Apple

iPadOS

1635 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2021-30866

  • EPSS 0.1%
  • Published 24.08.2021 19:15:14
  • Last modified 21.11.2024 06:04:52

A user privacy issue was addressed by removing the broadcast MAC address. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. A device may be passively tracked by its WiFi MAC address.

5.5

CVE-2021-30867

  • EPSS 0.17%
  • Published 24.08.2021 19:15:14
  • Last modified 21.11.2024 06:04:52

The issue was addressed with improved authentication. This issue is fixed in iOS 15 and iPadOS 15. A malicious application may be able to access photo metadata without needing permission to access photos.

8.8

CVE-2021-30851

  • EPSS 0.77%
  • Published 24.08.2021 19:15:13
  • Last modified 21.11.2024 06:04:50

A memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution.

8.8

CVE-2021-30852

  • EPSS 0.71%
  • Published 24.08.2021 19:15:13
  • Last modified 21.11.2024 06:04:50

A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to arbitrary code execution.

8.6

CVE-2021-30854

  • EPSS 0.28%
  • Published 24.08.2021 19:15:13
  • Last modified 21.11.2024 06:04:50

A logic issue was addressed with improved state management. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. A sandboxed process may be able to circumvent sandbox restrictions.

6.5

CVE-2021-36976

  • EPSS 0.11%
  • Published 20.07.2021 07:15:07
  • Last modified 21.11.2024 06:14:25

libarchive 3.4.1 through 3.5.1 has a use-after-free in copy_string (called from do_uncompress_block and process_block).

9.8

CVE-2020-36328

  • EPSS 0.57%
  • Published 21.05.2021 17:15:08
  • Last modified 21.11.2024 05:29:17

A flaw was found in libwebp in versions before 1.0.1. A heap-based buffer overflow in function WebPDecodeRGBInto is possible due to an invalid check for buffer size. The highest threat from this vulnerability is to data confidentiality and integrity ...

9.8

CVE-2020-36329

  • EPSS 0.55%
  • Published 21.05.2021 17:15:08
  • Last modified 21.11.2024 05:29:17

A flaw was found in libwebp in versions before 1.0.1. A use-after-free was found due to a thread being killed too early. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

9.1

CVE-2020-36330

  • EPSS 0.16%
  • Published 21.05.2021 17:15:08
  • Last modified 21.11.2024 05:29:18

A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ChunkVerifyAndAssign. The highest threat from this vulnerability is to data confidentiality and to the service availability.

9.1

CVE-2020-36331

  • EPSS 0.19%
  • Published 21.05.2021 17:15:08
  • Last modified 21.11.2024 05:29:18

A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ChunkAssignData. The highest threat from this vulnerability is to data confidentiality and to the service availability.