Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

APPLE-SA-2021-04-26-1 iOS 14.5 and iPadOS 14.5

Related Vulnerabilities: CVE-2021-1835   CVE-2021-1837   CVE-2021-1867   CVE-2021-1849   CVE-2021-1836   CVE-2021-1808   CVE-2021-1857   CVE-2021-1846   CVE-2021-1809   CVE-2021-30659   CVE-2021-1811   CVE-2021-1872   CVE-2021-1881   CVE-2021-1882   CVE-2021-1813   CVE-2021-30656   CVE-2021-1883   CVE-2021-1884   CVE-2021-1885   CVE-2021-30653   CVE-2021-1843   CVE-2021-1858   CVE-2021-1864   CVE-2021-1877   CVE-2021-1852   CVE-2021-1830   CVE-2021-1874   CVE-2021-1851   CVE-2021-1860   CVE-2021-1816   CVE-2021-1832   CVE-2021-30660   CVE-2021-30652   CVE-2021-1875   CVE-2021-1822   CVE-2021-1865   CVE-2021-1815   CVE-2021-1739   CVE-2021-1740   CVE-2021-1807   CVE-2021-1831   CVE-2021-1868   CVE-2021-1854   CVE-2021-1848   CVE-2021-1825   CVE-2021-1817   CVE-2021-1826   CVE-2021-1820   CVE-2021-30661   CVE-2020-7463  
Source 
                							

                <!--X-Body-Begin-->
<!--X-User-Header-->
<a href="/fulldisclosure/"><img src="/images/fulldisclosure-logo.png" class="l-logo right" alt="fulldisclosure logo" width="80"></a>
<h2 class="m-list"><a href="/fulldisclosure/">Full Disclosure</a>
mailing list archives</h2>
<!--X-User-Header-End-->
<!--X-TopPNI-->
<div class="nav-bar">
<div class="nav-link">
<a href="48"><img src="/images/left-icon-16x16.png" alt="Previous" width="16" height="16"></a>
<a href="date.html#49">By Date</a>
<a href="50"><img src="/images/right-icon-16x16.png" alt="Next" width="16" height="16"></a>
</div>
<div class="nav-link">
<a href="48"><img src="/images/left-icon-16x16.png" alt="Previous" width="16" height="16"></a>
<a href="index.html#49">By Thread</a>
<a href="50"><img src="/images/right-icon-16x16.png" alt="Next" width="16" height="16"></a>
</div>
<form class="nst-search center" action="/search/fulldisclosure">
<input class="nst-search-q" name="q" type="search" placeholder="List Archive Search">
<button class="nst-search-button" title="Search">
<img style="width:100%;aspect-ratio:1/1;" alt="" aria-hidden="true" src="/shared/images/nst-icons.svg#search">
</button>
</form>

</div>

<!--X-TopPNI-End-->
<!--X-MsgBody-->
<!--X-Subject-Header-Begin-->
<h1 class="m-title">APPLE-SA-2021-04-26-1 iOS 14.5 and iPadOS 14.5</h1>
<hr>
<!--X-Subject-Header-End-->
<!--X-Head-of-Message-->


<em>From</em>: Apple Product Security via Fulldisclosure &lt;fulldisclosure () seclists org&gt;


<em>Date</em>: Mon, 26 Apr 2021 15:51:30 -0700


<!--X-Head-of-Message-End-->
<!--X-Head-Body-Sep-Begin-->
<hr>
<!--X-Head-Body-Sep-End-->
<!--X-Body-of-Message-->
<pre style="margin: 0em;">-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2021-04-26-1 iOS 14.5 and iPadOS 14.5

iOS 14.5 and iPadOS 14.5 addresses the following issues.
Information about the security content is also available at
<a rel="nofollow" href="https://support.apple.com/HT212317">https://support.apple.com/HT212317</a>.

Accessibility
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: A person with physical access to an iOS device may be able to
access notes from the lock screen
Description: This issue was addressed with improved checks.
CVE-2021-1835: videosdebarraquito

App Store
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: An attacker in a privileged network position may be able to
alter network traffic
Description: A certificate validation issue was addressed.
CVE-2021-1837: Aapo Oksman of Nixu Cybersecurity

Apple Neural Engine
Available for: iPhone 8 and later, iPad Pro (3rd generation) and
later, and iPad Air (3rd generation) and later
Impact: A malicious application may be able to execute arbitrary code
with kernel privileges
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2021-1867: Zuozhi Fan (@pattern_F_) and Wish Wu (吴潍浠) of Ant
Group Tianqiong Security Lab

AppleMobileFileIntegrity
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: A malicious application may be able to bypass Privacy
preferences
Description: An issue in code signature validation was addressed with
improved checks.
CVE-2021-1849: Siguza

Assets
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: A local user may be able to create or modify privileged files
Description: A logic issue was addressed with improved restrictions.
CVE-2021-1836: an anonymous researcher

Audio
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: An application may be able to read restricted memory
Description: A memory corruption issue was addressed with improved
validation.
CVE-2021-1808: JunDong Xie of Ant Security Light-Year Lab

CFNetwork
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: Processing maliciously crafted web content may disclose
sensitive user information
Description: A memory initialization issue was addressed with
improved memory handling.
CVE-2021-1857: an anonymous researcher

CoreAudio
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: Processing a maliciously crafted audio file may disclose
restricted memory
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2021-1846: JunDong Xie of Ant Security Light-Year Lab

CoreAudio
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: A malicious application may be able to read restricted memory
Description: A memory corruption issue was addressed with improved
validation.
CVE-2021-1809: JunDong Xie of Ant Security Light-Year Lab

CoreFoundation
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: A malicious application may be able to leak sensitive user
information
Description: A validation issue was addressed with improved logic.
CVE-2021-30659: Thijs Alkemade of Computest

CoreText
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: Processing a maliciously crafted font may result in the
disclosure of process memory
Description: A logic issue was addressed with improved state
management.
CVE-2021-1811: Xingwei Lin of Ant Security Light-Year Lab

FaceTime
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: Muting a CallKit call while ringing may not result in mute
being enabled
Description: A logic issue was addressed with improved state
management.
CVE-2021-1872: Siraj Zaneer of Facebook

FontParser
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: Processing a maliciously crafted font file may lead to
arbitrary code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2021-1881: an anonymous researcher, Xingwei Lin of Ant Security
Light-Year Lab, Mickey Jin of Trend Micro, and Hou JingYi
(@hjy79425575) of Qihoo 360

Foundation
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: An application may be able to gain elevated privileges
Description: A memory corruption issue was addressed with improved
validation.
CVE-2021-1882: Gabe Kirkpatrick (@gabe_k)

Foundation
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: A malicious application may be able to gain root privileges
Description: A validation issue was addressed with improved logic.
CVE-2021-1813: Cees Elzinga

GPU Drivers
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: A malicious application may be able to determine kernel
memory layout
Description: An access issue was addressed with improved memory
management.
CVE-2021-30656: Justin Sherman of University of Maryland, Baltimore
County

Heimdal
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: Processing maliciously crafted server messages may lead to
heap corruption
Description: This issue was addressed with improved checks.
CVE-2021-1883: Gabe Kirkpatrick (@gabe_k)

Heimdal
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: A remote attacker may be able to cause a denial of service
Description: A race condition was addressed with improved locking.
CVE-2021-1884: Gabe Kirkpatrick (@gabe_k)

ImageIO
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2021-1885: CFF of Topsec Alpha Team

ImageIO
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: This issue was addressed with improved checks.
CVE-2021-30653: Ye Zhang of Baidu Security
CVE-2021-1843: Ye Zhang of Baidu Security

ImageIO
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
CVE-2021-1858: Mickey Jin of Trend Micro

iTunes Store
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: An attacker with JavaScript execution may be able to execute
arbitrary code
Description: A use after free issue was addressed with improved
memory management.
CVE-2021-1864: CodeColorist of Ant-Financial LightYear Labs

Kernel
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: A local user may be able to read kernel memory
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2021-1877: Zuozhi Fan (@pattern_F_) of Ant Group Tianqiong
Security Lab
CVE-2021-1852: Zuozhi Fan (@pattern_F_) of Ant Group Tianqiong
Security Lab
CVE-2021-1830: Tielei Wang of Pangu Lab

Kernel
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A logic issue was addressed with improved state
management.
CVE-2021-1874: Zuozhi Fan (@pattern_F_) of Ant Group Tianqiong
Security Lab
CVE-2021-1851: @0xalsr

Kernel
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: A malicious application may be able to disclose kernel memory
Description: A memory initialization issue was addressed with
improved memory handling.
CVE-2021-1860: @0xalsr

Kernel
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: A malicious application may be able to execute arbitrary code
with kernel privileges
Description: A buffer overflow was addressed with improved bounds
checking.
CVE-2021-1816: Tielei Wang of Pangu Lab

Kernel
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: Copied files may not have the expected file permissions
Description: The issue was addressed with improved permissions logic.
CVE-2021-1832: an anonymous researcher

Kernel
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: A malicious application may be able to disclose kernel memory
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2021-30660: Alex Plaskett

libxpc
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: A malicious application may be able to gain root privileges
Description: A race condition was addressed with additional
validation.
CVE-2021-30652: James Hutchins

libxslt
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: Processing a maliciously crafted file may lead to heap
corruption
Description: A double free issue was addressed with improved memory
management.
CVE-2021-1875: Found by OSS-Fuzz

MobileInstallation
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: A local user may be able to modify protected parts of the
file system
Description: A logic issue was addressed with improved restrictions.
CVE-2021-1822: Bruno Virlet of The Grizzly Labs

Password Manager
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: A user's password may be visible on screen
Description: An issue obscuring passwords in screenshots was
addressed with improved logic.
CVE-2021-1865: Shibin B Shaji of UST

Preferences
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: A local user may be able to modify protected parts of the
file system
Description: A parsing issue in the handling of directory paths was
addressed with improved path validation.
CVE-2021-1815: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020)
of Tencent Security Xuanwu Lab (xlab.tencent.com)
CVE-2021-1739: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020)
of Tencent Security Xuanwu Lab (xlab.tencent.com)
CVE-2021-1740: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020)
of Tencent Security Xuanwu Lab (xlab.tencent.com)

Safari
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: A local user may be able to write arbitrary files
Description: A validation issue was addressed with improved input
sanitization.
CVE-2021-1807: David Schütz (@xdavidhu)

Shortcuts
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: An application may allow shortcuts to access restricted files
Description: The issue was addressed with improved permissions logic.
CVE-2021-1831: Bouke van der Bijl

Tailspin
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: A local attacker may be able to elevate their privileges
Description: A logic issue was addressed with improved state
management.
CVE-2021-1868: Tim Michaud of Zoom Communications

Telephony
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: A legacy cellular network can automatically answer an
incoming call when an ongoing call ends or drops. 
Description: A call termination issue with was addressed with
improved logic.
CVE-2021-1854: Steven Thorne of Cspire

Wallet
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: A local user may be able to view sensitive information in the
app switcher
Description: The issue was addressed with improved UI handling.
CVE-2021-1848: Bradley D’Amato of ActionIQ

WebKit
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: Processing maliciously crafted web content may lead to a
cross site scripting attack
Description: An input validation issue was addressed with improved
input validation.
CVE-2021-1825: Alex Camboe of Aon’s Cyber Solutions

WebKit
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
state management.
CVE-2021-1817: an anonymous researcher

WebKit
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue was addressed with improved restrictions.
CVE-2021-1826: an anonymous researcher

WebKit
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: Processing maliciously crafted web content may result in the
disclosure of process memory
Description: A memory initialization issue was addressed with
improved memory handling.
CVE-2021-1820: an anonymous researcher

WebKit Storage
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution. Apple is aware of a report that this issue
may have been actively exploited.
Description: A use after free issue was addressed with improved
memory management.
CVE-2021-30661: yangkang(@dnpushme) of 360 ATA

WebRTC
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: A remote attacker may be able to cause unexpected system
termination or corrupt kernel memory
Description: A use after free issue was addressed with improved
memory management.
CVE-2020-7463: Megan2013678

Installation note:

This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from <a rel="nofollow" href="https://www.apple.com/itunes/">https://www.apple.com/itunes/</a>

iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.

To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About
* The version after applying this update will be "14.5"

Information will also be posted to the Apple Security Updates
web site: <a rel="nofollow" href="https://support.apple.com/kb/HT201222">https://support.apple.com/kb/HT201222</a>

This message is signed with Apple's Product Security PGP key,
and details are available at:
<a rel="nofollow" href="https://www.apple.com/support/security/pgp/">https://www.apple.com/support/security/pgp/</a>

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEbURczHs1TP07VIfuZcsbuWJ6jjAFAmCHOzAACgkQZcsbuWJ6
jjAaUw/+LVyzY07R4wF0TVOLZ1Svkt/cfR69bliLBa+IN5qIzkeTkdnCWVsvWPem
F21wTHb9Z/GH8XVakyUwVwE2NAIw0X8iQcM3Z+fwCdNSwuQuItsWH4BS29JT7COA
23X3KxDtI0WwB3uYAB6VuotYSRR9DakU9jaPEfJw8lnmbV8CMxn33lPxy/PH2IHq
z37xC6wIGiEjZKiWyMa4MY5CXWitceljB1NLYO6+o7AcyHtLZggIoka+Z3kfHIym
Bgj0tRnMULdZJx7zTPGKCHVUkQ564+Gmfji6ZjR+U+3JmjupkcM/j61a/2Bx6m/R
3l9XWs6eut+6FDYZUzmn5VPbDDvEGzw4r8cHY6n4iHjuoIOU1pbi1r1GlyVMN3F0
osw2+kkCKgUEtZjqZCp1jcZJZ0LYKQDQmQc5PWkMPAiIfLtAJ5PPSPOcpPwtXdNv
ymPeaP7HCR35qCzY/zM8NVUNtPeWDRG/BjHpwwY7GZsv8oltzF1GgGVjo7v9kASg
w4Fkq9UTTfHi1lA76vx8//hVkBvaZUlKwv+IWwObiUx8X3YtkxlGUKJpirSL4JeD
ne52T7f3Ob1lf9QJCSzPDE7US8dkh3UgSRKGHeiDTNOiP2qG5DUEswUCiIKSbL36
FepQeQ087BUYLyw3VLl1K/yM8dNwpq/RbFSv/BJaoUu5ZEaUaGs=
=7c10
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the Full Disclosure mailing list
<a rel="nofollow" href="https://nmap.org/mailman/listinfo/fulldisclosure">https://nmap.org/mailman/listinfo/fulldisclosure</a>
Web Archives &amp; RSS: <a rel="nofollow" href="http://seclists.org/fulldisclosure/">http://seclists.org/fulldisclosure/</a></pre>
<!--X-Body-of-Message-End-->
<!--X-MsgBody-End-->
<!--X-Follow-Ups-->
<hr>
<!--X-Follow-Ups-End-->
<!--X-References-->
<!--X-References-End-->
<!--X-BotPNI-->
<div class="nav-bar">
<div class="nav-link">
<a href="48"><img src="/images/left-icon-16x16.png" alt="Previous" width="16" height="16"></a>
<a href="date.html#49">By Date</a>
<a href="50"><img src="/images/right-icon-16x16.png" alt="Next" width="16" height="16"></a>
</div>
<div class="nav-link">
<a href="48"><img src="/images/left-icon-16x16.png" alt="Previous" width="16" height="16"></a>
<a href="index.html#49">By Thread</a>
<a href="50"><img src="/images/right-icon-16x16.png" alt="Next" width="16" height="16"></a>
</div>
</div>
<h3 class="m-thread">Current thread:</h3>
<ul class="thread">
<li><strong>APPLE-SA-2021-04-26-1 iOS 14.5 and iPadOS 14.5</strong> <em>Apple Product Security via Fulldisclosure (Apr 27)</em>
</li></ul>


<!--X-BotPNI-End-->
<!--X-User-Footer-->
<!--X-User-Footer-End-->
<p>

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started