8351 matches found
CVE-2021-30983
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 15.2 and iPadOS 15.2. An application may be able to execute arbitrary code with kernel privileges...
CVE-2021-30983
CVE-2021-30983 is a buffer overflow in Apple’s IOMobileFrameBuffer path that can lead to arbitrary code execution with kernel privileges. Technical analysis in the connected documents shows the vulnerability involving a privilege-escalation flow across the Display Co-Processor (DCP) where an IOCo...
CVE-2021-30983
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 15.2 and iPadOS 15.2. An application may be able to execute arbitrary code with kernel privileges...
CVE-2021-30979
CVE-2021-30979 affects Apple platforms via the ModelIO ABC file parsing path. The ZDI advisory documents a heap-based buffer overflow in ModelIO that can lead to remote code execution when a crafted ABC file is processed. Public references align this with the USD/ModelIO data pathway vulnerabilit...
CVE-2021-30973
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Monterey 12.1, iOS 15.2 and iPadOS 15.2, macOS Big Sur 11.6.2, Security Update 2021-008 Catalina. Processing a maliciously crafted file may disclose user information...
CVE-2021-30971
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.1, iOS 15.2 and iPadOS 15.2, macOS Big Sur 11.6.2, Security Update 2021-008 Catalina. Processing a maliciously crafted USD file may lead to unexpected application termination or...
CVE-2021-30971
CVE-2021-30971 describes an out-of-bounds write in USD file processing. Affected: macOS Monterey 12.1; iOS 15.2 and iPadOS 15.2; macOS Big Sur 11.6.2; Security Update 2021-008 Catalina. Root cause: improved bounds checking fixes the issue. Impact: processing a malicious USD file may terminate the...
CVE-2021-30968
CVE-2021-30968 is a validation issue in hard link handling that Apple fixed via sandbox restrictions across multiple OS updates. Public details show the bug being addressed in macOS Big Sur 11.6.2, macOS Monterey 12.1, tvOS 15.2, iOS 15.2/iPadOS 15.2, watchOS 8.3, and Security Update 2021-008 Cat...
CVE-2021-30967
CVE-2021-30967 affects Apple iOS/iPadOS via the NetworkExtension component. A permissions issue was addressed with improved validation, allowing a local attacker to read sensitive information. Apple states the fix is available in iOS 15.2 and iPadOS 15.2. The connected Red Hat/Apple security entr...
CVE-2021-30967
Description: A permissions issue was addressed with improved validation. This issue is fixed in iOS 15.2 and iPadOS 15.2. A local attacker may be able to read sensitive information...
CVE-2021-30966
CVE-2021-30966 is a logic issue in CFNetwork Proxies that could cause user traffic to be leaked to a proxy server despite PAC configurations. Public details in Apple security updates show the issue affects macOS Monterey 12.1 (and related updates for other Apple platforms) and was addressed in Mo...
CVE-2021-30966
A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, tvOS 15.2. User traffic might unexpectedly be leaked to a proxy server despite PAC configurations...
CVE-2021-30964
CVE-2021-30964 describes an inherited permissions issue that could allow a malicious application to bypass Privacy preferences. The issue is fixed in Apple OS updates: macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2. The CVE is categorized under privacy controls (TCC) and involves bypa...
CVE-2021-30964
An inherited permissions issue was addressed with additional restrictions. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2. A malicious application may be able to bypass Privacy preferences...
CVE-2021-30960
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, tvOS 15.2. Parsing a maliciously crafted audio file may lead to disclosure of user information...
CVE-2021-30960
CVE-2021-30960 concerns a buffer overflow in the Audio handling path of macOS. Public documentation indicates the issue is fixed in macOS Big Sur 11.6.3 and is also addressed in macOS Monterey 12.1 across the Audio stack. The vulnerability could be triggered by parsing a maliciously crafted audio...
CVE-2021-30957
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, tvOS 15.2. Processing a maliciously crafted audio file may lead to arbitrary code execution...
CVE-2021-30957
CVE-2021-30957 is an Apple vulnerability describing a buffer overflow in CoreAudio that could allow arbitrary code execution when processing a malicious audio file. It affects macOS Monterey 12.1 and iOS/iPadOS/watchOS/tvOS releases listed for that fix (e.g., macOS Monterey 12.1, iOS 15.2, iPadOS...
CVE-2021-30956
CVE-2021-30956 affects Apple iOS and iPadOS: a lock-screen vulnerability allows access to contacts when a device is locked, due to insufficient state management. The issue enables viewing private contact information by someone with physical access. Apple’s security content confirms the fix in iOS...
CVE-2021-30955
A race condition was addressed with improved state handling. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, tvOS 15.2. A malicious application may be able to execute arbitrary code with kernel privileges...