7652 matches found
CVE-2021-1792
CVE-2021-1792 is an out-of-bounds read in Apple's CoreText/TFF parsing that could allow remote code execution. Fixed in macOS Big Sur 11.2 and Security Update 2021-001 for Catalina/Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4; root cause described as improved bounds checking. ZDI note...
CVE-2021-1778
An out-of-bounds read issue existed in the curl. This issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafte...
CVE-2021-1768
CVE-2021-1768 is an out-of-bounds read issue resolved by Apple with improved bounds checking. Fixed in macOS Big Sur 11.2, Catalina 2021-001, Mojave 2021-001, and iOS/iPadOS 14.4. Processing a malicious USD file may cause app termination or arbitrary code execution. No exploitation details are pr...
CVE-2021-1768
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted USD file may lead to unexpected application termination or...
CVE-2021-1763
A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted USD file may lead to unexpected application termination or...
CVE-2021-1757
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A local attacker may be able to elevate their privileges...
CVE-2021-1757
CVE-2021-1757 is an out-of-bounds read vulnerability addressed with improved bounds checking. It affects Apple OS components and is fixed in macOS Big Sur 11.2, Catalina 11.1 security updates (Security Update 2021-001 for Catalina), Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A loca...
CVE-2021-1758
CVE-2021-1758 is described in the public records as an out-of-bounds read that was addressed with improved bounds checking. It is fixed in macOS Big Sur 11.2, macOS Security Update 2021-001 Catalina and Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. The issue could allow a remote attac...
CVE-2021-1743
CVE-2021-1743 describes an out-of-bounds read that was mitigated by improved bounds checking. The issue is fixed in Apple platforms: macOS Big Sur 11.2; macOS Security Update 2021-001 for Catalina and Mojave; watchOS 7.3; tvOS 14.4; iOS 14.4; and iPadOS 14.4. Affected action: processing a malicio...
CVE-2020-29611
CVE-2020-29611 is an out-of-bounds write in ImageIO that could lead to arbitrary code execution when processing a malicious image. Apple lists fixes across multiple products/updates: tvOS 14.3, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 / iPad...
CVE-2020-29611
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 14.3, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, iCloud for Windows 12.0, watchOS 7.2. Processing a maliciously crafted imag...
CVE-2020-29608
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.3, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS...
CVE-2020-29612
CVE-2020-29612 is an out-of-bounds write vulnerability in macOS components that Apple addressed with improved bounds checking. The issue could allow a malicious application to execute arbitrary code with system privileges, but the available documents only confirm the vulnerability and its fix, no...
CVE-2020-27948
The CVE-2020-27948 entry concerns an out-of-bounds write vulnerability in CoreAudio that could allow arbitrary code execution when processing a malicious audio file. Affected Apple platforms and releases include watchOS 7.2, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2...
CVE-2020-27948
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in watchOS 7.2, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. Processing a maliciously crafted audio file may lead to...
CVE-2020-10015
CVE-2020-10015 is an out-of-bounds write vulnerability that, if exploited, could allow an attacker to execute arbitrary code with kernel privileges on affected Apple macOS versions. The NVD entry states the issue is addressed by improved bounds checking and is fixed in macOS Big Sur 11.1, Securit...
CVE-2020-27897
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1. An application may be able to execute arbitrary code with kernel privileges...
CVE-2020-9955
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in watchOS 7.0, tvOS 14.0, iOS 14.0 and iPadOS 14.0, macOS Big Sur 11.0.1. Processing a maliciously crafted image may lead to arbitrary code execution...
CVE-2020-9955
CVE-2020-9955 is an ImageIO out-of-bounds write vulnerability in Apple platforms. Apple reports that processing a maliciously crafted image may lead to arbitrary code execution. Concrete details across connected sources show the issue affecting ImageIO on iOS 14.0 / iPadOS 14.0, tvOS 14.0, watchO...
MGASA-2021-0167 Updated rpm packages fix security vulnerabilities
This update from 4.16.1.2 to 4.16.1.3 fixes bugs several bugs the RPM package manager, including several security issues: Fix arbitrary data copied from signature header past signature checking CVE-2021-3421 Fix signature check bypass with corrupted package CVE-2021-20271 Fix missing bounds check...