JingYi (@hjy79425575) of Qihoo 360 Foundation Available for: macOS Big Sur Impact: An application may be able to gain elevated privileges Description: A memory corruption issue was addressed with improved validation. CVE-2021-1882: Gabe Kirkpatrick (@gabe_k) Foundation Available for: macOS Big Sur Impact: A malicious application may be able to gain root privileges Description: A validation issue was addressed with improved logic. CVE-2021-1813: Cees Elzinga Heimdal Available for: macOS Big Sur Impact...
Security Light-Year Lab, Mickey Jin of Trend Micro, and Hou JingYi (@hjy79425575) of Qihoo 360 Foundation Available for: Apple Watch Series 3 and later Impact: An application may be able to gain elevated privileges Description: A memory corruption issue was addressed with improved validation. CVE-2021-1882: Gabe Kirkpatrick (@gabe_k) Foundation Available for: Apple Watch Series 3 and later Impact: A malicious application may be able to gain root privileges Description: A validation issue was addressed...
a maliciously crafted font file may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2021-1881: an anonymous researcher, Xingwei Lin of Ant Security Light-Year Lab, Mickey Jin of Trend Micro, and Hou JingYi (@hjy79425575) of Qihoo 360 Foundation Available for: Apple TV 4K and Apple TV HD Impact: An application may be able to gain elevated privileges Description: A memory corruption issue was addressed with improved validation. CVE-2021...
was addressed with improved input validation. CVE-2021-1881: an anonymous researcher, Xingwei Lin of Ant Security Light-Year Lab, Mickey Jin of Trend Micro, and Hou JingYi (@hjy79425575) of Qihoo 360 Foundation Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: An application may be able to gain elevated privileges Description: A memory corruption issue was addressed with improved...
to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2019-8716: Zhiyi Zhang of Codesafe Team of Legendsec at Qi'anxin Group, Zhuo Liang of Qihoo 360 Vulcan Team Associated Domains Available for: macOS Catalina 10.15 Impact: Improper URL processing may lead to data exfiltration Description: An issue existed in the parsing of URLs. This issue was addressed with improved input validation. CVE-2019-8788: Juha Lindstedt...
Mail Privacy Protection in iOS 15 and iPadOS 15 hides your IP address, so email senders can’t determine your location or link it to your other online activity. In some cases, Mail isn’t able to download remote content in an email in a private way. This may happen if you’re using a Virtual Private Network (VPN). Mail won’t load this content without your permission and instead notifies you that it's unable to load remote content privately. You can tap Load Content to bypass the warning...
30881: Simon Huang (@HuangShaomang) and pjf of IceSword Lab of Qihoo 360 Game Center Available for: Apple TV 4K and Apple TV HD Impact: A malicious application may be able to access information about a user's contacts Description: A logic issue was addressed with improved restrictions. CVE-2021-30895: Denis Tokarev (@illusionofcha0s) Entry updated May 25, 2022 Game Center Available for: Apple TV 4K and Apple TV HD Impact: A malicious application may be able to read user's gameplay data Description...
memory handling. CVE-2021-30881: Simon Huang (@HuangShaomang) and pjf of IceSword Lab of Qihoo 360 Game Center Available for: Apple Watch Series 3 and later Impact: A malicious application may be able to access information about a user's contacts Description: A logic issue was addressed with improved restrictions. CVE-2021-30895: Denis Tokarev (@illusionofcha0s) Entry updated May 25, 2022 Game Center Available for: Apple Watch Series 3 and later Impact: A malicious application may be able to read...
Impact: Unpacking a maliciously crafted archive may lead to arbitrary code execution Description: An input validation issue was addressed with improved memory handling. CVE-2021-30881: Simon Huang (@HuangShaomang) and pjf of IceSword Lab of Qihoo 360 GPU Drivers Available for: macOS Big Sur Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2021-30900: Yinyi Wu (@3ndy1...
Catalina Impact: Unpacking a maliciously crafted archive may lead to arbitrary code execution Description: An input validation issue was addressed with improved memory handling. CVE-2021-30881: Simon Huang (@HuangShaomang) and pjf of IceSword Lab of Qihoo 360 iCloud Available for: macOS Catalina Impact: A local attacker may be able to elevate their privileges Description: This issue was addressed with improved checks. CVE-2021-30906: Cees Elzinga Entry added May 25, 2022 Intel Graphics Driver Available...
, iMac (Late 2015 and later), MacBook (Early 2016 and later), iMac Pro (2017 and later) Impact: Unpacking a maliciously crafted archive may lead to arbitrary code execution Description: An input validation issue was addressed with improved memory handling. CVE-2021-30881: Simon Huang (@HuangShaomang) and pjf of IceSword Lab of Qihoo 360 File System Available for: Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac...
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Unpacking a maliciously crafted archive may lead to arbitrary code execution Description: An input validation issue was addressed with improved memory handling. CVE-2021-30881: Simon Huang (@HuangShaomang) and pjf of IceSword Lab of Qihoo 360 File System Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2...
instances of the Sampler, use a dedicated hard drive to store samples. Always use a dedicated drive if you use the Virtual Memory option with the Sampler. Format hard disks, flash drives, or other storage devices used with Logic Pro in the APFS or Mac OS Extended (Journaled) format. Learn more about which file system is best for you...
This document describes the security content of QuickTime 7.6.9.
that your device feels warmer when you: Set up your device the first time Restore from a backup Wirelessly charge your device Use graphics-intensive or processor-intensive apps, games, or features, including augmented- reality apps Stream high-quality video These conditions are normal, and your device will return to a regular temperature when the process is complete or when you finish your activity. If your device doesn't display a temperature warning, you can keep using your device., iOS and iPadOS devices...
, 2021 CoreAnimation Available for: Apple Watch Series 3 and later Impact: A malicious application could execute arbitrary code leading to compromise of user information Description: A memory corruption issue was addressed with improved state management. CVE-2021-1760: @S0rryMybad of 360 Vulcan Team Entry added February 1, 2021 CoreAudio Available for: Apple Watch Series 3 and later Impact: Processing maliciously crafted web content may lead to code execution Description: An out-of-bounds write...
of symlinks. CVE-2019-8606: Phoenhex and qwerty (@_niklasb, @qwertyoruiopz, @bkth_) working with Trend Micro's Zero Day Initiative Kernel Available for: macOS Mojave 10.14.4, macOS High Sierra 10.13.6 Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2019-8633: Zhuo Liang of Qihoo 360 Vulcan Team Entry added July 25, 2019, updated September 17, 2019 Kernel Available for: macOS Sierra 10.12.6, macOS High Sierra...
iOS 12 brings performance improvements and exciting new features to iPhone and iPad. Photos introduces new features to help you rediscover and share the photos in your library, Memoji—a new, more customizable Animoji—make Messages more expressive and fun, Screen Time helps you and your family understand and make the most of the time spent on devices, Siri Shortcuts deliver a faster way to get things done with the ability for any app to work with Siri, augmented reality becomes even more...
and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: A remote attacker may be able to cause arbitrary code execution Description: A logic issue was addressed with improved state management. CVE-2021-30820: Jianjun Dai of Qihoo 360 Alpha Lab Entry added September 20, 2021 CoreAudio Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4...
This document describes the security content of macOS Mojave 10.14.
working with Trend Micro's Zero Day Initiative CoreAnimation Available for: Apple Watch Series 1 and later Impact: A malicious application may be able to read restricted memory Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2019-6231: Zhuo Liang of Qihoo 360 Nirvan Team CoreAnimation Available for: Apple Watch Series 1 and later Impact: A malicious application may be able to break out of its sandbox Description: A memory initialization issue was addressed...
Released January 28, 2020 Audio Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2020-3857: Zhuo Liang of Qihoo 360 Vulcan Team FaceTime Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation) Impact...
IOGraphics Available for: macOS Sierra 10.12.4 Impact: An application may be able to gain kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-2545: 360 Security (@mj0011sec) working with Trend Micro's Zero Day Initiative IOSurface Available for: macOS Sierra 10.12.4, OS X El Capitan 10.11.6, and OS X Yosemite 10.10.5 Impact: An application may be able to gain kernel privileges Description: A race condition was addressed through improved locking...
was addressed with improved input validation. CVE-2020-27945: Zhuo Liang of Qihoo 360 Vulcan Team Entry added March 16, 2021 CoreAudio Available for: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models) Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE...
Apple publishes this article to acknowledge and thank those who reported potential security issues in our web servers. Credit is added after the issue has been identified and addressed....
with kernel privileges Description: A memory corruption issue was addressed through improved memory handling. CVE-2017-2427: Axis and sss of Qihoo 360 Nirvan Team Bluetooth Available for: macOS Sierra 10.12.3 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed through improved memory management. CVE-2017-2449: sss and Axis from 360NirvanTeam Carbon Available for: macOS Sierra 10.12.3 Impact: Processing a maliciously crafted...
to execute arbitrary code with kernel privileges Description: An out-of-bounds write was addressed with improved input validation. CVE-2021-30765: Yinyi Wu (@3ndy1) of Qihoo 360 Vulcan Team, Liu Long of Ant Security Light-Year Lab CVE-2021-30766: Liu Long of Ant Security Light-Year Lab Entry updated January 19, 2022 IOKit Available for: macOS Mojave Impact: A local attacker may be able to execute code on the Apple T2 Security Chip Description: Multiple issues were addressed with improved logic. CVE-2021...
of Ant Security Light-Year Lab CVE-2021-30765: Yinyi Wu (@3ndy1) of Qihoo 360 Vulcan Team, Liu Long of Ant Security Light-Year Lab Entry updated November 18, 2021 IOKit Available for: macOS Big Sur Impact: A local attacker may be able to execute code on the Apple T2 Security Chip Description: Multiple issues were addressed with improved logic. CVE-2021-30784: George Nosenko Kernel Available for: macOS Big Sur Impact: An application may be able to execute arbitrary code with kernel privileges...
working with Trend Micro Zero Day Initiative Intel Graphics Driver Available for: macOS Catalina Impact: An application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write was addressed with improved input validation. CVE-2021-30765: Yinyi Wu (@3ndy1) of Qihoo 360 Vulcan Team, Liu Long of Ant Security Light-Year Lab CVE-2021-30766: Liu Long of Ant Security Light-Year Lab Entry updated January 19, 2022 IOKit Available for: macOS Catalina Impact: A local...
This document describes the security content of macOS Catalina 10.15.