) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- CPE Product Version: cpe:/o:apple:iphone_os:11.1.2
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2021-30841 |
This issue was addressed with improved checks. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, Security Update 2021-005 Catalina, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing a maliciously crafted dfont file may lead to arbitrary code execution. Published: October 19, 2021; 10:15:09 AM -0400 |
V3.1: 7.8 HIGH V2.0: 6.8 MEDIUM |
| CVE-2021-30838 |
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 15 and iPadOS 15. A malicious application may be able to execute arbitrary code with system privileges on devices with an Apple Neural Engine. Published: October 19, 2021; 10:15:09 AM -0400 |
V3.1: 7.8 HIGH V2.0: 9.3 HIGH |
| CVE-2021-30837 |
A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 15 and iPadOS 15, watchOS 8, tvOS 15. An application may be able to execute arbitrary code with kernel privileges. Published: October 19, 2021; 10:15:09 AM -0400 |
V3.1: 7.8 HIGH V2.0: 9.3 HIGH |
| CVE-2021-30835 |
This issue was addressed with improved checks. This issue is fixed in Security Update 2021-005 Catalina, iTunes 12.12 for Windows, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing a maliciously crafted image may lead to arbitrary code execution. Published: October 19, 2021; 10:15:09 AM -0400 |
V3.1: 7.8 HIGH V2.0: 6.8 MEDIUM |
| CVE-2021-30826 |
A logic issue was addressed with improved state management. This issue is fixed in iOS 15 and iPadOS 15. In certain situations, the baseband would fail to enable integrity and ciphering protection. Published: October 19, 2021; 10:15:08 AM -0400 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2021-30825 |
This issue was addressed with improved checks. This issue is fixed in iOS 15 and iPadOS 15. A local attacker may be able to cause unexpected application termination or arbitrary code execution. Published: October 19, 2021; 10:15:08 AM -0400 |
V3.1: 7.8 HIGH V2.0: 4.6 MEDIUM |
| CVE-2021-30820 |
A logic issue was addressed with improved state management. This issue is fixed in iOS 14.8 and iPadOS 14.8. A remote attacker may be able to cause arbitrary code execution. Published: October 19, 2021; 10:15:08 AM -0400 |
V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH |
| CVE-2021-30819 |
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 15 and iPadOS 15. Processing a maliciously crafted USD file may disclose memory contents. Published: October 19, 2021; 10:15:08 AM -0400 |
V3.1: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2021-30815 |
A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management. This issue is fixed in iOS 15 and iPadOS 15. A local attacker may be able to view contacts from the lock screen. Published: October 19, 2021; 10:15:08 AM -0400 |
V3.1: 2.4 LOW V2.0: 2.1 LOW |
| CVE-2021-30811 |
This issue was addressed with improved checks. This issue is fixed in iOS 15 and iPadOS 15, watchOS 8. A local attacker may be able to read sensitive information. Published: October 19, 2021; 10:15:08 AM -0400 |
V3.1: 5.5 MEDIUM V2.0: 2.1 LOW |
| CVE-2021-30810 |
An authorization issue was addressed with improved state management. This issue is fixed in iOS 15 and iPadOS 15, watchOS 8, tvOS 15. An attacker in physical proximity may be able to force a user onto a malicious Wi-Fi network during device setup. Published: October 19, 2021; 10:15:08 AM -0400 |
V3.1: 4.3 MEDIUM V2.0: 2.9 LOW |
| CVE-2021-30807 |
A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.5.1, iOS 14.7.1 and iPadOS 14.7.1, watchOS 7.6.1. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited. Published: October 19, 2021; 10:15:08 AM -0400 |
V3.1: 7.8 HIGH V2.0: 9.3 HIGH |
| CVE-2021-30715 |
A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. Processing a maliciously crafted message may lead to a denial of service. Published: September 08, 2021; 11:15:15 AM -0400 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2021-30714 |
A race condition was addressed with improved state handling. This issue is fixed in iOS 14.6 and iPadOS 14.6. An application may be able to cause unexpected system termination or write kernel memory. Published: September 08, 2021; 11:15:15 AM -0400 |
V3.1: 6.3 MEDIUM V2.0: 4.0 MEDIUM |
| CVE-2021-30710 |
A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 14.6, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. A malicious application may cause a denial of service or potentially disclose memory contents. Published: September 08, 2021; 11:15:15 AM -0400 |
V3.1: 7.1 HIGH V2.0: 5.8 MEDIUM |
| CVE-2021-30709 |
This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted USD file may disclose memory contents. Published: September 08, 2021; 11:15:15 AM -0400 |
V3.1: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2021-30708 |
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution. Published: September 08, 2021; 11:15:15 AM -0400 |
V3.1: 7.8 HIGH V2.0: 6.8 MEDIUM |
| CVE-2021-30707 |
This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.4, tvOS 14.6, watchOS 7.5, iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted audio file may lead to arbitrary code execution. Published: September 08, 2021; 11:15:15 AM -0400 |
V3.1: 8.8 HIGH V2.0: 6.8 MEDIUM |
| CVE-2021-30706 |
Processing a maliciously crafted image may lead to disclosure of user information. This issue is fixed in macOS Big Sur 11.4, tvOS 14.6, watchOS 7.5, iOS 14.6 and iPadOS 14.6. This issue was addressed with improved checks. Published: September 08, 2021; 11:15:15 AM -0400 |
V3.1: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2021-30705 |
This issue was addressed with improved checks. This issue is fixed in tvOS 14.6, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. Processing a maliciously crafted ASTC file may disclose memory contents. Published: September 08, 2021; 11:15:15 AM -0400 |
V3.1: 5.5 MEDIUM V2.0: 4.3 MEDIUM |