Lucene search
K

102 matches found

Cvelist
Cvelist
added 2021/09/08 1:46 p.m.20 views

CVE-2021-30768

A logic issue was addressed with improved validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-004 Catalina. A sandboxed process may be able to circumvent sandbox restrictions...

6.1AI score0.01146EPSS
Exploits0References5
CVE
CVE
added 2021/09/08 1:46 p.m.100 views

CVE-2021-30768

CVE-2021-30768 is a logic issue: Apple fixed a sandbox-bypass in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, and Security Update 2021-004 Catalina. The vulnerability allows a sandboxed process to circumvent sandbox restrictions, related to input validation in the affected components. Th...

5.5CVSS5.7AI score0.01146EPSS
Exploits0References5Affected Software5
NVD
NVD
added 2021/08/24 7:15 p.m.18 views

CVE-2021-30854

A logic issue was addressed with improved state management. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. A sandboxed process may be able to circumvent sandbox restrictions...

8.6CVSS0.0127EPSS
Exploits0References3
Prion
Prion
added 2021/08/24 7:15 p.m.20 views

Code injection

A logic issue was addressed with improved state management. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. A sandboxed process may be able to circumvent sandbox restrictions...

5CVSS7.3AI score0.0127EPSS
Exploits0References3Affected Software4
Cvelist
Cvelist
added 2021/08/24 6:51 p.m.26 views

CVE-2021-31010

A deserialization issue was addressed through improved validation. This issue is fixed in Security Update 2021-005 Catalina, iOS 12.5.5, iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, watchOS 7.6.2. A sandboxed process may be able to circumvent sandbox restrictions. Apple was aware of a report tha...

6.9AI score0.03673EPSS
Exploits0References5
Cvelist
Cvelist
added 2021/08/24 6:49 p.m.20 views

CVE-2021-30854

A logic issue was addressed with improved state management. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. A sandboxed process may be able to circumvent sandbox restrictions...

7.7AI score0.0127EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2021/07/23 12:0 a.m.61 views

macOS 11.x < 11.5 Multiple Vulnerabilities (HT212602)

The remote host is running a version of macOS / Mac OS X that is 11.x prior to 11.5. It is, therefore, affected by multiple vulnerabilities: - A logic issue was addressed with improved state management. This issue is fixed in watchOS 7.6, macOS Big Sur 11.5. Visiting a maliciously crafted webpage...

10CVSS8.2AI score0.03653EPSS
Exploits2References44
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.35 views

SUSE: Security Advisory (SUSE-SU-2018:2719-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.2AI score0.15716EPSS
Exploits3References10
NVD
NVD
added 2021/04/02 6:15 p.m.18 views

CVE-2020-27935

Multiple issues were addressed with improved logic. This issue is fixed in iOS 14.2 and iPadOS 14.2, macOS Big Sur 11.0.1, watchOS 7.1, tvOS 14.2. A sandboxed process may be able to circumvent sandbox restrictions...

6.3CVSS0.01684EPSS
Exploits0References4
NVD
NVD
added 2021/04/02 6:15 p.m.17 views

CVE-2020-27901

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1. A sandboxed process may be able to circumvent sandbox restrictions...

6.3CVSS0.00582EPSS
Exploits0References2
CVE
CVE
added 2020/12/08 8:0 p.m.67 views

CVE-2020-10009

CVE-2020-10009 is a macOS Big Sur issue described as a logic problem addressed by improved state management. The fixed version is macOS Big Sur 11.0.1, and the vulnerability could allow a sandboxed process to circumvent sandbox restrictions. The Red Hat/Apple entries corroborate the same descript...

5.5CVSS5.4AI score0.01059EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2020/10/27 8:15 p.m.17 views

Input validation

A logic issue was addressed with improved validation. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra. A sandboxed process may be able to circumvent sandbox restrictions...

5CVSS6.5AI score0.00801EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/10/27 7:38 p.m.62 views

CVE-2019-8640

CVE-2019-8640 is a logic issue in macOS components that could allow a sandboxed process to bypass sandbox restrictions. The vulnerability is addressed by patches in macOS Mojave 10.14.5 and Security Update 2019-003 for High Sierra and Sierra. The available sources indicate a fix via improved inpu...

7.5CVSS6.9AI score0.00801EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2020/10/22 6:15 p.m.24 views

CVE-2020-9898

This issue was addressed with improved entitlements. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6. A sandboxed process may be able to circumvent sandbox restrictions...

9.8CVSS0.01326EPSS
Exploits0References2
Apple
Apple
added 2020/06/19 10:46 a.m.86 views

About the security content of watchOS 6.2 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. Apple security documents reference...

9.8CVSS0.5AI score0.04369EPSS
Exploits0Affected Software1
Apple
Apple
added 2020/03/24 12:0 a.m.74 views

About the security content of iOS 13.4 and iPadOS 13.4

About the security content of iOS 13.4 and iPadOS 13.4 This document describes the security content of iOS 13.4 and iPadOS 13.4. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches ...

9.8CVSS9.3AI score0.04369EPSS
Exploits2References1Affected Software2
Tenable Nessus
Tenable Nessus
added 2019/12/31 12:0 a.m.69 views

F5 Networks BIG-IP : OpenSSH vulnerability (K62201745)

The shared memory manager associated with pre-authentication compression in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allowlocal users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the...

7.8CVSS7AI score0.01281EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2019/07/23 1:20 p.m.38 views

CVE-2019-11708

Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent process opening web content chosen by a compromised child process. When combined with additional vulnerabilities this could result in executing...

10CVSS9.3AI score0.55874EPSS
Exploits10
NVD
NVD
added 2019/03/04 8:29 p.m.18 views

CVE-2019-6235

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3, iTunes 12.9.3 for Windows. A sandboxed process may be able to circumvent sandbox restrictions...

10CVSS8.2AI score0.02099EPSS
Exploits0References6
Cvelist
Cvelist
added 2019/03/04 8:0 p.m.25 views

CVE-2019-6235

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3, iTunes 12.9.3 for Windows. A sandboxed process may be able to circumvent sandbox restrictions...

8.3AI score0.02099EPSS
Exploits0References6
Rows per page
Query Builder