Apple iOS, iPadOS, macOS, and watchOS CoreGraphics contain an integer overflow vulnerability which may allow code execution when processing a maliciously crafted PDF. The vulnerability is also known under the moniker of FORCEDENTRY.

googleprojectzero 2

osv 3

slackware 1

githubexploit 1

malwarebytes 2

nessus 5

thn 6

openvas 5

cvelist 2

threatpost 2

prion 2

nvd 2

attackerkb 2

cve 2

fedora 2

alpinelinux 1

qualysblog 4

gentoo 1

apple 5

cisa 1

hivepro 1

redhatcve 1

ubuntucve 1

altlinux 1

krebs 1

avleonov 1

googleprojectzero

A deep dive into an NSO zero-click iMessage exploit: Remote Code Execution

2021-12-15 00:00:00

The More You Know, The More You Know You Don’t Know

2022-04-19 00:00:00

osv

CVE-2021-30860

2021-08-24 19:15:14

CVE-2022-38171

2022-08-22 19:15:11

CVE-2022-38784

2022-08-30 03:15:07

slackware

[slackware-security] poppler

2022-09-01 20:05:47

githubexploit

Exploit for Integer Overflow or Wraparound in Apple Ipados

2021-09-18 22:14:17

malwarebytes

Apple releases emergency update: Patch, but don’t panic

2021-09-14 11:39:39

Update now! Apple patches another privilege escalation bug in iOS and iPadOS

2021-10-12 16:07:53

nessus

Slackware Linux 15.0 / current poppler Vulnerability (SSA:2022-244-01)

2022-09-01 00:00:00

GLSA-202209-21 : Poppler: Arbitrary Code Execution

2022-09-29 00:00:00

GLSA-202405-18 : Xpdf: Multiple Vulnerabilities

2024-05-07 00:00:00

thn

3 Former U.S. Intelligence Officers Admit to Hacking for UAE Company

2021-09-15 11:03:00

Another Israeli Firm, QuaDream, Caught Weaponizing iPhone Bug for Spyware

2022-02-04 11:52:00

Apple Issues Urgent Updates to Fix New Zero-Day Linked to Pegasus Spyware

2021-09-14 04:35:00

openvas

Slackware: Security Advisory (SSA:2022-244-01)

2022-09-02 00:00:00

Fedora: Security Advisory for mingw-poppler (FEDORA-2022-f7b375eae8)

2022-09-23 00:00:00

Fedora: Security Advisory for mingw-poppler (FEDORA-2022-51b27699ce)

2022-09-23 00:00:00

cvelist

CVE-2021-30860

2021-08-24 18:49:25

CVE-2022-38171

2022-04-18 00:00:00

threatpost

Apple Issues Emergency Fix for NSO Zero-Click Zero Day

2021-09-13 22:10:15

Apple Patches 3 More Zero-Days Under Active Attack

2021-09-24 11:29:27

prion

Integer overflow

2021-08-24 19:15:00

Integer overflow

2022-08-22 19:15:00

nvd

CVE-2021-30860

2021-08-24 19:15:14

CVE-2022-38171

2022-08-22 19:15:11

attackerkb

CVE-2021-30860

2021-08-24 00:00:00

CVE-2022-38171

2022-04-19 00:00:00

cve

CVE-2021-30860

2021-08-24 19:15:14

CVE-2022-38171

2022-08-22 19:15:11

fedora

[SECURITY] Fedora 35 Update: mingw-poppler-21.08.0-2.fc35

2022-09-22 01:25:32

[SECURITY] Fedora 36 Update: mingw-poppler-22.01.0-7.fc36

2022-09-22 01:18:10

alpinelinux

CVE-2022-38171

2022-08-22 19:15:11

qualysblog

Detect & Prioritize NSO Pegasus iPhone Spyware Vulnerabilities Using VMDR for Mobile Devices

2021-09-20 14:47:57

NSO Pegasus iPhone Spyware Vulnerabilities Fixed by Apple – Detect & Prioritize Using VMDR for Mobile Devices

2021-09-29 08:28:10

Apple fixes zero-day in iOS and iPadOS 15.0.2 emergency release: Detect and Prioritize Vulnerabilities using VMDR for Mobile Devices

2021-10-18 07:41:18

gentoo

Poppler: Arbitrary Code Execution

2022-09-29 00:00:00

apple

About the security content of watchOS 7.6.2

2021-09-13 00:00:00

About the security content of iOS 12.5.5

2021-09-23 00:00:00

About the security content of iOS 14.8 and iPadOS 14.8

2021-09-13 00:00:00

cisa

Apple Releases Security Updates to Address CVE-2021-30858 and CVE-2021-30860

2021-09-13 00:00:00

hivepro

Apple fixes the zero-day vulnerabilities exploited by Pegasus spyware named “FORCEDENTRY”

2021-09-16 13:49:19

redhatcve

CVE-2022-38784

2022-09-07 15:49:05

ubuntucve

CVE-2022-38171

2022-08-22 00:00:00

altlinux

Security fix for the ALT Linux 10 package poppler115 version 21.11.0-alt1.p10.1

2023-01-20 00:00:00

krebs

Microsoft Patch Tuesday, September 2021 Edition

2021-09-14 21:00:42

avleonov

Security News: Microsoft Patch Tuesday September 2021, OMIGOD, MSHTML RCE, Confluence RCE, Ghostscript RCE, FORCEDENTRY Pegasus

2021-09-18 23:22:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.002

Percentile

61.5%

JSON

Related for CISA-KEV-CVE-2021-30860