Product:

Iphone_os

(Apple)
Date Id Summary Products Score Patch Annotated
2021-10-28 CVE-2021-30808 This issue was addressed with improved checks. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. A malicious application may be able to modify protected parts of the file system. Ipados, Iphone_os, Macos, Tvos, Watchos 5.5
2021-10-28 CVE-2021-30809 A use after free issue was addressed with improved memory management. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to arbitrary code execution. Ipados, Iphone_os, Macos, Safari, Tvos, Watchos 8.8
2021-10-28 CVE-2021-30814 A memory corruption issue was addressed with improved input validation. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted image may lead to arbitrary code execution. Ipados, Iphone_os, Macos, Tvos, Watchos 7.8
2021-10-28 CVE-2021-30818 A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, Safari 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution. Ipados, Iphone_os, Macos, Safari, Tvos, Watchos 8.8
2021-10-28 CVE-2021-30831 An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted font may result in the disclosure of process memory. Ipados, Iphone_os, Macos, Tvos, Watchos 5.5
2021-10-28 CVE-2021-30836 An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted audio file may disclose restricted memory. Ipados, Iphone_os, Macos, Safari, Tvos, Watchos 5.5
2021-10-28 CVE-2021-30840 This issue was addressed with improved checks. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted dfont file may lead to arbitrary code execution. Ipados, Iphone_os, Macos, Tvos, Watchos 7.8
2008-09-12 CVE-2008-3529 Heap-based buffer overflow in the xmlParseAttValueComplex function in parser.c in libxml2 before 2.7.0 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a long XML entity name. Iphone_os, Mac_os_x, Safari, Ubuntu_linux, Debian_linux, Libxml2 N/A
2009-11-13 CVE-2009-2816 The implementation of Cross-Origin Resource Sharing (CORS) in WebKit, as used in Apple Safari before 4.0.4 and Google Chrome before 3.0.195.33, includes certain custom HTTP headers in the OPTIONS request during cross-origin operations with preflight, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via a crafted web page. Iphone_os, Safari, Fedora, Chrome, Opensuse N/A
2021-10-19 CVE-2021-30819 An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 15 and iPadOS 15. Processing a maliciously crafted USD file may disclose memory contents. Ipados, Iphone_os 5.5