Iphone Os Security Vulnerabilities and Issues — Iphone Os CVE List

Lucene search

AppleIphone Os

29 matches found

CVE•added 2021/10/19 2:15 p.m.•1081 views

CVE-2021-30807

A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.5.1, iOS 14.7.1 and iPadOS 14.7.1, watchOS 7.6.1. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been acti...

9.3CVSS8AI score0.20311EPSS

In wild

CVE•added 2021/10/28 7:15 p.m.•648 views

CVE-2021-30836

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted audio file may disclose restricted memory.

5.5CVSS5.8AI score0.00238EPSS

CVE•added 2021/10/19 2:15 p.m.•298 views

CVE-2021-30849

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, watchOS 8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.

7.8CVSS8.5AI score0.00651EPSS

CVE•added 2021/10/19 2:15 p.m.•217 views

CVE-2021-30846

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution.

7.8CVSS8.3AI score0.00874EPSS

CVE•added 2021/10/28 7:15 p.m.•197 views

CVE-2021-30818

A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, Safari 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.6AI score0.00441EPSS

CVE•added 2021/10/28 7:15 p.m.•186 views

CVE-2021-30809

A use after free issue was addressed with improved memory management. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.7AI score0.00777EPSS

CVE•added 2021/10/28 7:15 p.m.•186 views

CVE-2021-30823

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 14.8 and iPadOS 14.8, tvOS 15, Safari 15, watchOS 8. An attacker in a privileged network position may be able to bypass HSTS.

6.5CVSS6AI score0.00502EPSS

CVE•added 2021/10/19 2:15 p.m.•179 views

CVE-2021-30848

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution.

7.8CVSS8AI score0.00898EPSS

CVE•added 2021/10/19 2:15 p.m.•104 views

CVE-2021-30835

This issue was addressed with improved checks. This issue is fixed in Security Update 2021-005 Catalina, iTunes 12.12 for Windows, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing a maliciously crafted image may lead to arbitrary code execution.

7.8CVSS7.9AI score0.00402EPSS

CVE•added 2021/10/19 2:15 p.m.•100 views

CVE-2021-30843

This issue was addressed with improved checks. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, Security Update 2021-005 Catalina, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing a maliciously crafted dfont file may lead to arbitrary code execution.

7.8CVSS7.7AI score0.0027EPSS

CVE•added 2021/10/19 2:15 p.m.•96 views

CVE-2021-30847

This issue was addressed with improved checks. This issue is fixed in watchOS 8, macOS Big Sur 11.6, Security Update 2021-005 Catalina, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for Windows. Processing a maliciously crafted image may lead to arbitrary code execution.

7.8CVSS7.7AI score0.00402EPSS

CVE•added 2021/10/28 7:15 p.m.•90 views

CVE-2021-30831

An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted font may result in the disclosure of process memory.

5.5CVSS5.6AI score0.00244EPSS

CVE•added 2021/10/19 2:15 p.m.•89 views

CVE-2021-30841

7.8CVSS7.7AI score0.0027EPSS

CVE•added 2021/10/19 2:15 p.m.•89 views

CVE-2021-30842

7.8CVSS7.7AI score0.0027EPSS

CVE•added 2021/10/28 7:15 p.m.•84 views

CVE-2021-30834

A logic issue was addressed with improved state management. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, watchOS 8, Security Update 2021-007 Catalina. Processing a malicious audio file may result in unexpected application termination or arbitrary code execution.

7.8CVSS7.8AI score0.00344EPSS

CVE•added 2021/10/28 7:15 p.m.•83 views

CVE-2021-30808

This issue was addressed with improved checks. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. A malicious application may be able to modify protected parts of the file system.

5.5CVSS5.5AI score0.00289EPSS

CVE•added 2021/10/28 7:15 p.m.•80 views

CVE-2021-30814

A memory corruption issue was addressed with improved input validation. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted image may lead to arbitrary code execution.

7.8CVSS8.1AI score0.00634EPSS

CVE•added 2021/10/19 2:15 p.m.•78 views

CVE-2021-30820

A logic issue was addressed with improved state management. This issue is fixed in iOS 14.8 and iPadOS 14.8. A remote attacker may be able to cause arbitrary code execution.

9.8CVSS8.6AI score0.02126EPSS

CVE•added 2021/10/19 2:15 p.m.•77 views

CVE-2021-30811

This issue was addressed with improved checks. This issue is fixed in iOS 15 and iPadOS 15, watchOS 8. A local attacker may be able to read sensitive information.

5.5CVSS5.5AI score0.00096EPSS

CVE•added 2021/10/19 2:15 p.m.•76 views

CVE-2021-30825

This issue was addressed with improved checks. This issue is fixed in iOS 15 and iPadOS 15. A local attacker may be able to cause unexpected application termination or arbitrary code execution.

7.8CVSS7.3AI score0.00073EPSS

CVE•added 2021/10/19 2:15 p.m.•75 views

CVE-2021-30837

A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 15 and iPadOS 15, watchOS 8, tvOS 15. An application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.6AI score0.00383EPSS

CVE•added 2021/10/19 2:15 p.m.•73 views

CVE-2021-30810

An authorization issue was addressed with improved state management. This issue is fixed in iOS 15 and iPadOS 15, watchOS 8, tvOS 15. An attacker in physical proximity may be able to force a user onto a malicious Wi-Fi network during device setup.

4.3CVSS4.4AI score0.00147EPSS

CVE•added 2021/10/19 2:15 p.m.•68 views

CVE-2021-30826

A logic issue was addressed with improved state management. This issue is fixed in iOS 15 and iPadOS 15. In certain situations, the baseband would fail to enable integrity and ciphering protection.

7.5CVSS6.9AI score0.00289EPSS

CVE•added 2021/10/28 7:15 p.m.•67 views

CVE-2021-30840

This issue was addressed with improved checks. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted dfont file may lead to arbitrary code execution.

7.8CVSS7.8AI score0.00376EPSS

CVE•added 2021/10/19 2:15 p.m.•66 views

CVE-2021-30819

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 15 and iPadOS 15. Processing a maliciously crafted USD file may disclose memory contents.

5.5CVSS5.8AI score0.00245EPSS

CVE•added 2021/10/19 2:15 p.m.•64 views

CVE-2021-30838

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 15 and iPadOS 15. A malicious application may be able to execute arbitrary code with system privileges on devices with an Apple Neural Engine.

9.3CVSS8AI score0.00235EPSS

CVE•added 2021/10/28 7:15 p.m.•61 views

CVE-2021-30816

The issue was addressed with improved permissions logic. This issue is fixed in iOS 15 and iPadOS 15. An attacker with physical access to a device may be able to see private contact information.

2.4CVSS3AI score0.00053EPSS

CVE•added 2021/10/28 7:15 p.m.•60 views

CVE-2020-9897

An out-of-bounds write was addressed with improved input validation. This issue is fixed in iOS 14.2 and iPadOS 14.2, macOS Big Sur 11.0.1. Processing a maliciously crafted PDF may lead to arbitrary code execution.

7.8CVSS7.7AI score0.00299EPSS

CVE•added 2021/10/19 2:15 p.m.•60 views

CVE-2021-30815

A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management. This issue is fixed in iOS 15 and iPadOS 15. A local attacker may be able to view contacts from the lock screen.

2.4CVSS3.1AI score0.00046EPSS