8351 matches found
Input validation
An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave, macOS Big Sur 11.4, watchOS 7.5. Processing a maliciously crafted font may result in the disclosure o...
Input validation
A logic issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.4, tvOS 14.6, watchOS 7.5, iOS 14.6 and iPadOS 14.6. A malicious application may be able to execute arbitrary code with kernel privileges...
Design/Logic Flaw
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, tvOS 14.6, watchOS 7.5, iOS 14.6 and iPadOS 14.6. A malicious application may be able to modify protected parts of the file system...
Code injection
A local attacker may be able to view Now Playing information from the lock screen. This issue is fixed in macOS Big Sur 11.4, iOS 14.6 and iPadOS 14.6. A privacy issue in Now Playing was addressed with improved permissions...
Code injection
A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 14.5 and iPadOS 14.5. Processing a maliciously crafted audio file may lead to arbitrary code execution...
Memory corruption
A memory corruption issue in the ASN.1 decoder was addressed by removing the vulnerable code. This issue is fixed in tvOS 14.6, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, iOS 12.5.4, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. Processing a maliciously craft...
Design/Logic Flaw
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted mail message may lead to unexpected memory modification or application termination...
CVE-2021-30764
CVE-2021-30764 is an Apple ImageIO vulnerability that may allow arbitrary code execution when parsing a malicious image/file. The issue is described across Apple OS updates (iOS 14.5/iPadOS 14.5, watchOS 7.4, tvOS 14.5) with fixes implemented via improved input validation and checks. Connected do...
CVE-2021-30764
Processing a maliciously crafted file may lead to arbitrary code execution. This issue is fixed in iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. This issue was addressed with improved checks...
CVE-2021-30756
The CVE-2021-30756 issue concerns a privacy-related information disclosure on Apple devices where a local attacker could view Now Playing information from the lock screen. Affected components are Apple's Now Playing/MediaRemote functionality across macOS Big Sur and iOS/iPadOS. Root cause is a pe...
CVE-2021-30756
A local attacker may be able to view Now Playing information from the lock screen. This issue is fixed in macOS Big Sur 11.4, iOS 14.6 and iPadOS 14.6. A privacy issue in Now Playing was addressed with improved permissions...
CVE-2021-30753
Processing a maliciously crafted font may result in the disclosure of process memory. This issue is fixed in macOS Big Sur 11.4, tvOS 14.6, watchOS 7.5, iOS 14.6 and iPadOS 14.6. An out-of-bounds read was addressed with improved input validation...
CVE-2021-30753
CVE-2021-30753 affects Apple platforms (macOS Big Sur 11.4, tvOS 14.6, watchOS 7.5, iOS 14.6, iPadOS 14.6). Root cause: out-of-bounds read in font handling (FontParser/CoreText) due to malformed font input. Impact: potential disclosure of process memory. Fix: addressed in the listed OS updates wi...
CVE-2021-30743
An out-of-bounds write was addressed with improved input validation. This issue is fixed in iOS 14.5 and iPadOS 14.5, watchOS 7.4, Security Update 2021-003 Catalina, tvOS 14.5, macOS Big Sur 11.3. Processing a maliciously crafted image may lead to arbitrary code execution...
CVE-2021-30743
CVE-2021-30743 affects Apple ImageIO across macOS/ iOS platforms. The issue is an out-of-bounds write when processing a maliciously crafted image, leading to arbitrary code execution. Apple fixed it in iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, and Security Update 2021-003 Catalina/macOS B...
CVE-2021-30746
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted USD file may disclose memory contents...
CVE-2021-30752
The CVE-2021-30752 issue affects Apple platforms including macOS Big Sur 11.3, iOS 14.5 / iPadOS 14.5, watchOS 7.4, and tvOS 14.5. Description indicates that Processing a maliciously crafted image could lead to arbitrary code execution, caused by an out-of-bounds read that was addressed with impr...
CVE-2021-30752
Processing a maliciously crafted image may lead to arbitrary code execution. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. An out-of-bounds read was addressed with improved input validation...
CVE-2021-30741
CVE-2021-30741 describes a use-after-free vulnerability in Appleās Mail handling on iOS/iPadOS. Processing a maliciously crafted mail message may lead to unexpected memory modification or application termination. Apple fixed this issue in iOS 14.6 and iPadOS 14.6. The CVE entry is supported by NV...
CVE-2021-30742
A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 14.5 and iPadOS 14.5. Processing a maliciously crafted audio file may lead to arbitrary code execution...