Wang Yu

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 18.7.9 iPadOS versions prior to 18.7.9 macOS Sequoia versions prior to 15.7.7 macOS Sonoma versions prior to 14.8.7 macOS Tahoe versions prior to 26.5 **Description** An out-of-bounds write issue, which occurs when data is written outside the boundaries of a pre-allocated fixed-length block of memory, could allow an application to execute arbitrary code with kernel privileges. **Recommendations** Update iOS to version 18.7.9. Update iPadOS to version 18.7.9. Update macOS Sequoia to version 15.7.7. Update macOS Sonoma to version 14.8.7. Update macOS Tahoe to version 26.5.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to Tahoe 26.3 macOS versions prior to Sonoma 14.8.4 macOS versions prior to Sequoia 15.7.4 iOS versions prior to 18.7.5 iPadOS versions prior to 18.7.5 visionOS versions prior to 26.3 **Description** The issue involves improved memory handling. An application may be capable of causing unexpected system termination or corrupting kernel memory. **Recommendations** Update macOS to version 26.3 or later. Update macOS to version 14.8.4 or later. Update macOS to version 15.7.4 or later. Update iOS to version 18.7.5 or later. Update iPadOS to version 18.7.5 or later. Update visionOS to version 26.3 or later.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to Sonoma 14.8.2 macOS versions prior to Sequoia 15.7.2 **Description** An application may be able to cause unexpected system termination or corrupt kernel memory due to improper memory handling. **Recommendations** Update to macOS Sonoma version 14.8.2 or later. Update to macOS Sequoia version 15.7.2 or later.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to Sequoia 15.7 macOS versions prior to Sonoma 14.8 macOS versions prior to Tahoe 26 **Description** An out-of-bounds read issue was addressed through improved bounds checking. This could allow an application to access sensitive user data. **Recommendations** Update to macOS Sequoia 15.7 or later. Update to macOS Sonoma 14.8 or later. Update to macOS Tahoe 26 or later.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 15.3 visionOS versions prior to 2.3 iPadOS versions prior to 17.7.7 watchOS versions prior to 11.3 macOS Sonoma versions prior to 14.7.5 iOS versions prior to 18.3 iPadOS versions prior to 18.3 tvOS versions prior to 18.3 macOS Ventura versions prior to 13.7.5 **Description** A memory corruption issue was addressed with improved state management. This issue may allow an app to cause unexpected system termination. **Recommendations** For macOS versions prior to 15.3, update to macOS Sequoia 15.3. For visionOS versions prior to 2.3, update to visionOS 2.3. For iPadOS versions prior to 17.7.7, update to iPadOS 17.7.7. For watchOS versions prior to 11.3, update to watchOS 11.3. For macOS Sonoma versions prior to 14.7.5, update to macOS Sonoma 14.7.5. For iOS versions prior to 18.3, update to iOS 18.3. For iPadOS versions prior to 18.3, update to iPadOS 18.3. For tvOS versions prior to 18.3, update to tvOS 18.3. For macOS Ventura versions prior to 13.7.5, update to macOS Ventura 13.7.5.

**Name of the Vulnerable Software and Affected Versions** macOS Ventura versions prior to 13.7.3 macOS Sequoia versions prior to 15.3 macOS Sonoma versions prior to 14.7.3 **Description** The issue is related to parsing a file, which may lead to an unexpected app termination. It was addressed with improved checks. There is no information about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited. **Recommendations** For macOS Ventura versions prior to 13.7.3, update to version 13.7.3 to resolve the issue. For macOS Sequoia versions prior to 15.3, update to version 15.3 to resolve the issue. For macOS Sonoma versions prior to 14.7.3, update to version 14.7.3 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 18.1 iPadOS versions prior to 18.1 iOS versions prior to 17.7.1 iPadOS versions prior to 17.7.1 macOS Sonoma versions prior to 14.7.1 macOS Ventura versions prior to 13.7.1 **Description** A memory initialization issue was addressed with improved memory handling. This issue may allow an application to cause unexpected system termination. **Recommendations** For iOS versions prior to 18.1, update to iOS 18.1 or later. For iPadOS versions prior to 18.1, update to iPadOS 18.1 or later. For iOS versions prior to 17.7.1, update to iOS 17.7.1 or later. For iPadOS versions prior to 17.7.1, update to iPadOS 17.7.1 or later. For macOS Sonoma versions prior to 14.7.1, update to macOS Sonoma 14.7.1 or later. For macOS Ventura versions prior to 13.7.1, update to macOS Ventura 13.7.1 or later.

**Name of the Vulnerable Software and Affected Versions** macOS Ventura versions prior to 13.7.1 macOS Sonoma versions prior to 14.7.1 **Description** The issue was addressed with improved memory handling. A malicious app may be able to cause a denial-of-service. **Recommendations** For macOS Ventura versions prior to 13.7.1, update to version 13.7.1 to resolve the issue. For macOS Sonoma versions prior to 14.7.1, update to version 14.7.1 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 14 iOS versions prior to 17 iPadOS versions prior to 17 **Description** A memory corruption issue was addressed by removing the vulnerable code. This issue may allow an app to cause unexpected system termination or write kernel memory. The vulnerability is related to a buffer overflow in the Wi-Fi component of the operating systems, which can lead to a denial of service. **Recommendations** For macOS versions prior to 14, update to macOS Sonoma 14 to resolve the issue. For iOS versions prior to 17, update to iOS 17 to resolve the issue. For iPadOS versions prior to 17, update to iPadOS 17 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Apple tvOS versions prior to 16 Apple iOS versions prior to 16 Apple watchOS versions prior to 9 **Description** An out-of-bounds write issue was addressed with improved bounds checking. This issue may allow an app to cause unexpected system termination or write kernel memory. **Recommendations** For Apple tvOS versions prior to 16, update to tvOS 16 to resolve the issue. For Apple iOS versions prior to 16, update to iOS 16 to resolve the issue. For Apple watchOS versions prior to 9, update to watchOS 9 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to Ventura 13 iOS versions prior to 16 **Description** A memory corruption issue was addressed with improved state management, allowing an app to potentially execute arbitrary code with kernel privileges. **Recommendations** For macOS versions prior to Ventura 13, update to macOS Ventura 13 to resolve the issue. For iOS versions prior to 16, update to iOS 16 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 15.6 iPadOS versions prior to 15.6 macOS Monterey versions prior to 12.5 macOS Big Sur versions prior to 11.6.8 **Description** An out-of-bounds write issue was addressed with improved input validation, which may allow an app to execute arbitrary code with kernel privileges. **Recommendations** For iOS versions prior to 15.6, update to iOS 15.6 or later. For iPadOS versions prior to 15.6, update to iPadOS 15.6 or later. For macOS Monterey versions prior to 12.5, update to macOS Monterey 12.5 or later. For macOS Big Sur versions prior to 11.6.8, update to macOS Big Sur 11.6.8 or later.

**Name of the Vulnerable Software and Affected Versions** Apple iOS versions prior to 15.6 Apple iPadOS versions prior to 15.6 Apple macOS Big Sur versions prior to 11.6.8 Apple watchOS versions prior to 8.7 Apple tvOS versions prior to 15.6 Apple macOS Monterey versions prior to 12.5 Apple macOS Catalina versions prior to Security Update 2022-005 **Description** A remote user may be able to cause unexpected system termination or corrupt kernel memory due to this issue. **Recommendations** For iOS versions prior to 15.6, update to iOS 15.6 or later. For iPadOS versions prior to 15.6, update to iPadOS 15.6 or later. For macOS Big Sur versions prior to 11.6.8, update to macOS Big Sur 11.6.8 or later. For watchOS versions prior to 8.7, update to watchOS 8.7 or later. For tvOS versions prior to 15.6, update to tvOS 15.6 or later. For macOS Monterey versions prior to 12.5, update to macOS Monterey 12.5 or later. For macOS Catalina versions prior to Security Update 2022-005, apply Security Update 2022-005 or later.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 12.5 tvOS versions prior to 15.6 iOS versions prior to 15.6 iPadOS versions prior to 15.6 **Description** The issue allows an app to potentially cause unexpected system termination or write kernel memory due to inadequate checks. This has been addressed with improved checks. **Recommendations** For macOS versions prior to 12.5, update to macOS Monterey 12.5 to resolve the issue. For tvOS versions prior to 15.6, update to tvOS 15.6 to resolve the issue. For iOS versions prior to 15.6, update to iOS 15.6 to resolve the issue. For iPadOS versions prior to 15.6, update to iPadOS 15.6 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 12.4 iOS versions prior to 15.5 iPadOS versions prior to 15.5 **Description** A memory corruption issue was addressed with improved memory handling, which could allow a malicious application to execute arbitrary code with system privileges. **Recommendations** For macOS versions prior to 12.4, update to macOS Monterey 12.4 or later. For iOS versions prior to 15.5, update to iOS 15.5 or later. For iPadOS versions prior to 15.5, update to iPadOS 15.5 or later.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 11.6.6 macOS Catalina versions prior to Security Update 2022-004 **Description** A memory corruption issue was addressed with improved memory handling, allowing an application to potentially execute arbitrary code with kernel privileges. **Recommendations** For macOS Catalina, apply Security Update 2022-004 to resolve the issue. For macOS Big Sur, update to version 11.6.6 to resolve the issue. At the moment, there is no information about additional mitigation measures for other affected versions.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 11.6.5 macOS Monterey versions prior to 12.3 macOS Catalina versions prior to Security Update 2022-003 **Description** An out-of-bounds write issue was addressed with improved bounds checking, which may allow an application to gain elevated privileges. **Recommendations** For macOS versions prior to 11.6.5, update to macOS Big Sur 11.6.5. For macOS Monterey versions prior to 12.3, update to macOS Monterey 12.3. For macOS Catalina versions prior to Security Update 2022-003, apply Security Update 2022-003.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to macOS Monterey 12.3 macOS versions prior to macOS Big Sur 11.6.5 macOS Catalina versions prior to Security Update 2022-003 **Description** A type confusion issue was addressed with improved state handling, which may allow an application to execute arbitrary code with kernel privileges. **Recommendations** For macOS Catalina versions prior to Security Update 2022-003, apply Security Update 2022-003. For macOS Big Sur versions prior to 11.6.5, update to macOS Big Sur 11.6.5. For macOS Monterey versions prior to 12.3, update to macOS Monterey 12.3.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 11.6.5 macOS Monterey versions prior to 12.3 macOS Catalina versions without Security Update 2022-003 **Description** A type confusion issue was addressed with improved state handling, allowing an application to potentially execute arbitrary code with kernel privileges. **Recommendations** For macOS versions prior to 11.6.5, update to macOS Big Sur 11.6.5 or later. For macOS Monterey versions prior to 12.3, update to macOS Monterey 12.3 or later. For macOS Catalina, apply Security Update 2022-003.

Name of the Vulnerable Software and Affected Versions: Huawei smart phones (affected versions not specified) Description: The issue concerns a smart SMS verification code vulnerability. It can be exploited when a user is tricked into accessing a malicious website or app and registering, due to incorrect processing of the smart SMS verification code. Successful exploitation can lead to a sensitive information leak. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.