8351 matches found
CVE-2021-31005
Description: A logic issue was addressed with improved state management. This issue is fixed in iOS 15 and iPadOS 15, macOS Monterey 12.0.1. Turning off "Block all remote content" may not apply to all remote content types...
CVE-2021-31001
According to the sources, CVE-2021-31001 is an access issue in iOS/iPadOS Telephony that could allow an attacker in a privileged network position to leak sensitive user information. The vulnerability is addressed in iOS 15 and iPadOS 15. Connected documents (Red Hat, PT Security, CNNVD, etc.) con...
CVE-2021-31000
CVE-2021-31000 is described in Apple security updates as a permissions issue that could allow a malicious app to read sensitive contact information. The Apple advisories (HT212978 for macOS Monterey 12.1 and related entries) tie this CVE to the Game Center component and note fixes in iOS 15.2/iPa...
CVE-2021-31000
A permissions issue was addressed with improved validation. This issue is fixed in iOS 15.2 and iPadOS 15.2, watchOS 8.3, macOS Monterey 12.1, tvOS 15.2. A malicious application may be able to read sensitive contact information...
CVE-2021-30999
CVE-2021-30999 affects Apple platforms (notably Safari/WebKit components on iOS and iPadOS). The issue stems from permission logic that can prevent a user from fully deleting browsing history. Affected documentation indicates the vulnerability was addressed with a fix in iOS 14.6 and iPadOS 14.6,...
CVE-2021-30998
A S/MIME issue existed in the handling of encrypted email. This issue was addressed with improved selection of the encryption certificate. This issue is fixed in iOS 15.2 and iPadOS 15.2. A sender's email address may be leaked when sending an S/MIME encrypted email using a certificate with more...
CVE-2021-30998
Summary of CVE-2021-30998 : Apple iOS and iPadOS were affected by a S/MIME handling issue where the sender’s email address could be leaked when using a certificate that contains multiple email addresses. The vulnerability is addressed by improved selection of the encryption certificate, with patc...
CVE-2021-30997
A S/MIME issue existed in the handling of encrypted email. This issue was addressed by not automatically loading some MIME parts. This issue is fixed in iOS 15.2 and iPadOS 15.2. An attacker may be able to recover plaintext contents of an S/MIME-encrypted e-mail...
CVE-2021-30997
CVE-2021-30997 concerns an S/MIME handling issue in iOS/iPadOS Mail where encrypted emails could disclose plaintext content. The Apple advisory and Red Hat/NVD entries indicate the vulnerability was mitigated by not automatically loading certain MIME parts, and Apple fixed it in iOS 15.2/iPadOS 1...
CVE-2021-30996
CVE-2021-30996 is a race condition affecting Apple platforms (notably IOMobileFrameBuffer and Kernel components) that could allow a malicious app to execute arbitrary code with kernel privileges. It was fixed in macOS Monterey 12.1 and iOS 15.2 / iPadOS 15.2. Public details in connected sources c...
CVE-2021-30993
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, tvOS 15.2. An attacker in a privileged network position may be able to execute arbitrary code...
CVE-2021-30993
CVE-2021-30993 involves a kernel-level buffer overflow in Apple’s OS stack. The description confirms a memory handling issue that could allow an attacker in a privileged network position to execute arbitrary code. Publicly documented fixes target macOS Monterey 12.1 and Apple OS updates for watch...
CVE-2021-30992
CVE-2021-30992 affects Apple iOS and iPadOS FaceTime in which a user in a FaceTime call may leak sensitive information via Live Photos metadata. Root cause: improper handling of file metadata; fix: Apple addressed in iOS 15.2 and iPadOS 15.2. Practical impact is limited to information disclosure ...
CVE-2021-30991
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 15.2 and iPadOS 15.2. A malicious application may be able to execute arbitrary code with kernel privileges...
CVE-2021-30991
CVE-2021-30991 is an Apple iOS/iPadOS kernel-related vulnerability described as an out-of-bounds read that could allow a malicious application to execute arbitrary code with kernel privileges. Affected products: iPhone and iPad with iOS 15.2 / iPadOS 15.2 or earlier versions vulnerable to the iss...
CVE-2021-30988
Description: A permissions issue was addressed with improved validation. This issue is fixed in iOS 15.2 and iPadOS 15.2. A malicious application may be able to identify what other applications a user has installed...
CVE-2021-30988
CVE-2021-30988 concerns iOS/iPadOS via the NetworkExtension component, describing a permissions issue that could let a malicious app identify which other apps are installed. Root cause cited as improved validation; the fix is implemented in iOS 15.2 and iPadOS 15.2. Implication: information discl...
CVE-2021-30985
CVE-2021-30985 is an out-of-bounds write in the IOMobileFrameBuffer component affecting Apple iOS/iPadOS. The issue could let a malicious app execute arbitrary code with kernel privileges and is mitigated by the vendor by memory/bounds checking improvements. Apple states this flaw is fixed in iOS...
CVE-2021-30984
A race condition was addressed with improved state handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution...
CVE-2021-30984
A race condition was addressed with improved state handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution...