Apple

iPadOS

1714 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2021-30867

  • EPSS 0.17%
  • Veröffentlicht 24.08.2021 19:15:14
  • Zuletzt bearbeitet 21.11.2024 06:04:52

The issue was addressed with improved authentication. This issue is fixed in iOS 15 and iPadOS 15. A malicious application may be able to access photo metadata without needing permission to access photos.

8.8

CVE-2021-30851

  • EPSS 0.71%
  • Veröffentlicht 24.08.2021 19:15:13
  • Zuletzt bearbeitet 21.11.2024 06:04:50

A memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution.

8.8

CVE-2021-30852

  • EPSS 0.71%
  • Veröffentlicht 24.08.2021 19:15:13
  • Zuletzt bearbeitet 21.11.2024 06:04:50

A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to arbitrary code execution.

8.6

CVE-2021-30854

  • EPSS 0.28%
  • Veröffentlicht 24.08.2021 19:15:13
  • Zuletzt bearbeitet 21.11.2024 06:04:50

A logic issue was addressed with improved state management. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. A sandboxed process may be able to circumvent sandbox restrictions.

6.5

CVE-2021-36976

  • EPSS 0.1%
  • Veröffentlicht 20.07.2021 07:15:07
  • Zuletzt bearbeitet 03.11.2025 22:15:49

libarchive 3.4.1 through 3.5.1 has a use-after-free in copy_string (called from do_uncompress_block and process_block).

9.8

CVE-2020-36328

  • EPSS 0.53%
  • Veröffentlicht 21.05.2021 17:15:08
  • Zuletzt bearbeitet 21.11.2024 05:29:17

A flaw was found in libwebp in versions before 1.0.1. A heap-based buffer overflow in function WebPDecodeRGBInto is possible due to an invalid check for buffer size. The highest threat from this vulnerability is to data confidentiality and integrity ...

9.8

CVE-2020-36329

  • EPSS 0.5%
  • Veröffentlicht 21.05.2021 17:15:08
  • Zuletzt bearbeitet 21.11.2024 05:29:17

A flaw was found in libwebp in versions before 1.0.1. A use-after-free was found due to a thread being killed too early. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

9.1

CVE-2020-36330

  • EPSS 0.16%
  • Veröffentlicht 21.05.2021 17:15:08
  • Zuletzt bearbeitet 21.11.2024 05:29:18

A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ChunkVerifyAndAssign. The highest threat from this vulnerability is to data confidentiality and to the service availability.

9.1

CVE-2020-36331

  • EPSS 0.19%
  • Veröffentlicht 21.05.2021 17:15:08
  • Zuletzt bearbeitet 21.11.2024 05:29:18

A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ChunkAssignData. The highest threat from this vulnerability is to data confidentiality and to the service availability.

8.8

CVE-2021-1844

  • EPSS 1.09%
  • Veröffentlicht 02.04.2021 19:15:20
  • Zuletzt bearbeitet 21.11.2024 05:45:13

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and iPadOS 14.4.1, Safari 14.0.3 (v. 14610.4.3.1.7 and 15610.4.3.1.7), watchOS 7.3.2, macOS Big Sur 11.2.3. Processing maliciously crafted web content...