Security Vulnerabilities - CVEs Published In October 2021
A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management. This issue is fixed in iOS 15 and iPadOS 15. A local attacker may be able to view contacts from the lock screen.
CVSS Score
2.4
EPSS Score
0.0
Published
2021-10-19
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 15 and iPadOS 15. Processing a maliciously crafted USD file may disclose memory contents.
CVSS Score
5.5
EPSS Score
0.002
Published
2021-10-19
A logic issue was addressed with improved state management. This issue is fixed in iOS 14.8 and iPadOS 14.8. A remote attacker may be able to cause arbitrary code execution.
CVSS Score
9.8
EPSS Score
0.028
Published
2021-10-19
This issue was addressed with improved checks. This issue is fixed in iOS 15 and iPadOS 15. A local attacker may be able to cause unexpected application termination or arbitrary code execution.
CVSS Score
7.8
EPSS Score
0.001
Published
2021-10-19
A logic issue was addressed with improved state management. This issue is fixed in iOS 15 and iPadOS 15. In certain situations, the baseband would fail to enable integrity and ciphering protection.
CVSS Score
7.5
EPSS Score
0.003
Published
2021-10-19
A permissions issue existed. This issue was addressed with improved permission validation. This issue is fixed in Security Update 2021-005 Catalina, macOS Big Sur 11.6. A local attacker may be able to elevate their privileges.
CVSS Score
7.8
EPSS Score
0.0
Published
2021-10-19
This issue was addressed with improved checks. This issue is fixed in Security Update 2021-005 Catalina, macOS Big Sur 11.6. A local user may be able to read arbitrary files as root.
CVSS Score
5.5
EPSS Score
0.0
Published
2021-10-19
A URI parsing issue was addressed with improved parsing. This issue is fixed in Security Update 2021-005 Catalina, macOS Big Sur 11.6. A local user may be able to execute arbitrary files.
CVSS Score
7.8
EPSS Score
0.0
Published
2021-10-19
A memory corruption issue was addressed with improved memory handling. This issue is fixed in Security Update 2021-005 Catalina, macOS Big Sur 11.6. A malicious application may be able to execute arbitrary code with kernel privileges.
CVSS Score
7.8
EPSS Score
0.002
Published
2021-10-19
InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 are vulnerable to stored cross-scripting, which may allow an attacker to hijack sessions of users connected to the system.
CVSS Score
8.7
EPSS Score
0.001
Published
2021-10-19