8351 matches found
CVE-2021-30925
CVE-2021-30925 affects Apple platforms (watchOS, macOS Big Sur, iOS, iPadOS) via a sandbox/privacy logic issue where a malicious app could bypass Privacy preferences. Root cause described as improved permissions logic; impact is exposure of restricted data due to bypass. Fixes exist in watchOS 8,...
CVE-2021-30921
CVE-2021-30921 affects Apple iOS 14.5 and iPadOS 14.5. A logic/state-management issue allowed a user's password to be visible onscreen (notably tied to UIKit/UI handling). The vulnerability stems from improved state management; Apple patched in iOS 14.5/iPadOS 14.5. No exploitation details are pr...
CVE-2021-30921
A logic issue was addressed with improved state management. This issue is fixed in iOS 14.5 and iPadOS 14.5. A user's password may be visible onscreen...
CVE-2021-30919
An out-of-bounds write was addressed with improved input validation. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. Processing a maliciously crafted PDF may lead...
CVE-2021-30919
CVE-2021-30919: An out-of-bounds write in processing a maliciously crafted PDF may lead to arbitrary code execution. Affected components relate to Apple platforms including iOS/iPadOS, macOS, tvOS and watchOS. The issue was addressed by input validation improvements and is fixed in iOS 15.1/iPadO...
CVE-2021-30918
CVE-2021-30918 affects Apple iOS/iPadOS lock screen: a flaw in lock-screen state management could allow viewing restricted content. Apple fixed it in iOS 14.8.1/iPadOS 14.8.1 and iOS 15.0.1/iPadOS 15.0.1. The NVD notes a low-severity impact with local access and no authentication required for exp...
CVE-2021-30918
A Lock Screen issue was addressed with improved state management. This issue is fixed in iOS 14.8.1 and iPadOS 14.8.1, iOS 15.0.1 and iPadOS 15.0.1. A user may be able to view restricted content from the Lock Screen...
CVE-2021-30917
CVE-2021-30917 describes a memory corruption issue in the processing of ICC profiles in Apple software. The vulnerability is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1, Security Update 2021-007 Catalina, and macOS Big Sur 11.6.1....
CVE-2021-30916
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. A malicious application may be able to execute arbitrary code with...
CVE-2021-30916
CVE-2021-30916 is a memory corruption vulnerability in Apple’s Kernel that could allow a malicious app to execute arbitrary code with kernel privileges. The initial description notes fixes in iOS 15.1/iPadOS 15.1, macOS Monterey 12.0.1, iOS 14.8.1/iPadOS 14.8.1, Security Update 2021-007 Catalina,...
CVE-2021-30915
A logic issue was addressed with improved state management. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, tvOS 15.1, watchOS 8.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. A person with physical access to an iOS device may be able to determine...
CVE-2021-30915
CVE-2021-30915 is a logic issue in iOS/iPadOS security text entry that could allow a person with physical access to determine characteristics of a user’s password in a secure text entry field. Root cause: flawed state management. Impact: potential partial disclosure of password characteristics. A...
CVE-2021-30914
A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 15.1 and iPadOS 15.1. An application may be able to execute arbitrary code with kernel privileges...
CVE-2021-30914
CVE-2021-30914 affects Apple iOS/iPadOS GPU Drivers. The issue is a memory corruption vulnerability caused by improper input handling, with potential for an application to execute arbitrary code with kernel privileges. Apple confirms the fix in iOS 15.1 and iPadOS 15.1. In the available documents...
CVE-2021-30911
CVE-2021-30911 describes an out-of-bounds read caused by insufficient bounds checking when processing a maliciously crafted USD file. Impact: potentially disclosing memory contents. Affected platforms and fixed versions include macOS Monterey 12.0.1, Security Update 2021-007 Catalina, iOS 15.1 an...
CVE-2021-30911
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, iOS 15.1 and iPadOS 15.1, macOS Big Sur 11.6.1. Processing a maliciously crafted USD file may disclose memory contents...
CVE-2021-30909
CVE-2021-30909 describes a memory corruption issue in Apple’s kernel that could allow an attacker to execute arbitrary code with kernel privileges. The initial document indicates fixes in macOS Monterey 12.0.1 (and Security Update 2021-007 Catalina), iOS 15.1/iPadOS 15.1, iOS 14.8.1/iPadOS 14.8.1...
CVE-2021-30907
An integer overflow was addressed through improved input validation. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. A malicious application may be able to elevat...
CVE-2021-30907
CVE-2021-30907 is observed in connected documents as an elevation-of-privileges issue affecting Apple watchOS, specifically the Audio component. The vulnerability can be exploited by a malicious application locally, requiring a single authentication step. Initial description notes an integer over...
CVE-2021-30906
This issue was addressed with improved checks. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, tvOS 15.1, watchOS 8.1, macOS Big Sur 11.6.1. A local attacker may be able to elevate their privileges...