Singi21A

**Name of the Vulnerable Software and Affected Versions** Safari versions prior to 16 iOS versions prior to 16 iOS versions prior to 15.7 iPadOS versions prior to 15.7 **Description** An out-of-bounds read issue was addressed with improved bounds checking. Processing maliciously crafted web content may lead to arbitrary code execution. **Recommendations** For Safari versions prior to 16, update to Safari 16 or later. For iOS versions prior to 16, update to iOS 16 or later. For iOS versions prior to 15.7, update to iOS 15.7 or later. For iPadOS versions prior to 15.7, update to iPadOS 15.7 or later.

Name of the Vulnerable Software and Affected Versions: Foxit PDF Reader (affected versions not specified) Description: This issue allows remote attackers to disclose sensitive information on affected installations. It requires user interaction, such as visiting a malicious page or opening a malicious file. The flaw exists within the parsing of PDF files due to the lack of validation of an object's existence before performing operations on it. An attacker can leverage this, potentially in conjunction with other issues, to execute arbitrary code in the context of the current process. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 11.3 iOS versions prior to 14.5 iPadOS versions prior to 14.5 watchOS versions prior to 7.4 tvOS versions prior to 14.5 **Description** The issue is related to an out-of-bounds write in the ImageIO component, which can be exploited by processing a maliciously crafted image, potentially leading to arbitrary code execution and unauthorized access to protected information. **Recommendations** For macOS versions prior to 11.3, update to macOS Big Sur 11.3 or later. For iOS versions prior to 14.5, update to iOS 14.5 or later. For iPadOS versions prior to 14.5, update to iPadOS 14.5 or later. For watchOS versions prior to 7.4, update to watchOS 7.4 or later. For tvOS versions prior to 14.5, update to tvOS 14.5 or later. As a temporary workaround, consider avoiding the processing of untrusted images until a patch is applied.

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 11.2 Security Update versions prior to 2021-001 Catalina Security Update versions prior to 2021-001 Mojave watchOS versions prior to 7.3 tvOS versions prior to 14.4 iOS versions prior to 14.4 iPadOS versions prior to 14.4 Description: Processing a maliciously crafted image may lead to arbitrary code execution. The issue was addressed with improved checks. Recommendations: For macOS versions prior to 11.2, update to macOS Big Sur 11.2. For Security Update versions prior to 2021-001 Catalina, apply Security Update 2021-001 Catalina. For Security Update versions prior to 2021-001 Mojave, apply Security Update 2021-001 Mojave. For watchOS versions prior to 7.3, update to watchOS 7.3. For tvOS versions prior to 14.4, update to tvOS 14.4. For iOS versions prior to 14.4, update to iOS 14.4. For iPadOS versions prior to 14.4, update to iPadOS 14.4.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 12.4 macOS Mojave versions prior to 10.14.6 tvOS versions prior to 12.4 Safari versions prior to 12.1.2 iTunes for Windows versions prior to 12.9.6 iCloud for Windows versions prior to 7.13 and 10.6 **Description** The issue is related to memory corruption and can be exploited by processing maliciously crafted web content, potentially leading to arbitrary code execution. It is associated with a buffer overflow in the WebKit display module. Exploitation of this issue may allow a remote attacker to execute arbitrary code using a specially crafted web page. **Recommendations** For iOS versions prior to 12.4, update to iOS 12.4 or later. For macOS Mojave versions prior to 10.14.6, update to macOS Mojave 10.14.6 or later. For tvOS versions prior to 12.4, update to tvOS 12.4 or later. For Safari versions prior to 12.1.2, update to Safari 12.1.2 or later. For iTunes for Windows versions prior to 12.9.6, update to iTunes for Windows 12.9.6 or later. For iCloud for Windows versions prior to 7.13 and 10.6, update to iCloud for Windows 7.13 or 10.6 or later.