Lucene search
K

8351 matches found

CVE
CVE
added 2021/08/24 6:49 p.m.231 views

CVE-2021-30889

CVE-2021-30889 : Buffer overflow in WebKitGTK leading to arbitrary code execution when processing malicious web content. Affected product: WebKitGTK/WebKit. Root cause: buffer overflow in WebKitGTK components (WebCore::ImageBufferCairoImageSurfaceBackend::create). Public references in ALAS2 advis...

8.8CVSS7.4AI score0.01932EPSS
Exploits0References5Affected Software5
AlpineLinux
AlpineLinux
added 2021/08/24 6:49 p.m.91 views

CVE-2021-30889

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to arbitrary code execution...

8.8CVSS7.8AI score0.01932EPSS
Exploits0
Debian CVE
Debian CVE
added 2021/08/24 6:49 p.m.36 views

CVE-2021-30889

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to arbitrary code execution...

8.8CVSS2.7AI score0.01932EPSS
Exploits0
Cvelist
Cvelist
added 2021/08/24 6:49 p.m.17 views

CVE-2021-30888

An information leakage issue was addressed. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1. A malicious website using Content Security Policy reports may be able to leak information via redirect behavior...

7.1AI score0.01743EPSS
Exploits0References6
AlpineLinux
AlpineLinux
added 2021/08/24 6:49 p.m.41 views

CVE-2021-30888

An information leakage issue was addressed. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1. A malicious website using Content Security Policy reports may be able to leak information via redirect behavior...

7.4CVSS7.1AI score0.01743EPSS
Exploits0
Debian CVE
Debian CVE
added 2021/08/24 6:49 p.m.38 views

CVE-2021-30888

An information leakage issue was addressed. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1. A malicious website using Content Security Policy reports may be able to leak information via redirect behavior...

7.4CVSS2AI score0.01743EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2021/08/24 6:49 p.m.38 views

CVE-2021-30887

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to unexpectedly unenforced Content Security Policy...

6.5CVSS6.7AI score0.01604EPSS
Exploits0
Cvelist
Cvelist
added 2021/08/24 6:49 p.m.22 views

CVE-2021-30887

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to unexpectedly unenforced Content Security Policy...

6.6AI score0.01604EPSS
Exploits0References9
CVE
CVE
added 2021/08/24 6:49 p.m.104 views

CVE-2021-30886

CVE-2021-30886 is a kernel-use-after-free in Apple OS kernels (macOS, iOS/iPadOS, watchOS, tvOS) that could allow a local attacker to execute arbitrary code with kernel privileges. Apple fixes claim improved memory management in the kernel; affected products include macOS Monterey 12.0.1, iOS 15....

9.3CVSS7.6AI score0.0123EPSS
Exploits0References4Affected Software5
AlpineLinux
AlpineLinux
added 2021/08/24 6:49 p.m.36 views

CVE-2021-30884

The issue was resolved with additional restrictions on CSS compositing. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Visiting a maliciously crafted website may reveal a user's browsing history...

4.7CVSS5.9AI score0.01114EPSS
Exploits0
CVE
CVE
added 2021/08/24 6:49 p.m.191 views

CVE-2021-30884

CVE-2021-30884 relates to WebKit-based rendering components (notably WebKitGTK/WebKit on embedded platforms) where an issue in CSS compositing could allow a malicious website to reveal browsing history. The root cause is described as limitations or restrictions on CSS compositing. The vulnerabili...

4.7CVSS5.5AI score0.01114EPSS
Exploits0References5Affected Software5
Cvelist
Cvelist
added 2021/08/24 6:49 p.m.19 views

CVE-2021-30882

A logic issue was addressed with improved validation. This issue is fixed in watchOS 8, iOS 15 and iPadOS 15. An application with microphone permission may unexpectedly access microphone input during a FaceTime call...

7.3AI score0.00977EPSS
Exploits0References2
CVE
CVE
added 2021/08/24 6:49 p.m.1096 views

CVE-2021-30883

CVE-2021-30883 is an memory-corruption vulnerability in Apple’s IOMobileFrameBuffer that can allow a malicious app to execute arbitrary code with kernel privileges. Apple patched it across iOS/iPadOS 14.8.1 and 15.0.2, macOS Big Sur 11.6.1 and Monterey 12.0.1, tvOS 15.1, and watchOS 8.1. The Appl...

9.3CVSS7.7AI score0.14721EPSS
In wildExploits0References7Affected Software5
CVE
CVE
added 2021/08/24 6:49 p.m.72 views

CVE-2021-30882

CVE-2021-30882 is a logic-issue vulnerability in Apple's FaceTime access flow. It could allow an app with microphone permission to unexpectedly access microphone input during a FaceTime call. Affected platforms: watchOS 8, iOS 15, and iPadOS 15; fix/mitigation: patches are in those OS versions. I...

7.5CVSS6.9AI score0.00977EPSS
Exploits0References2Affected Software3
Cvelist
Cvelist
added 2021/08/24 6:49 p.m.20 views

CVE-2021-30881

An input validation issue was addressed with improved memory handling. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, tvOS 15.1, watchOS 8.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. Unpacking a maliciously crafted archive may lead to arbitrary code...

7.6AI score0.01214EPSS
Exploits0References6
CVE
CVE
added 2021/08/24 6:49 p.m.81 views

CVE-2021-30875

The CVE-2021-30875 issue affects iOS/iPadOS and was reported as a lock-screen vulnerability in which a local attacker could view contacts from the lock screen due to inadequate state management. The Apple documentation for iOS 15.1 and iPadOS 15.1 describes this as a local-elevation/information-d...

3.3CVSS3.2AI score0.00254EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2021/08/24 6:49 p.m.19 views

CVE-2021-30875

A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management. This issue is fixed in iOS 15.1 and iPadOS 15.1. A local attacker may be able to view contacts from the lock screen...

3.7AI score0.00254EPSS
Exploits0References1
CVE
CVE
added 2021/08/24 6:49 p.m.79 views

CVE-2021-30874

CVE-2021-30874 affects Apple iOS/iPadOS 15 where an authorization issue in NetworkExtension could allow a VPN configuration to be installed by an app without user permission. Root cause cited as improved state management; fix implemented in iOS 15 / iPadOS 15. Implication: local apps may cause VP...

7.5CVSS6.8AI score0.00926EPSS
Exploits0References2Affected Software3
Cvelist
Cvelist
added 2021/08/24 6:49 p.m.18 views

CVE-2021-30874

An authorization issue was addressed with improved state management. This issue is fixed in iOS 15 and iPadOS 15. A VPN configuration may be installed by an app without user permission...

7.2AI score0.00926EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/08/24 6:49 p.m.20 views

CVE-2021-30870

A logic issue existed in the handling of document loads. This issue was addressed with improved state management. This issue is fixed in iOS 15 and iPadOS 15. Previewing an html file attached to a note may unexpectedly contact remote servers...

6.1AI score0.00855EPSS
Exploits0References1
Rows per page
Query Builder