CVE-2021-3933

An integer overflow could occur when OpenEXR processes a crafted file on systems where sizet 64 bits. This could cause an invalid bytesPerLine and maxBytesPerLine value, which could lead to problems with application stability or lead to other attack paths...

Code injection

This issue was addressed with improved checks. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, Security Update 2021-005 Catalina, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing a maliciously crafted dfont file may lead to arbitrary code execution...

Stack overflow

libde265 v1.0.4 contains a stack buffer overflow in the putqpelfallback function, which can be exploited via a crafted a file...

CVE-2021-30662

This issue was addressed with improved checks. This issue is fixed in iOS 14.5 and iPadOS 14.5. Processing a maliciously crafted file may lead to arbitrary code execution...

Code injection

This issue was addressed with improved checks. This issue is fixed in iOS 14.5 and iPadOS 14.5. Processing a maliciously crafted file may lead to arbitrary code execution...

CVE-2021-30662

This issue was addressed with improved checks. This issue is fixed in iOS 14.5 and iPadOS 14.5. Processing a maliciously crafted file may lead to arbitrary code execution...

CVE-2021-30764

Processing a maliciously crafted file may lead to arbitrary code execution. This issue is fixed in iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. This issue was addressed with improved checks...

Cross site scripting

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 14.7, macOS Big Sur 11.5. Processing a maliciously crafted file may disclose user information...

CVE-2021-30789

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-004 Catalina. Processing a maliciously crafted font file may lead to arbitrary code execution...

PT-2021-18961 · Apple · Ios +3

Name of the Vulnerable Software and Affected Versions: Apple iOS versions prior to 15.1 Apple iPadOS versions prior to 15.1 Apple macOS versions prior to 12.0.1 Apple tvOS versions prior to 15.1 Apple macOS Catalina versions prior to Security Update 2021-007 Apple macOS Big Sur versions prior to...

Out-of-bounds

FATEK Automation FvDesigner, Versions 1.5.88 and prior is vulnerable to an out-of-bounds write while processing project files, allowing an attacker to craft a project file that may permit arbitrary code execution...

Moderate: Red Hat Security Advisory: ruby:2.7 security, bug fix, and enhancement update

An update for the ruby:2.7 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

About the security content of macOS Big Sur 11.4

About the security content of macOS Big Sur 11.4 This document describes the security content of macOS Big Sur 11.4. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases...

PT-2021-18830 · Apple · Ios +3

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 11.4 Security Update versions prior to 2021-003 Catalina Security Update versions prior to 2021-004 Mojave iOS versions prior to 14.6 iPadOS versions prior to 14.6 Description: A memory corruption issue was addressed...

Wordpress WP Super Edit 2.5.4 Plugin - Remote File Upload Vulnerability

Title: Wordpress Plugin WP Super Edit 2.5.4 - Remote File Upload Author: h4shur Vendor Homepage: https://wordpress.org Software Link: https://wordpress.org/plugins/wp-super-edit/ Version : 2.5.4 and earlier Tested on: Windows 10 & Google Chrome Category : Web Application Bugs Dork :...

Apple watchOS 资源管理错误漏洞

Apple watchOS is an operating system for smartwatches from Apple. A resource management error vulnerability exists in watchOS, which stems from a double error when processing files in the libxslt library. The following products and versions are affected: watchOS: 7.0 18R382, 7.0.1 18R395, 7.0.2...

CVE-2020-27948

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in watchOS 7.2, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. Processing a maliciously crafted audio file may lead to...

CVE-2020-27948

The CVE-2020-27948 entry concerns an out-of-bounds write vulnerability in CoreAudio that could allow arbitrary code execution when processing a malicious audio file. Affected Apple platforms and releases include watchOS 7.2, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2...

CVE-2021-3478

CVE-2021-3478 affects OpenEXR’s scanline input file handling. A crafted file processed by OpenEXR can cause excessive memory usage, with the greatest impact on availability. Multiple connected sources corroborate a memory-denial threat vector in OpenEXR before 3.0.0-beta. Debian LTS advisories sh...

USN-4831-1 libopenmpt vulnerabilities

It was discovered that OpenMPT incorrectly handled certain files. A remote attacker could possibly use this issue to cause a denial of service or other unspecified impact...