2021-10-28
|
CVE-2021-30840
|
This issue was addressed with improved checks. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted dfont file may lead to arbitrary code execution.
|
Ipados, Iphone_os, Macos, Tvos, Watchos
|
7.8
|
|
|
2021-10-19
|
CVE-2021-30841
|
This issue was addressed with improved checks. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, Security Update 2021-005 Catalina, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing a maliciously crafted dfont file may lead to arbitrary code execution.
|
Ipados, Iphone_os, Mac_os_x, Macos, Tvos, Watchos
|
7.8
|
|
|
2021-10-19
|
CVE-2021-30842
|
This issue was addressed with improved checks. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, Security Update 2021-005 Catalina, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing a maliciously crafted dfont file may lead to arbitrary code execution.
|
Ipados, Iphone_os, Mac_os_x, Macos, Tvos, Watchos
|
7.8
|
|
|
2021-10-19
|
CVE-2021-30843
|
This issue was addressed with improved checks. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, Security Update 2021-005 Catalina, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing a maliciously crafted dfont file may lead to arbitrary code execution.
|
Ipados, Iphone_os, Mac_os_x, Macos, Tvos, Watchos
|
7.8
|
|
|
2019-08-14
|
CVE-2019-9506
|
The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing.
|
Iphone_os, Mac_os_x, Tvos, Watchos, Ubuntu_linux, Debian_linux, Android, Alp\-Al00b_firmware, Ares\-Al00b_firmware, Ares\-Al10d_firmware, Ares\-Tl00c_firmware, Asoka\-Al00ax_firmware, Atomu\-L33_firmware, Atomu\-L41_firmware, Atomu\-L42_firmware, Barca\-Al00_firmware, Berkeley\-Al20_firmware, Berkeley\-L09_firmware, Berkeley\-Tl10_firmware, Bla\-Al00b_firmware, Bla\-L29c_firmware, Bla\-Tl00b_firmware, Cairogo\-L22_firmware, Charlotte\-L29c_firmware, Columbia\-Al10b_firmware, Columbia\-Al10i_firmware, Columbia\-L29d_firmware, Columbia\-Tl00d_firmware, Cornell\-Al00a_firmware, Cornell\-Al00i_firmware, Cornell\-Al00ind_firmware, Cornell\-Al10ind_firmware, Cornell\-L29a_firmware, Cornell\-Tl10b_firmware, Dubai\-Al00a_firmware, Dura\-Al00a_firmware, Dura\-Tl00a_firmware, Emily\-L29c_firmware, Ever\-L29b_firmware, Figo\-L23_firmware, Figo\-L31_firmware, Figo\-Tl10b_firmware, Florida\-Al20b_firmware, Florida\-L21_firmware, Florida\-L22_firmware, Florida\-L23_firmware, Florida\-Tl10b_firmware, Harry\-Al00c_firmware, Harry\-Al10b_firmware, Harry\-Tl00c_firmware, Hima\-L29c_firmware, Honor_10_lite_firmware, Honor_20_firmware, Honor_20_pro_firmware, Honor_8a_firmware, Honor_8x_firmware, Honor_view_10_firmware, Honor_view_20_firmware, Imanager_neteco_6000_firmware, Imanager_neteco_firmware, Jakarta\-Al00a_firmware, Johnson\-Tl00d_firmware, Johnson\-Tl00f_firmware, Katyusha\-Al00a_firmware, Laya\-Al00ep_firmware, Leland\-L21a_firmware, Leland\-L31a_firmware, Leland\-L32a_firmware, Leland\-L32c_firmware, Leland\-L42a_firmware, Leland\-L42c_firmware, Leland\-Tl10b_firmware, Leland\-Tl10c_firmware, Lelandp\-Al00c_firmware, Lelandp\-Al10b_firmware, Lelandp\-Al10d_firmware, Lelandp\-L22a_firmware, Lelandp\-L22c_firmware, Lelandp\-L22d_firmware, London\-Al40ind_firmware, Madrid\-Al00a_firmware, Madrid\-Tl00a_firmware, Mate_20_firmware, Mate_20_pro_firmware, Mate_20_x_firmware, Neo\-Al00d_firmware, Nova_3_firmware, Nova_4_firmware, Nova_5_firmware, Nova_5i_pro_firmware, Nova_lite_3_firmware, P20_firmware, P20_pro_firmware, P30_firmware, P30_pro_firmware, P_smart_2019_firmware, P_smart_firmware, Paris\-Al00ic_firmware, Paris\-L21b_firmware, Paris\-L21meb_firmware, Paris\-L29b_firmware, Potter\-Al00c_firmware, Potter\-Al10a_firmware, Princeton\-Al10b_firmware, Princeton\-Al10d_firmware, Princeton\-Tl10c_firmware, Sydney\-Al00_firmware, Sydney\-L21_firmware, Sydney\-L21br_firmware, Sydney\-L22_firmware, Sydney\-L22br_firmware, Sydney\-Tl00_firmware, Sydneym\-Al00_firmware, Sydneym\-L01_firmware, Sydneym\-L03_firmware, Sydneym\-L21_firmware, Sydneym\-L22_firmware, Sydneym\-L23_firmware, Tony\-Al00b_firmware, Tony\-Tl00b_firmware, Y5_2018_firmware, Y5_lite_firmware, Y6_2019_firmware, Y6_prime_2018_firmware, Y6_pro_2019_firmware, Y7_2019_firmware, Y9_2019_firmware, Yale\-Al00a_firmware, Yale\-Al50a_firmware, Yale\-L21a_firmware, Yale\-L61c_firmware, Yale\-Tl00b_firmware, Yalep\-Al10b_firmware, Leap, Enterprise_linux, Enterprise_linux_aus, Enterprise_linux_eus, Enterprise_linux_for_real_time, Enterprise_linux_for_real_time_eus, Enterprise_linux_for_real_time_for_nfv, Enterprise_linux_for_real_time_for_nfv_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_tus, Mrg_realtime, Virtualization_host_eus
|
8.1
|
|
|
2021-09-08
|
CVE-2021-30677
|
This issue was addressed with improved environment sanitization. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to break out of its sandbox.
|
Ipados, Iphone_os, Mac_os_x, Macos, Tvos, Watchos
|
8.8
|
|
|
2021-10-19
|
CVE-2021-30810
|
An authorization issue was addressed with improved state management. This issue is fixed in iOS 15 and iPadOS 15, watchOS 8, tvOS 15. An attacker in physical proximity may be able to force a user onto a malicious Wi-Fi network during device setup.
|
Ipados, Iphone_os, Tvos, Watchos
|
4.3
|
|
|
2021-10-28
|
CVE-2021-1821
|
A logic issue was addressed with improved state management. This issue is fixed in watchOS 7.6, macOS Big Sur 11.5. Visiting a maliciously crafted webpage may lead to a system denial of service.
|
Macos, Watchos
|
6.5
|
|
|
2021-09-08
|
CVE-2021-1814
|
This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.3, watchOS 7.4. Processing a maliciously crafted image may lead to arbitrary code execution.
|
Macos, Watchos
|
7.8
|
|
|
2021-09-08
|
CVE-2021-1816
|
A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. A malicious application may be able to execute arbitrary code with kernel privileges.
|
Ipados, Iphone_os, Tvos, Watchos
|
7.8
|
|
|