Apple Ios 14.4 And Ipados vulnerabilities

CVE-2021-1753 [HIGH] CVE-2021-1753: iOS 14.4 and iPadOS 14.4 Apple Security Update: About the security content of iOS 14.4 and iPadOS 14.4 Product: iOS 14.4 and iPadOS Version: 14.4 CVE: CVE-2021-1753 Component: Model I/O Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved bounds checking.

CVE-2021-1781 [MEDIUM] CVE-2021-1781: iOS 14.4 and iPadOS 14.4 Apple Security Update: About the security content of iOS 14.4 and iPadOS 14.4 Product: iOS 14.4 and iPadOS Version: 14.4 CVE: CVE-2021-1781 Component: Messages Impact: A malicious application may be able to leak sensitive user information Description: A privacy issue existed in the handling of Contact cards. This was addressed with improved state management.

CVE-2021-1801 [MEDIUM] CVE-2021-1801: iOS 14.4 and iPadOS 14.4 Apple Security Update: About the security content of iOS 14.4 and iPadOS 14.4 Product: iOS 14.4 and iPadOS Version: 14.4 CVE: CVE-2021-1801 Component: WebKit Impact: Maliciously crafted web content may violate iframe sandboxing policy Description: This issue was addressed with improved iframe sandbox enforcement.

CVE-2021-1786 [MEDIUM] CVE-2021-1786: iOS 14.4 and iPadOS 14.4 Apple Security Update: About the security content of iOS 14.4 and iPadOS 14.4 Product: iOS 14.4 and iPadOS Version: 14.4 CVE: CVE-2021-1786 Component: Crash Reporter Impact: A local user may be able to create or modify system files Description: A logic issue was addressed with improved state management.

CVE-2021-1760 [MEDIUM] CVE-2021-1760: iOS 14.4 and iPadOS 14.4 Apple Security Update: About the security content of iOS 14.4 and iPadOS 14.4 Product: iOS 14.4 and iPadOS Version: 14.4 CVE: CVE-2021-1760 Component: CoreAnimation Impact: A malicious application could execute arbitrary code leading to compromise of user information Description: A memory corruption issue was addressed with improved state management.

CVE-2021-1797 [MEDIUM] CVE-2021-1797: iOS 14.4 and iPadOS 14.4 Apple Security Update: About the security content of iOS 14.4 and iPadOS 14.4 Product: iOS 14.4 and iPadOS Version: 14.4 CVE: CVE-2021-1797 Component: APFS Impact: A local user may be able to read arbitrary files Description: The issue was addressed with improved permissions logic.

CVE-2021-1766 [MEDIUM] CVE-2021-1766: iOS 14.4 and iPadOS 14.4 Apple Security Update: About the security content of iOS 14.4 and iPadOS 14.4 Product: iOS 14.4 and iPadOS Version: 14.4 CVE: CVE-2021-1766 Component: ImageIO Impact: Processing a maliciously crafted image may lead to a denial of service Description: This issue was addressed with improved checks.

CVE-2021-1769 [MEDIUM] CVE-2021-1769: iOS 14.4 and iPadOS 14.4 Apple Security Update: About the security content of iOS 14.4 and iPadOS 14.4 Product: iOS 14.4 and iPadOS Version: 14.4 CVE: CVE-2021-1769 Component: Swift Impact: A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication Description: A logic issue was addressed with improved validation.

CVE-2021-1780 [MEDIUM] CVE-2021-1780: iOS 14.4 and iPadOS 14.4 Apple Security Update: About the security content of iOS 14.4 and iPadOS 14.4 Product: iOS 14.4 and iPadOS Version: 14.4 CVE: CVE-2021-1780 Component: Bluetooth Impact: An attacker in a privileged position may be able to perform a denial of service attack Description: A memory initialization issue was addressed with improved memory handling.

CVE-2021-1773 [MEDIUM] CVE-2021-1773: iOS 14.4 and iPadOS 14.4 Apple Security Update: About the security content of iOS 14.4 and iPadOS 14.4 Product: iOS 14.4 and iPadOS Version: 14.4 CVE: CVE-2021-1773 Component: ImageIO Impact: Processing a maliciously crafted image may lead to a denial of service Description: A logic issue was addressed with improved state management.

CVE-2021-1778 [MEDIUM] CVE-2021-1778: iOS 14.4 and iPadOS 14.4 Apple Security Update: About the security content of iOS 14.4 and iPadOS 14.4 Product: iOS 14.4 and iPadOS Version: 14.4 CVE: CVE-2021-1778 Component: ImageIO Impact: Processing a maliciously crafted image may lead to a denial of service Description: An out-of-bounds read issue existed in the curl. This issue was addressed with improved bounds checking.

CVE-2021-1791 [MEDIUM] CVE-2021-1791: iOS 14.4 and iPadOS 14.4 Apple Security Update: About the security content of iOS 14.4 and iPadOS 14.4 Product: iOS 14.4 and iPadOS Version: 14.4 CVE: CVE-2021-1791 Component: FairPlay Impact: A malicious application may be able to disclose kernel memory Description: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation.

CVE-2021-1799 [MEDIUM] CVE-2021-1799: iOS 14.4 and iPadOS 14.4 Apple Security Update: About the security content of iOS 14.4 and iPadOS 14.4 Product: iOS 14.4 and iPadOS Version: 14.4 CVE: CVE-2021-1799 Component: WebRTC Impact: A malicious website may be able to access restricted ports on arbitrary servers Description: A port redirection issue was addressed with additional port validation.

CVE-2021-1756 [LOW] CVE-2021-1756: iOS 14.4 and iPadOS 14.4 Apple Security Update: About the security content of iOS 14.4 and iPadOS 14.4 Product: iOS 14.4 and iPadOS Version: 14.4 CVE: CVE-2021-1756 Component: Phone Keypad Impact: An attacker with physical access to a device may be able to see private contact information Description: A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management.