We would like to acknowledge Fabian Ising and Damian Poddebniak of Münster University of Applied Sciences for their assistance. We would like to acknowledge Ryan Pickren () for their assistance. Impact: Processing maliciously crafted web content may lead to universal cross site scriptingĬVE-2021-30890: an anonymous researcher Additional recognition Impact: Processing maliciously crafted web content may lead to arbitrary code executionĭescription: A buffer overflow issue was addressed with improved memory handling.ĬVE-2021-30889: Chijin Zhou of ShuiMuYuLin Ltd and Tsinghua wingtecher lab Impact: A malicious website using Content Security Policy reports may be able to leak information via redirect behaviorĭescription: An information leakage issue was addressed.ĬVE-2021-30888: Prakash for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing maliciously crafted web content may lead to unexpectedly unenforced Content Security Policyĭescription: A logic issue was addressed with improved restrictions.ĬVE-2021-30887: Narendra Bhati of Suma Soft Pvt. Impact: A person with physical access to a device may be able to determine characteristics of a user's password in a secure text entry fieldĭescription: A logic issue was addressed with improved state management.ĬVE-2021-30902: 08Tc3wBB of ZecOps Mobile EDR Team ![]() This issue was addressed with improved state management.ĬVE-2021-30875: Abhay Kailasia of Lakshmi Narain College of Technology Impact: A local attacker may be able to view contacts from the lock screenĭescription: A lock screen issue allowed access to contacts on a locked device. Impact: Processing a maliciously crafted USD file may disclose memory contentsĬVE-2021-30911: Rui Yang and Xingwei Lin of Ant Security Light-Year Lab ![]() Impact: A remote attacker can cause a device to unexpectedly restartĭescription: A denial of service issue was addressed with improved state handling.ĬVE-2021-30924: Elaman Iskakov of Effective and Alexey Katkov added January 19, 2022ĭescription: A use after free issue was addressed with improved memory management.ĬVE-2021-30886: for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)ĭescription: A memory corruption issue was addressed with improved memory handling.ĬVE-2021-30910: Mickey Jin of Trend Micro Impact: A local attacker may be able to elevate their privilegesĭescription: This issue was addressed with improved checks.ĬVE-2021-30894: Pan ZhenPeng of Alibaba Security Pandora Lab Impact: An application may be able to execute arbitrary code with kernel privilegesĭescription: A memory corruption issue was addressed with improved input validation.ĬVE-2021-30914: Zuozhi Fan of Ant Security TianQiong Lab Impact: A malicious application may be able to execute arbitrary code with kernel privilegesĭescription: An out-of-bounds write issue was addressed with improved bounds checking.ĬVE-2021-30900: Yinyi Wu of Ant Security Light-Year Lab Impact: A malicious application may be able to bypass Privacy preferencesĭescription: A permissions issue was addressed with improved validation.ĬVE-2021-31007: Csaba Fitzl of Offensive Security Impact: Processing a maliciously crafted PDF may lead to arbitrary code executionĭescription: An out-of-bounds write was addressed with improved input validation. Impact: Processing a maliciously crafted file may disclose user informationĭescription: An out-of-bounds read was addressed with improved bounds checking.ĬVE-2021-30905: Mickey Jin of Trend Micro Impact: A local attacker may be able to cause unexpected application termination or arbitrary code executionĭescription: An uncontrolled format string issue was addressed with improved input validation.ĬVE-2021-30903: Gongyu Ma of Hangzhou Dianzi University This issue was addressed with improved input validation.ĬVE-2021-30917: Alexandru-Vlad Niculae and Mateusz Jurczyk of Google Project Zero Impact: Processing a maliciously crafted image may lead to arbitrary code executionĭescription: A memory corruption issue existed in the processing of ICC profiles. ![]() ![]() Impact: A malicious application may be able to elevate privilegesĭescription: An integer overflow was addressed through improved input validation. Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |