102 matches found
CVE-2021-30768
A logic issue was addressed with improved validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-004 Catalina. A sandboxed process may be able to circumvent sandbox restrictions...
CVE-2021-30768
CVE-2021-30768 is a logic issue: Apple fixed a sandbox-bypass in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, and Security Update 2021-004 Catalina. The vulnerability allows a sandboxed process to circumvent sandbox restrictions, related to input validation in the affected components. Th...
CVE-2021-30854
A logic issue was addressed with improved state management. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. A sandboxed process may be able to circumvent sandbox restrictions...
Code injection
A logic issue was addressed with improved state management. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. A sandboxed process may be able to circumvent sandbox restrictions...
CVE-2021-31010
A deserialization issue was addressed through improved validation. This issue is fixed in Security Update 2021-005 Catalina, iOS 12.5.5, iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, watchOS 7.6.2. A sandboxed process may be able to circumvent sandbox restrictions. Apple was aware of a report tha...
CVE-2021-30854
A logic issue was addressed with improved state management. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. A sandboxed process may be able to circumvent sandbox restrictions...
macOS 11.x < 11.5 Multiple Vulnerabilities (HT212602)
The remote host is running a version of macOS / Mac OS X that is 11.x prior to 11.5. It is, therefore, affected by multiple vulnerabilities: - A logic issue was addressed with improved state management. This issue is fixed in watchOS 7.6, macOS Big Sur 11.5. Visiting a maliciously crafted webpage...
SUSE: Security Advisory (SUSE-SU-2018:2719-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2020-27935
Multiple issues were addressed with improved logic. This issue is fixed in iOS 14.2 and iPadOS 14.2, macOS Big Sur 11.0.1, watchOS 7.1, tvOS 14.2. A sandboxed process may be able to circumvent sandbox restrictions...
CVE-2020-27901
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1. A sandboxed process may be able to circumvent sandbox restrictions...
CVE-2020-10009
CVE-2020-10009 is a macOS Big Sur issue described as a logic problem addressed by improved state management. The fixed version is macOS Big Sur 11.0.1, and the vulnerability could allow a sandboxed process to circumvent sandbox restrictions. The Red Hat/Apple entries corroborate the same descript...
Input validation
A logic issue was addressed with improved validation. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra. A sandboxed process may be able to circumvent sandbox restrictions...
CVE-2019-8640
CVE-2019-8640 is a logic issue in macOS components that could allow a sandboxed process to bypass sandbox restrictions. The vulnerability is addressed by patches in macOS Mojave 10.14.5 and Security Update 2019-003 for High Sierra and Sierra. The available sources indicate a fix via improved inpu...
CVE-2020-9898
This issue was addressed with improved entitlements. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6. A sandboxed process may be able to circumvent sandbox restrictions...
About the security content of watchOS 6.2 - Apple Support
About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. Apple security documents reference...
About the security content of iOS 13.4 and iPadOS 13.4
About the security content of iOS 13.4 and iPadOS 13.4 This document describes the security content of iOS 13.4 and iPadOS 13.4. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches ...
F5 Networks BIG-IP : OpenSSH vulnerability (K62201745)
The shared memory manager associated with pre-authentication compression in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allowlocal users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the...
CVE-2019-11708
Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent process opening web content chosen by a compromised child process. When combined with additional vulnerabilities this could result in executing...
CVE-2019-6235
A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3, iTunes 12.9.3 for Windows. A sandboxed process may be able to circumvent sandbox restrictions...
CVE-2019-6235
A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3, iTunes 12.9.3 for Windows. A sandboxed process may be able to circumvent sandbox restrictions...