Lucene search
K

8351 matches found

CVE
CVE
added 2021/08/24 6:49 p.m.65 views

CVE-2021-30870

CVE-2021-30870 is a logic issue in how Apple iOS/iPadOS handles document loads. The vulnerability stems from handling of loading HTML attachments in notes, with the root cause described as an issue in state management. It is fixed in iOS 15 and iPadOS 15. Affected behavior could allow previewing ...

6.5CVSS5.7AI score0.00855EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2021/08/24 6:49 p.m.27 views

CVE-2021-30867

The issue was addressed with improved authentication. This issue is fixed in iOS 15 and iPadOS 15. A malicious application may be able to access photo metadata without needing permission to access photos...

5.8AI score0.00731EPSS
Exploits0References2
CVE
CVE
added 2021/08/24 6:49 p.m.79 views

CVE-2021-30867

The CVE-2021-30867 issue affects Apple iOS/iPadOS and was addressed in iOS 15 / iPadOS 15. A malicious application could access photo metadata without requiring permission to access photos due to an authentication flaw. Apple states the vulnerability was fixed by improved authentication. Public r...

5.5CVSS5.4AI score0.00731EPSS
Exploits0References2Affected Software3
CVE
CVE
added 2021/08/24 6:49 p.m.96 views

CVE-2021-30866

CVE-2021-30866 is Apple’s privacy issue where broadcast WiFi MAC addresses were removed to prevent passive tracking. It affects tvOS 15, watchOS 8, iOS 15 and iPadOS 15, with the root cause being exposure of a device’s MAC address over a Wi‑Fi broadcast. The fix is the removal of the broadcast MA...

6.5CVSS6.5AI score0.00524EPSS
Exploits0References4Affected Software5
Cvelist
Cvelist
added 2021/08/24 6:49 p.m.17 views

CVE-2021-30863

This issue was addressed by improving Face ID anti-spoofing models. This issue is fixed in iOS 15 and iPadOS 15. A 3D model constructed to look like the enrolled user may be able to authenticate via Face ID...

6.5AI score0.0027EPSS
Exploits0References1
CVE
CVE
added 2021/08/24 6:49 p.m.83 views

CVE-2021-30863

CVE-2021-30863 affects devices with Face ID. The issue describes a spoofing risk where a 3D model resembling the enrolled user may authenticate via Face ID. Apple fixed the vulnerability in iOS 15 and iPadOS 15 by improving Face ID anti-spoofing models. Public-facing details in the connected sour...

6.8CVSS6.2AI score0.0027EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2021/08/24 6:49 p.m.33 views

CVE-2021-30860

An integer overflow was addressed with improved input validation. This issue is fixed in Security Update 2021-005 Catalina, iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, watchOS 7.6.2. Processing a maliciously crafted PDF may lead to arbitrary code execution. Apple is aware of a report that this...

7.8AI score0.75994EPSS
Exploits2References15
CVE
CVE
added 2021/08/24 6:49 p.m.109 views

CVE-2021-30859

CVE-2021-30859 is a Kernel-type confusion vulnerability in Apple products. According to Apple advisories, it could allow a malicious application to execute arbitrary code with kernel/system privileges. The issue was addressed by Apple in macOS Big Sur 11.6 and Security Update 2021-005 Catalina, a...

9.3CVSS7.2AI score0.01152EPSS
Exploits0References3Affected Software4
Cvelist
Cvelist
added 2021/08/24 6:49 p.m.23 views

CVE-2021-30859

A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, Security Update 2021-005 Catalina. A malicious application may be able to execute arbitrary code with kernel privileges...

7.4AI score0.01152EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2021/08/24 6:49 p.m.51 views

CVE-2021-30858

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited...

8.8CVSS9.1AI score0.13486EPSS
Exploits0
Cvelist
Cvelist
added 2021/08/24 6:49 p.m.26 views

CVE-2021-30858

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited...

8.8AI score0.13486EPSS
Exploits0References18
CVE
CVE
added 2021/08/24 6:49 p.m.1291 views

CVE-2021-30858

CVE-2021-30858 is a use-after-free in WebKit/WebKitGTK that could lead to arbitrary code execution when processing malicious web content. Apple patched this in iOS 14.8, iPadOS 14.8, and macOS Big Sur 11.6; Chromium/WebKit GTK ecosystems referenced the same vulnerability (WebKit/Gtk port). Some a...

8.8CVSS8.9AI score0.13486EPSS
In wildExploits0References19Affected Software3
Debian CVE
Debian CVE
added 2021/08/24 6:49 p.m.45 views

CVE-2021-30858

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited...

8.8CVSS2.8AI score0.13486EPSS
Exploits0
CVE
CVE
added 2021/08/24 6:49 p.m.122 views

CVE-2021-30855

CVE-2021-30855 is an Apple vulnerability in the Preferences component where a validation issue in the handling of symlinks could allow an application to access restricted files. The issue is addressed in Security Update 2021-005 Catalina, iOS 14.8/iPadOS 14.8 and iOS 15/iPadOS 15, watchOS 8, and ...

5.5CVSS5.3AI score0.02405EPSS
Exploits0References6Affected Software6
CVE
CVE
added 2021/08/24 6:49 p.m.115 views

CVE-2021-30852

CVE-2021-30852 is a type-confusion issue in Apple’s Foundation component that can be triggered by processing malicious web content, potentially enabling arbitrary code execution. The vulnerability is addressed via memory-handling fixes and is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, watchOS 8,...

8.8CVSS8.4AI score0.01406EPSS
Exploits0References6Affected Software5
CVE
CVE
added 2021/08/24 6:49 p.m.239 views

CVE-2021-30851

CVE-2021-30851 affects WebKitGTK and WPE WebKit. A memory corruption vulnerability could allow arbitrary code execution when processing malicious web content. Upstream fix is WebKitGTK/WebKit/WPE WebKit 2.34.1; Debian/Arch Linux advisories (DSA-4995/4996, ASA-202110-10) note remediation by upgrad...

8.8CVSS8.5AI score0.02319EPSS
Exploits0References10Affected Software6
Cvelist
Cvelist
added 2021/08/24 6:49 p.m.23 views

CVE-2021-30851

A memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution...

8.7AI score0.02319EPSS
Exploits0References10
Debian CVE
Debian CVE
added 2021/08/24 6:49 p.m.34 views

CVE-2021-30851

A memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution...

8.8CVSS2.8AI score0.02319EPSS
Exploits0
CNNVD
CNNVD
added 2021/08/24 12:0 a.m.3 views

Apple macOS 缓冲区错误漏洞

Apple macOS is a suite of specialized operating systems developed by Apple Inc. for Mac computers. A buffer error vulnerability exists in several Apple products, where a malicious application may be able to execute arbitrary code using kernel privileges. The vulnerability is fixed in the followin...

9.3CVSS8AI score0.01567EPSS
Exploits0References21
CNNVD
CNNVD
added 2021/08/24 12:0 a.m.5 views

Apple tvOS 安全漏洞

Apple tvOS is a set of smart TV operating systems from the American company Apple. A security vulnerability exists in several Apple products that stems from a type confusion issue. An attacker could cause code execution via maliciously crafted web content, which is fixed in iOS 14.8 and iPadOS...

8.8CVSS8.4AI score0.01406EPSS
Exploits0References10
Rows per page
Query Builder