38 matches found
EUVD-2021-17672
Malware in sbrugna...
CVE-2021-30771
An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.4, iOS 14.6 and iPadOS 14.6, watchOS 7.5, tvOS 14.6. Processing a maliciously crafted font file may lead to arbitrary code execution...
CVE-2021-30771
The CVE-2021-30771 entry affects Appleās FontParser component (macOS Big Sur 11.4, iOS 14.6/iPadOS 14.6, watchOS 7.5, tvOS 14.6). It is caused by an out-of-bounds write when processing a maliciously crafted font file, with the impact described as arbitrary code execution. Appleās advisory indicat...
CVE-2021-30718
This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.4. A non-privileged user may be able to modify restricted settings...
CVE-2021-30713
A permissions issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.4. A malicious application may be able to bypass Privacy preferences. Apple is aware of a report that this issue may have been actively exploited...
CVE-2021-30702
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. A person with physical access to a Mac may be able to bypass Login Window...
CVE-2021-30696
An attacker in a privileged network position may be able to misrepresent application state. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. A logic issue was addressed with improved state management...
CVE-2021-30680
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4. A local user may be able to load unsigned kernel extensions...
CVE-2021-30677
This issue was addressed with improved environment sanitization. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to break out of its sandbox...
CVE-2021-30672
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. A malicious application may be able to gain root privileges...
Code injection
A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. A local user may be able to leak sensitive user information...
Code injection
This issue was addressed with improved checks. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. Processing a maliciously crafted image may lead to arbitrary code execution...
Cross site scripting
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 14.6, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. Processing a maliciously crafted image may lead to disclosure of user...
CVE-2021-30682
A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to leak sensitive user information...
CVE-2021-30685
The CVE-2021-30685 issue concerns Apple platforms where parsing a maliciously crafted audio file may lead to disclosure of user information. Affected: tvOS 14.6, iOS 14.6, iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. Root cause: improved checks addressed the is...
CVE-2021-30682
A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to leak sensitive user information...
CVE-2021-30689
A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to universal cross site scripting...
CVE-2021-30713
CVE-2021-30713 affects macOS Big Sur 11.4 and concerns the TCC (Transparency, Consent, and Control) subsystem. The vulnerability is described as a permissions issue that could allow a malicious application to bypass Privacy preferences, with the fix implemented in Big Sur 11.4. Related sources co...
CVE-2021-30700
Technical details about CVE-2021-30700 are not publicly provided in the supplied documents. Monitor for updates from Apple and security advisories.
CVE-2021-30705
CVE-2021-30705 describes a memory-disclosure issue when Processing a maliciously crafted ASTC file. Apple states this was fixed by improved checks and updates across multiple platforms: tvOS 14.6, iOS 14.6 and iPadOS 14.6, macOS Big Sur 11.4, watchOS 7.5, plus Security Updates Mojave 2021-004 and...