8351 matches found
CVE-2021-30906
CVE-2021-30906 is a local elevation-of-privileges flaw reported in the Apple watchOS/iCloud stack. The vulnerability can be exploited by a local attacker with a simple authentication, leading to higher privileges. The issue is addressed by Apple in their updates for iOS 15.1/iPadOS 15.1 and relat...
CVE-2021-30905
CVE-2021-30905 is an out-of-bounds read vulnerability fixed in Apple OS updates: iOS 15.1 / iPadOS 15.1, macOS Monterey 12.0.1, tvOS 15.1, watchOS 8.1, and macOS Security Update 2021-007 Catalina. Processing a maliciously crafted file may disclose user information. Affected component is title-lis...
CVE-2021-30905
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, tvOS 15.1, watchOS 8.1, Security Update 2021-007 Catalina. Processing a maliciously crafted file may disclose user information...
CVE-2021-30903
CVE-2021-30903 affects Apple iOS/iPadOS (and macOS Monterey 12.0.1). The issue is triggered locally and may cause unexpected termination or arbitrary code execution. Affected component is Continuity Camera on Apple devices. Remediation is via updates: iOS 14.8.1/iPadOS 14.8.1, iOS 15.1/iPadOS 15....
CVE-2021-30903
This issue was addressed with improved checks. This issue is fixed in iOS 14.8.1 and iPadOS 14.8.1, iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1. A local attacker may be able to cause unexpected application termination or arbitrary code execution...
CVE-2021-30902
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.8.1 and iPadOS 14.8.1, iOS 15.1 and iPadOS 15.1. A local attacker may be able to cause unexpected application termination or arbitrary code execution...
CVE-2021-30902
CVE-2021-30902 affects Apple iOS/iPadOS Voice Control on Apple devices. A use-after-free in Voice Control was addressed with improved memory management and is fixed in iOS 14.8.1/iPadOS 14.8.1 and iOS 15.1/iPadOS 15.1. Local attackers may cause unexpected app termination or arbitrary code executi...
CVE-2021-30900
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 14.8.1 and iPadOS 14.8.1, iOS 15.1 and iPadOS 15.1. A malicious application may be able to execute arbitrary code with kernel privileges...
CVE-2021-30900
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 14.8.1 and iPadOS 14.8.1, iOS 15.1 and iPadOS 15.1. A malicious application may be able to execute arbitrary code with kernel privileges...
CVE-2021-30900
CVE-2021-30900 affects Apple’s GPU Drivers in iOS/iPadOS (Smartphone OS); root cause is an out-of-bounds write leading to memory corruption. Impact: potential arbitrary code execution with kernel privileges, exploitable locally. Apple fixes were released in iOS 14.8.1 / iPadOS 14.8.1 and iOS 15.1...
CVE-2021-30898
CVE-2021-30898 (Apple iOS/iPadOS 15) describes an access issue fixed by additional sandbox restrictions on third‑party applications. A malicious app could access some of the user’s Apple ID information or recent in‑app search terms. Affects devices running iOS/iPadOS up to pre‑15, with the fix im...
CVE-2021-30896
CVE-2021-30896 is a logic-issue vulnerability in Apple’s Game Center that could allow a malicious app to read a user’s gameplay data. The initial entry states a logic issue addressed with improved restrictions and lists affected platforms as iOS/iPadOS 15.0.x, tvOS 15.x, watchOS 8.x, and macOS Mo...
CVE-2021-30896
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 15.0.2 and iPadOS 15.0.2, tvOS 15.1, watchOS 8.1, macOS Monterey 12.0.1. A malicious application may be able to read user's gameplay data...
CVE-2021-30894
CVE-2021-30894 affects Apple devices (iOS/iPadOS/tvOS) in the Image Processing component. It describes a memory corruption issue that could allow an attacker to execute arbitrary code with kernel privileges. The exploitation is described as local, requiring authentication, with fixes delivered in...
CVE-2021-30895
CVE-2021-30895 is a logic issue in Apple’s Game Center that could allow a malicious app to access a user’s contacts. The entry lists fixes across multiple Apple platforms: iOS 15.0.2, iPadOS 15.0.2, tvOS 15.1, watchOS 8.1, and macOS Monterey 12.0.1. Connected documentation confirms the vulnerabil...
CVE-2021-30894
A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 15.1 and iPadOS 15.1, tvOS 15.1. An application may be able to execute arbitrary code with kernel privileges...
CVE-2021-30895
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 15.0.2 and iPadOS 15.0.2, tvOS 15.1, watchOS 8.1, macOS Monterey 12.0.1. A malicious application may be able to access information about a user's contacts...
CVE-2021-30890
CVE-2021-30890 is a WebKit/WebKitGTK/WebKitGTK-derived vulnerability described as a logic/state issue where processing maliciously crafted web content may lead to universal cross-site scripting. Public mentions appear in multiple connected advisories: Debian DSA-5030-1 (webkit2gtk) and DSA-5031-1...
CVE-2021-30890
A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to universal cross site scripting...
CVE-2021-30890
A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to universal cross site scripting...