8351 matches found
Design/Logic Flaw
Description: A permissions issue was addressed with improved validation. This issue is fixed in iOS 15.1 and iPadOS 15.1, tvOS 15.1, macOS Big Sur 11.6.2, watchOS 8.1, macOS Monterey 12.1. A malicious application may be able to bypass Privacy preferences...
Cross site scripting
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, tvOS 15.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. Processing a maliciously crafted file may disclose user information...
Code injection
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to unexpectedly unenforced Content Security Policy...
Information disclosure
Description: A permissions issue was addressed with improved validation. This issue is fixed in iOS 15.2 and iPadOS 15.2. A local attacker may be able to read sensitive information...
Memory corruption
A memory corruption vulnerability was addressed with improved locking. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. A malicious application may be able to execute arbitrary code with kernel...
Hardcoded credentials
A logic issue existed in the handling of document loads. This issue was addressed with improved state management. This issue is fixed in iOS 15 and iPadOS 15. Previewing an html file attached to a note may unexpectedly contact remote servers...
Design/Logic Flaw
Description: A logic issue was addressed with improved state management. This issue is fixed in iOS 15.2 and iPadOS 15.2, watchOS 8.3, macOS Monterey 12.1, tvOS 15.2. A malicious app may be able to access data from other apps by enabling additional logging...
Design/Logic Flaw
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.1, iOS 15.2 and iPadOS 15.2, macOS Big Sur 11.6.2, Security Update 2021-008 Catalina. Processing a maliciously crafted USD file may lead to unexpected application termination or...
Design/Logic Flaw
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 14.8.1 and iPadOS 14.8.1, iOS 15.1 and iPadOS 15.1. A malicious application may be able to execute arbitrary code with kernel privileges...
Design/Logic Flaw
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.1, iOS 15.2 and iPadOS 15.2, macOS Big Sur 11.6.2. Processing a maliciously crafted font may result in the disclosure of process memory...
Design/Logic Flaw
A permissions issue was addressed with improved validation. This issue is fixed in iOS 15.2 and iPadOS 15.2, watchOS 8.3, macOS Monterey 12.1, tvOS 15.2. A malicious application may be able to read sensitive contact information...
Design/Logic Flaw
A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution...
Cross site scripting
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, iOS 15.1 and iPadOS 15.1, macOS Big Sur 11.6.1. Processing a maliciously crafted USD file may disclose memory contents...
CVE-2021-31013
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.1, iOS 15.2 and iPadOS 15.2, macOS Big Sur 11.6.2. Processing a maliciously crafted font may result in the disclosure of process memory...
CVE-2021-31009
CVE-2021-31009 : The issue is resolved by removing HDF5 in Apple software. Public details indicate multiple issues in HDF5 and fixes are applied in iOS 15.2 and iPadOS 15.2, and macOS Monterey 12.1. The Red Hat and Nessus entries corroborate the same CVE as part of their vulnerability sets, listi...
CVE-2021-31009
Multiple issues were addressed by removing HDF5. This issue is fixed in iOS 15.2 and iPadOS 15.2, macOS Monterey 12.1. Multiple issues in HDF5...
CVE-2021-31008
A type confusion issue was addressed with improved memory handling. This issue is fixed in Safari 15.1, tvOS 15.1, iOS 15 and iPadOS 15, macOS Monterey 12.0.1, watchOS 8.1. Processing maliciously crafted web content may lead to code execution...
CVE-2021-31007
Description: A permissions issue was addressed with improved validation. This issue is fixed in iOS 15.1 and iPadOS 15.1, tvOS 15.1, macOS Big Sur 11.6.2, watchOS 8.1, macOS Monterey 12.1. A malicious application may be able to bypass Privacy preferences...
CVE-2021-31007
CVE-2021-31007 pertains to a permissions issue fixed in iOS/iPadOS 15.1, tvOS 15.1, macOS Big Sur 11.6.2, watchOS 8.1, and macOS Monterey 12.1. The Apple security content ties the vulnerability to the FileProvider component, describing that a malicious application may bypass Privacy preferences d...
CVE-2021-31005
CVE-2021-31005 is a logic issue in WebKit related to state management, enabling issues when Block all remote content is disabled. It is fixed in iOS 15/iPadOS 15 and macOS Monterey 12.0.1. Affected UI/web content handling is addressed; remediation is upgrading to the listed Apple OS versions (and...