iOS and iPadOS
by Apple Inc.
CVEs (919)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-30867 | 0.00 | — | 0.01 | Aug 24, 2021 | The issue was addressed with improved authentication. This issue is fixed in iOS 15 and iPadOS 15. A malicious application may be able to access photo metadata without needing permission to access photos. | |||
| CVE-2021-30866 | 0.00 | — | 0.01 | Aug 24, 2021 | A user privacy issue was addressed by removing the broadcast MAC address. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. A device may be passively tracked by its WiFi MAC address. | |||
| CVE-2021-30863 | 0.00 | — | 0.00 | Aug 24, 2021 | This issue was addressed by improving Face ID anti-spoofing models. This issue is fixed in iOS 15 and iPadOS 15. A 3D model constructed to look like the enrolled user may be able to authenticate via Face ID. | |||
| CVE-2021-30854 | 0.00 | — | 0.01 | Aug 24, 2021 | A logic issue was addressed with improved state management. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. A sandboxed process may be able to circumvent sandbox restrictions. | |||
| CVE-2021-30852 | 0.00 | — | 0.01 | Aug 24, 2021 | A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to arbitrary code execution. | |||
| CVE-2021-30851 | 0.00 | — | 0.02 | Aug 24, 2021 | A memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution. | |||
| CVE-2021-1753 | 0.00 | — | 0.01 | Apr 2, 2021 | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted image may lead to arbitrary code execution. | |||
| CVE-2021-1761 | 0.00 | — | 0.02 | Apr 2, 2021 | This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause a denial of service. | |||
| CVE-2021-1818 | 0.00 | — | 0.03 | Apr 2, 2021 | A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause unexpected… | |||
| CVE-2021-1801 | 0.00 | — | 0.02 | Apr 2, 2021 | This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Maliciously crafted web content may violate iframe… | |||
| CVE-2021-1799 | 0.00 | — | 0.02 | Apr 2, 2021 | A port redirection issue was addressed with additional port validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. A malicious website may be able… | |||
| CVE-2021-1797 | 0.00 | — | 0.00 | Apr 2, 2021 | The issue was addressed with improved permissions logic. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A local user may be able to read arbitrary files. | |||
| CVE-2021-1796 | 0.00 | — | 0.02 | Apr 2, 2021 | An out-of-bounds write was addressed with improved input validation. This issue is fixed in iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution. | |||
| CVE-2021-1793 | 0.00 | — | 0.01 | Apr 2, 2021 | This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted image may lead to arbitrary code… | |||
| CVE-2021-1795 | 0.00 | — | 0.02 | Apr 2, 2021 | An out-of-bounds write was addressed with improved input validation. This issue is fixed in iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution. | |||
| CVE-2021-1794 | 0.00 | — | 0.02 | Apr 2, 2021 | An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution. | |||
| CVE-2021-1791 | 0.00 | — | 0.01 | Apr 2, 2021 | An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and… | |||
| CVE-2021-1792 | 0.00 | — | 0.02 | Apr 2, 2021 | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary… | |||
| CVE-2021-1788 | 0.00 | — | 0.02 | Apr 2, 2021 | A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted… | |||
| CVE-2021-1787 | 0.00 | — | 0.00 | Apr 2, 2021 | Multiple issues were addressed with improved logic. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A local attacker may be able to elevate their privileges. |
- CVE-2021-30867Aug 24, 2021risk 0.00cvss —epss 0.01
The issue was addressed with improved authentication. This issue is fixed in iOS 15 and iPadOS 15. A malicious application may be able to access photo metadata without needing permission to access photos.
- CVE-2021-30866Aug 24, 2021risk 0.00cvss —epss 0.01
A user privacy issue was addressed by removing the broadcast MAC address. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. A device may be passively tracked by its WiFi MAC address.
- CVE-2021-30863Aug 24, 2021risk 0.00cvss —epss 0.00
This issue was addressed by improving Face ID anti-spoofing models. This issue is fixed in iOS 15 and iPadOS 15. A 3D model constructed to look like the enrolled user may be able to authenticate via Face ID.
- CVE-2021-30854Aug 24, 2021risk 0.00cvss —epss 0.01
A logic issue was addressed with improved state management. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. A sandboxed process may be able to circumvent sandbox restrictions.
- CVE-2021-30852Aug 24, 2021risk 0.00cvss —epss 0.01
A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to arbitrary code execution.
- CVE-2021-30851Aug 24, 2021risk 0.00cvss —epss 0.02
A memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution.
- CVE-2021-1753Apr 2, 2021risk 0.00cvss —epss 0.01
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted image may lead to arbitrary code execution.
- CVE-2021-1761Apr 2, 2021risk 0.00cvss —epss 0.02
This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause a denial of service.
- CVE-2021-1818Apr 2, 2021risk 0.00cvss —epss 0.03
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause unexpected…
- CVE-2021-1801Apr 2, 2021risk 0.00cvss —epss 0.02
This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Maliciously crafted web content may violate iframe…
- CVE-2021-1799Apr 2, 2021risk 0.00cvss —epss 0.02
A port redirection issue was addressed with additional port validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. A malicious website may be able…
- CVE-2021-1797Apr 2, 2021risk 0.00cvss —epss 0.00
The issue was addressed with improved permissions logic. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A local user may be able to read arbitrary files.
- CVE-2021-1796Apr 2, 2021risk 0.00cvss —epss 0.02
An out-of-bounds write was addressed with improved input validation. This issue is fixed in iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution.
- CVE-2021-1793Apr 2, 2021risk 0.00cvss —epss 0.01
This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted image may lead to arbitrary code…
- CVE-2021-1795Apr 2, 2021risk 0.00cvss —epss 0.02
An out-of-bounds write was addressed with improved input validation. This issue is fixed in iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution.
- CVE-2021-1794Apr 2, 2021risk 0.00cvss —epss 0.02
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution.
- CVE-2021-1791Apr 2, 2021risk 0.00cvss —epss 0.01
An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and…
- CVE-2021-1792Apr 2, 2021risk 0.00cvss —epss 0.02
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary…
- CVE-2021-1788Apr 2, 2021risk 0.00cvss —epss 0.02
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted…
- CVE-2021-1787Apr 2, 2021risk 0.00cvss —epss 0.00
Multiple issues were addressed with improved logic. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A local attacker may be able to elevate their privileges.
Page 39 of 46