96 matches found
Design/Logic Flaw
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.2 and iPadOS 15.2. A malicious application may be able to execute arbitrary code with kernel privileges...
CVE-2021-31013
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.1, iOS 15.2 and iPadOS 15.2, macOS Big Sur 11.6.2. Processing a maliciously crafted font may result in the disclosure of process memory...
CVE-2021-30998
A S/MIME issue existed in the handling of encrypted email. This issue was addressed with improved selection of the encryption certificate. This issue is fixed in iOS 15.2 and iPadOS 15.2. A sender's email address may be leaked when sending an S/MIME encrypted email using a certificate with more...
CVE-2021-30997
A S/MIME issue existed in the handling of encrypted email. This issue was addressed by not automatically loading some MIME parts. This issue is fixed in iOS 15.2 and iPadOS 15.2. An attacker may be able to recover plaintext contents of an S/MIME-encrypted e-mail...
CVE-2021-30992
CVE-2021-30992 affects Apple iOS and iPadOS FaceTime in which a user in a FaceTime call may leak sensitive information via Live Photos metadata. Root cause: improper handling of file metadata; fix: Apple addressed in iOS 15.2 and iPadOS 15.2. Practical impact is limited to information disclosure ...
CVE-2021-30991
CVE-2021-30991 is an Apple iOS/iPadOS kernel-related vulnerability described as an out-of-bounds read that could allow a malicious application to execute arbitrary code with kernel privileges. Affected products: iPhone and iPad with iOS 15.2 / iPadOS 15.2 or earlier versions vulnerable to the iss...
CVE-2021-30988
Description: A permissions issue was addressed with improved validation. This issue is fixed in iOS 15.2 and iPadOS 15.2. A malicious application may be able to identify what other applications a user has installed...
CVE-2021-30988
CVE-2021-30988 concerns iOS/iPadOS via the NetworkExtension component, describing a permissions issue that could let a malicious app identify which other apps are installed. Root cause cited as improved validation; the fix is implemented in iOS 15.2 and iPadOS 15.2. Implication: information discl...
CVE-2021-30984
A race condition was addressed with improved state handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution...
CVE-2021-30983
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 15.2 and iPadOS 15.2. An application may be able to execute arbitrary code with kernel privileges...
CVE-2021-30983
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 15.2 and iPadOS 15.2. An application may be able to execute arbitrary code with kernel privileges...
CVE-2021-30973
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Monterey 12.1, iOS 15.2 and iPadOS 15.2, macOS Big Sur 11.6.2, Security Update 2021-008 Catalina. Processing a maliciously crafted file may disclose user information...
CVE-2021-30971
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.1, iOS 15.2 and iPadOS 15.2, macOS Big Sur 11.6.2, Security Update 2021-008 Catalina. Processing a maliciously crafted USD file may lead to unexpected application termination or...
CVE-2021-30971
CVE-2021-30971 describes an out-of-bounds write in USD file processing. Affected: macOS Monterey 12.1; iOS 15.2 and iPadOS 15.2; macOS Big Sur 11.6.2; Security Update 2021-008 Catalina. Root cause: improved bounds checking fixes the issue. Impact: processing a malicious USD file may terminate the...
CVE-2021-30967
Description: A permissions issue was addressed with improved validation. This issue is fixed in iOS 15.2 and iPadOS 15.2. A local attacker may be able to read sensitive information...
CVE-2021-30967
CVE-2021-30967 affects Apple iOS/iPadOS via the NetworkExtension component. A permissions issue was addressed with improved validation, allowing a local attacker to read sensitive information. Apple states the fix is available in iOS 15.2 and iPadOS 15.2. The connected Red Hat/Apple security entr...
CVE-2021-30966
A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, tvOS 15.2. User traffic might unexpectedly be leaked to a proxy server despite PAC configurations...
CVE-2021-30964
CVE-2021-30964 describes an inherited permissions issue that could allow a malicious application to bypass Privacy preferences. The issue is fixed in Apple OS updates: macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2. The CVE is categorized under privacy controls (TCC) and involves bypa...
CVE-2021-30960
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, tvOS 15.2. Parsing a maliciously crafted audio file may lead to disclosure of user information...
CVE-2021-30957
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, tvOS 15.2. Processing a maliciously crafted audio file may lead to arbitrary code execution...