: The issue is related to an out-of-bounds write that can be addressed with improved input validation. A remote attacker may be able to cause arbitrary code execution. Recommendations: For iOS versions prior to 14.4, update to iOS 14.4 or later. For iPadOS versions prior to 14.4, update to iPadOS 14.4 or later.

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 14.4 iPadOS versions prior to 14.4 Description: The issue is related to an out-of-bounds read that can be addressed with improved input validation. A remote attacker may be able to cause arbitrary code execution. Recommendations: For iOS versions prior to 14.4, update to iOS 14.4 or later. For iPadOS versions prior to 14.4, update to iPadOS 14.4 or later.

**Name of the Vulnerable Software and Affected Versions** macOS Catalina versions prior to 10.15.4 Security Update for Mojave versions prior to 2020-002 Security Update for High Sierra versions prior to 2020-002 **Description** A validation issue was addressed with improved input sanitization, allowing an application to potentially read restricted memory. **Recommendations** For macOS Catalina versions prior to 10.15.4, update to macOS Catalina 10.15.4 or later. For Security Update for Mojave versions prior to 2020-002, apply Security Update 2020-002 or later. For Security Update for High Sierra versions prior to 2020-002, apply Security Update 2020-002 or later.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 10.15.4 **Description** An out-of-bounds read issue was addressed with improved input validation, which could allow a remote attacker to leak sensitive user information. **Recommendations** For macOS versions prior to 10.15.4, update to macOS Catalina 10.15.4 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 10.15.6 tvOS versions prior to 13.4.8 watchOS versions prior to 6.2.8 **Description** An out-of-bounds read issue was addressed with improved input validation. A remote attacker may be able to cause unexpected system termination or corrupt kernel memory. **Recommendations** For macOS versions prior to 10.15.6, update to macOS Catalina 10.15.6 to resolve the issue. For tvOS versions prior to 13.4.8, update to tvOS 13.4.8 to resolve the issue. For watchOS versions prior to 6.2.8, update to watchOS 6.2.8 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 10.15.3 **Description** A memory corruption issue was addressed with improved input validation. A remote attacker may be able to cause unexpected application termination or arbitrary code execution. **Recommendations** For versions prior to 10.15.3, update to macOS Catalina 10.15.3 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 10.15.3 **Description** A memory corruption issue was addressed with improved input validation. A remote attacker may be able to cause unexpected application termination or arbitrary code execution. **Recommendations** For macOS versions prior to 10.15.3, update to macOS Catalina 10.15.3 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 10.15.3 **Description** A memory corruption issue was addressed with improved input validation. A remote attacker may be able to cause unexpected application termination or arbitrary code execution. **Recommendations** For versions prior to 10.15.3, update to macOS Catalina 10.15.3 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 10.15.3 **Description** An out-of-bounds read issue was addressed with improved input validation. A remote attacker may be able to leak memory. **Recommendations** For versions prior to 10.15.3, update to macOS Catalina 10.15.3 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Android versions Kernel-3.10 through Kernel-3.18 **Description** The issue is related to an elevation of privilege vulnerability in the Qualcomm camera driver, which could allow a local malicious application to execute arbitrary code within the context of the kernel. This is rated as High because it first requires compromising a privileged process. The vulnerability is associated with insufficient access control in the Qualcomm camera driver, potentially enabling a remote attacker to elevate privileges and execute arbitrary code in the kernel context using a local malicious application. **Recommendations** For Android versions Kernel-3.10 through Kernel-3.18, consider restricting access to the Qualcomm camera driver as a temporary mitigation measure until a patch is available. As a workaround, disabling the Qualcomm camera driver may help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.