8351 matches found
CVE-2021-30943
Apple CVE-2021-30943 concerns an issue in the Messages app where handling of group membership could allow a malicious user to leave a messages group while still receiving messages in that group. The root cause is described as a logic flaw in group membership handling, and Apple states a fix is im...
CVE-2021-30943
An issue in the handling of group membership was resolved with improved logic. This issue is fixed in iOS 15.2 and iPadOS 15.2, watchOS 8.3, macOS Monterey 12.1. A malicious user may be able to leave a messages group but continue to receive messages in that group...
CVE-2021-30942
CVE-2021-30942 is a memory-corruption vulnerability in ICC profile processing. The entry notes that improved input validation fixes the issue, with the vulnerability affecting Apple OS releases including macOS Big Sur 11.6.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2/iPadOS...
CVE-2021-30941
CVE-2021-30941 is a buffer overflow vulnerability addressed by Apple in macOS Monterey 12.1, iOS 15.2, iPadOS 15.2, macOS Big Sur 11.6.2, and Security Update 2021-008 Catalina. The issue arises during processing of a maliciously crafted USD file, with the underlying problem described as improved ...
CVE-2021-30940
CVE-2021-30940 is a memory handling vulnerability described as a buffer overflow when processing a malicious USD file, potentially disclosing memory contents. Affected products/versions (per provided documents): macOS Big Sur 11.6.2 and Security Update 2021-008 Catalina; macOS Monterey 12.1; iOS ...
CVE-2021-30939
CVE-2021-30939 is an out-of-bounds read vulnerability fixed by Apple in multiple OS updates. The issue occurs when processing a maliciously crafted image, potentially allowing arbitrary code execution. According to the sources, the fix applies to macOS Big Sur 11.6.2, macOS Monterey 12.1, macOS C...
CVE-2021-30937
CVE-2021-30937 is a memory-corruption vulnerability in Apple’s XNU kernel that could allow a malicious app to execute arbitrary code with kernel privileges. The issue is addressed by updates across Apple platforms: macOS Big Sur 11.6.2, macOS Monterey 12.1, macOS Catalina Security Update 2021-008...
CVE-2021-30936
A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution...
CVE-2021-30936
CVE-2021-30936 is a use-after-free in WebKitWebKitGTK/WebKit processing malicious web content, leading to arbitrary code execution. Public details in connected docs show the issue fixed in Safari 15.2, macOS Monterey 12.1, iOS 15.2, iPadOS 15.2 and tvOS 15.2 (WebKit). Debian and AlmaLinux advisor...
CVE-2021-30936
A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution...
CVE-2021-30934
The CVE-2021-30934 entry is valid and has concrete details across connected documents. It concerns WebKit/WebKitGTK family processing malicious web content leading to arbitrary code execution due to a buffer overflow. Affected products include Apple platforms: Safari 15.2, macOS Monterey 12.1, iO...
CVE-2021-30934
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution...
CVE-2021-30932
CVE-2021-30932 is fixed in iOS 15.2 and iPadOS 15.2. The issue allowed a person with physical access to an iOS device to access contacts from the lock screen due to improved permissions logic. The vulnerability affects iPhone and iPad platforms covered by the Apple security content. The connected...
CVE-2021-30932
The issue was addressed with improved permissions logic. This issue is fixed in iOS 15.2 and iPadOS 15.2. A person with physical access to an iOS device may be able to access contacts from the lock screen...
CVE-2021-30929
CVE-2021-30929 is an out-of-bounds write vulnerability in macOS/iOS/macOS-related USD-file handling, fixed by bounds-check improvements. The issue could disclose memory contents when processing a maliciously crafted USD file. Affected software is macOS/macOS Monterey 12.1 and older Big Sur/ Catal...
CVE-2021-30928
CVE-2021-30928 is a memory corruption vulnerability in CoreGraphics affecting processing of maliciously crafted images, leading to arbitrary code execution. The Apple advisories indicate the issue is fixed in macOS Big Sur 11.6 and in iOS 14.8 / 15, iPadOS 14.8 / 15, watchOS 8, and tvOS 15. The A...
CVE-2021-30927
CVE-2021-30927 is a use-after-free memory vulnerability in Apple platforms that is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, and watchOS 8.3. The issue may allow an application to execute arbitrary code with kernel ...
CVE-2021-30926
CVE-2021-30926 is a memory corruption issue in ICC profile processing that could lead to arbitrary code execution when handling a malicious image. Apple attributes the root cause to improper input validation during ICC profile processing, and fixes were released in macOS Monterey 12.1 and corresp...
CVE-2021-30926
Description: A memory corruption issue in the processing of ICC profiles was addressed with improved input validation. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, tvOS 15.2. Processing a maliciously crafted image may lead to arbitrary code execution...
CVE-2021-30925
The issue was addressed with improved permissions logic. This issue is fixed in watchOS 8, macOS Big Sur 11.6, iOS 15 and iPadOS 15. A malicious application may be able to bypass Privacy preferences...