Total
34640 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-30969 | 1 Apple | 2 Mac Os X, Macos | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
A path handling issue was addressed with improved validation. This issue is fixed in Security Update 2021-008 Catalina, macOS Big Sur 11.6.2. Processing a maliciously crafted URL may cause unexpected JavaScript execution from a file on disk.
|
|||||
| CVE-2021-30967 | 1 Apple | 2 Ipados, Iphone Os | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
Description: A permissions issue was addressed with improved validation. This issue is fixed in iOS 15.2 and iPadOS 15.2. A local attacker may be able to read sensitive information.
|
|||||
| CVE-2021-30966 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, tvOS 15.2. User traffic might unexpectedly be leaked to a proxy server despite PAC configurations.
|
|||||
| CVE-2021-30965 | 1 Apple | 2 Mac Os X, Macos | 2024-11-21 | 7.1 HIGH | 6.5 MEDIUM |
|
A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.1, Security Update 2021-008 Catalina, macOS Big Sur 11.6.2. A malicious application may be able to cause a denial of service to Endpoint Security clients.
|
|||||
| CVE-2021-30956 | 1 Apple | 2 Ipados, Iphone Os | 2024-11-21 | 2.1 LOW | 2.4 LOW |
|
A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management. This issue is fixed in iOS 15.2 and iPadOS 15.2. An attacker with physical access to a device may be able to see private contact information.
|
|||||
| CVE-2021-30950 | 1 Apple | 2 Mac Os X, Macos | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.1, Security Update 2021-008 Catalina, macOS Big Sur 11.6.2. A malicious application may bypass Gatekeeper checks.
|
|||||
| CVE-2021-30946 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, macOS Big Sur 11.6.2. A malicious application may be able to bypass certain Privacy preferences.
|
|||||
| CVE-2021-30945 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. A local attacker may be able to elevate their privileges.
|
|||||
| CVE-2021-30944 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
Description: A logic issue was addressed with improved state management. This issue is fixed in iOS 15.2 and iPadOS 15.2, watchOS 8.3, macOS Monterey 12.1, tvOS 15.2. A malicious app may be able to access data from other apps by enabling additional logging.
|
|||||
| CVE-2021-30938 | 1 Apple | 2 Mac Os X, Macos | 2024-11-21 | 6.6 MEDIUM | 7.7 HIGH |
|
This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.1, Security Update 2021-008 Catalina, macOS Big Sur 11.6.2. A local user may be able to cause unexpected system termination or read kernel memory.
|
|||||
| CVE-2021-30935 | 1 Apple | 2 Mac Os X, Macos | 2024-11-21 | 8.3 HIGH | 8.8 HIGH |
|
A logic issue was addressed with improved validation. This issue is fixed in Security Update 2021-008 Catalina, macOS Big Sur 11.6.2. An application may be able to execute arbitrary code with kernel privileges.
|
|||||
| CVE-2021-30932 | 1 Apple | 2 Ipados, Iphone Os | 2024-11-21 | 2.1 LOW | 4.6 MEDIUM |
|
The issue was addressed with improved permissions logic. This issue is fixed in iOS 15.2 and iPadOS 15.2. A person with physical access to an iOS device may be able to access contacts from the lock screen.
|
|||||
| CVE-2021-30931 | 1 Apple | 2 Mac Os X, Macos | 2024-11-21 | 7.1 HIGH | 5.5 MEDIUM |
|
A logic issue was addressed with improved validation. This issue is fixed in macOS Monterey 12.0.1, macOS Big Sur 11.6.2, Security Update 2021-008 Catalina. A malicious application may be able to disclose kernel memory.
|
|||||
| CVE-2021-30930 | 1 Apple | 1 Macos | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1. An attacker may be able to track users through their IP address.
|
|||||
| CVE-2021-30924 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
|
A denial of service issue was addressed with improved state handling. This issue is fixed in macOS Monterey 12.0.1. A remote attacker can cause a device to unexpectedly restart.
|
|||||
| CVE-2021-30918 | 1 Apple | 4 Ipad Os, Ipados, Iphone Os and 1 more | 2024-11-21 | 2.1 LOW | 2.4 LOW |
|
A Lock Screen issue was addressed with improved state management. This issue is fixed in iOS 14.8.1 and iPadOS 14.8.1, iOS 15.0.1 and iPadOS 15.0.1. A user may be able to view restricted content from the Lock Screen.
|
|||||
| CVE-2021-30915 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2024-11-21 | 2.1 LOW | 2.4 LOW |
|
A logic issue was addressed with improved state management. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, tvOS 15.1, watchOS 8.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. A person with physical access to an iOS device may be able to determine characteristics of a user's password in a secure text entry field.
|
|||||
| CVE-2021-30913 | 1 Apple | 2 Mac Os X, Macos | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
The issue was addressed with improved permissions logic. This issue is fixed in macOS Monterey 12.0.1, macOS Big Sur 11.6.1. An unprivileged application may be able to edit NVRAM variables.
|
|||||
| CVE-2021-30908 | 1 Apple | 1 Macos | 2024-11-21 | 1.9 LOW | 3.3 LOW |
|
An authentication issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1, macOS Big Sur 11.6.1. A local attacker may be able to view the previous logged-in user’s desktop from the fast user switching screen.
|
|||||
| CVE-2021-30906 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
This issue was addressed with improved checks. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, tvOS 15.1, watchOS 8.1, macOS Big Sur 11.6.1. A local attacker may be able to elevate their privileges.
|
|||||
| CVE-2021-30903 | 1 Apple | 7 Ipad Os, Ipados, Iphone Os and 4 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
This issue was addressed with improved checks. This issue is fixed in iOS 14.8.1 and iPadOS 14.8.1, iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1. A local attacker may be able to cause unexpected application termination or arbitrary code execution.
|
|||||
| CVE-2021-30898 | 1 Apple | 2 Ipados, Iphone Os | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
An access issue was addressed with additional sandbox restrictions on third party applications. This issue is fixed in iOS 15 and iPadOS 15. A malicious application may be able to access some of the user's Apple ID information, or recent in-app search terms.
|
|||||
| CVE-2021-30897 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
An issue existed in the specification for the resource timing API. The specification was updated and the updated specification was implemented. This issue is fixed in macOS Monterey 12.0.1. A malicious website may exfiltrate data cross-origin.
|
|||||
| CVE-2021-30896 | 1 Apple | 5 Ipad Os, Iphone Os, Macos and 2 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 15.0.2 and iPadOS 15.0.2, tvOS 15.1, watchOS 8.1, macOS Monterey 12.0.1. A malicious application may be able to read user's gameplay data.
|
|||||
| CVE-2021-30895 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 15.0.2 and iPadOS 15.0.2, tvOS 15.1, watchOS 8.1, macOS Monterey 12.0.1. A malicious application may be able to access information about a user's contacts.
|
|||||
| CVE-2021-30887 | 3 Apple, Debian, Fedoraproject | 7 Ipados, Iphone Os, Macos and 4 more | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to unexpectedly unenforced Content Security Policy.
|
|||||
| CVE-2021-30884 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2024-11-21 | 4.3 MEDIUM | 4.7 MEDIUM |
|
The issue was resolved with additional restrictions on CSS compositing. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Visiting a maliciously crafted website may reveal a user's browsing history.
|
|||||
| CVE-2021-30882 | 1 Apple | 3 Ipados, Iphone Os, Watchos | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
A logic issue was addressed with improved validation. This issue is fixed in watchOS 8, iOS 15 and iPadOS 15. An application with microphone permission may unexpectedly access microphone input during a FaceTime call.
|
|||||
| CVE-2021-30875 | 1 Apple | 2 Ipados, Iphone Os | 2024-11-21 | 2.1 LOW | 3.3 LOW |
|
A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management. This issue is fixed in iOS 15.1 and iPadOS 15.1. A local attacker may be able to view contacts from the lock screen.
|
|||||
| CVE-2021-30873 | 1 Apple | 2 Mac Os X, Macos | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1. A malicious application may be able to elevate privileges.
|
|||||
| CVE-2021-30871 | 1 Apple | 3 Iphone Os, Macos, Watchos | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
This issue was addressed with a new entitlement. This issue is fixed in iOS 14.7, watchOS 7.6, macOS Big Sur 11.5. A local attacker may be able to access analytics data.
|
|||||
| CVE-2021-30870 | 1 Apple | 2 Ipados, Iphone Os | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
A logic issue existed in the handling of document loads. This issue was addressed with improved state management. This issue is fixed in iOS 15 and iPadOS 15. Previewing an html file attached to a note may unexpectedly contact remote servers.
|
|||||
| CVE-2021-30866 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
|
A user privacy issue was addressed by removing the broadcast MAC address. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. A device may be passively tracked by its WiFi MAC address.
|
|||||
| CVE-2021-30864 | 1 Apple | 1 Macos | 2024-11-21 | 5.0 MEDIUM | 8.6 HIGH |
|
A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1. A sandboxed process may be able to circumvent sandbox restrictions.
|
|||||
| CVE-2021-30863 | 1 Apple | 2 Ipados, Iphone Os | 2024-11-21 | 4.6 MEDIUM | 6.8 MEDIUM |
|
This issue was addressed by improving Face ID anti-spoofing models. This issue is fixed in iOS 15 and iPadOS 15. A 3D model constructed to look like the enrolled user may be able to authenticate via Face ID.
|
|||||
| CVE-2021-30861 | 1 Apple | 2 Macos, Safari | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1. A malicious application may bypass Gatekeeper checks.
|
|||||
| CVE-2021-30854 | 1 Apple | 4 Ipados, Iphone Os, Tvos and 1 more | 2024-11-21 | 5.0 MEDIUM | 8.6 HIGH |
|
A logic issue was addressed with improved state management. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. A sandboxed process may be able to circumvent sandbox restrictions.
|
|||||
| CVE-2021-30847 | 1 Apple | 7 Ipados, Iphone Os, Itunes and 4 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
This issue was addressed with improved checks. This issue is fixed in watchOS 8, macOS Big Sur 11.6, Security Update 2021-005 Catalina, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for Windows. Processing a maliciously crafted image may lead to arbitrary code execution.
|
|||||
| CVE-2021-30843 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
This issue was addressed with improved checks. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, Security Update 2021-005 Catalina, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing a maliciously crafted dfont file may lead to arbitrary code execution.
|
|||||
| CVE-2021-30842 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
This issue was addressed with improved checks. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, Security Update 2021-005 Catalina, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing a maliciously crafted dfont file may lead to arbitrary code execution.
|
|||||