Lucene search
K

8358 matches found

Prion
Prion
added 2021/04/02 6:15 p.m.17 views

Input validation

An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A...

7.1CVSS5.3AI score0.01215EPSS
Exploits0References4Affected Software6
Prion
Prion
added 2021/04/02 6:15 p.m.22 views

Cross site scripting

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted image may lead to arbitrary code...

6.8CVSS7.9AI score0.0102EPSS
Exploits0References4Affected Software6
Prion
Prion
added 2021/04/02 6:15 p.m.25 views

Memory corruption

A memory corruption issue existed in the processing of font files. This issue was addressed with improved input validation. This issue is fixed in iOS 14.0 and iPadOS 14.0, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1, watchOS 7.0,...

6.8CVSS7.9AI score0.00994EPSS
Exploits0References5Affected Software5
Prion
Prion
added 2021/04/02 6:15 p.m.21 views

Input validation

An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing maliciously crafted web content may lead to code executi...

6.8CVSS7.8AI score0.00901EPSS
Exploits0References4Affected Software6
Prion
Prion
added 2021/04/02 6:15 p.m.21 views

Design/Logic Flaw

An out-of-bounds read issue existed in the curl. This issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafte...

4.3CVSS5.6AI score0.00767EPSS
Exploits0References4Affected Software6
UbuntuCve
UbuntuCve
added 2021/04/02 6:15 p.m.30 views

CVE-2020-9926

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, iCloud for Windows 7.20, macOS Catalina 10.15.6, Security Update 2020-004 Mojave, Security Update 2020-004 High Sierra. Processing maliciously crafted...

7.8CVSS7.1AI score0.01012EPSS
Exploits0References6
Cvelist
Cvelist
added 2021/04/02 6:10 p.m.19 views

CVE-2021-1818

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause unexpected application termination or...

9AI score0.02859EPSS
Exploits0References4
CVE
CVE
added 2021/04/02 6:10 p.m.124 views

CVE-2021-1818

CVE-2021-1818 is a logic‑level issue in Apple OS components that Apple fixed across macOS Big Sur 11.2, macOS Security Update 2021‑001 for Catalina and Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4, and iPadOS 14.4. Root cause: improved state management addressing a logic flaw. Impact: remote attacker...

9.8CVSS8.2AI score0.02859EPSS
Exploits0References4Affected Software6
CVE
CVE
added 2021/04/02 6:7 p.m.1166 views

CVE-2021-1879

CVE-2021-1879 affects Apple WebKit/WebKit-based parsing in iOS/iPadOS/watchOS (WebKit component). The issue is a cross-site scripting vulnerability triggered by processing malicious web content, potentially leading to universal XSS. Root cause: improved management of object lifetimes in WebKit/CS...

6.1CVSS6AI score0.07082EPSS
In wildExploits0References4Affected Software3
Cvelist
Cvelist
added 2021/04/02 6:7 p.m.27 views

CVE-2021-1879

This issue was addressed by improved management of object lifetimes. This issue is fixed in iOS 12.5.2, iOS 14.4.2 and iPadOS 14.4.2, watchOS 7.3.3. Processing maliciously crafted web content may lead to universal cross site scripting. Apple is aware of a report that this issue may have been...

5.8AI score0.07082EPSS
Exploits0References3
Cvelist
Cvelist
added 2021/04/02 6:7 p.m.31 views

CVE-2021-1844

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and iPadOS 14.4.1, Safari 14.0.3 v. 14610.4.3.1.7 and 15610.4.3.1.7, watchOS 7.3.2, macOS Big Sur 11.2.3. Processing maliciously crafted web content may lead to arbitrary code execution...

9.2AI score0.02368EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2021/04/02 6:7 p.m.45 views

CVE-2021-1844

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and iPadOS 14.4.1, Safari 14.0.3 v. 14610.4.3.1.7 and 15610.4.3.1.7, watchOS 7.3.2, macOS Big Sur 11.2.3. Processing maliciously crafted web content may lead to arbitrary code execution...

8.8CVSS3.2AI score0.02368EPSS
Exploits0
CVE
CVE
added 2021/04/02 6:7 p.m.354 views

CVE-2021-1844

CVE-2021-1844 is a memory corruption vulnerability in WebKit/WebKitGTK/WebKitGTK-related workflows triggered by processing malicious web content, with potential arbitrary code execution. Affected components include WebKit/WebKitGTK in Apple products (Safari 14.0.3 and iOS/iPadOS/macOS updates) an...

8.8CVSS9.1AI score0.02368EPSS
Exploits0References8Affected Software6
AlpineLinux
AlpineLinux
added 2021/04/02 6:7 p.m.57 views

CVE-2021-1844

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and iPadOS 14.4.1, Safari 14.0.3 v. 14610.4.3.1.7 and 15610.4.3.1.7, watchOS 7.3.2, macOS Big Sur 11.2.3. Processing maliciously crafted web content may lead to arbitrary code execution...

8.8CVSS9.4AI score0.02368EPSS
Exploits0
CVE
CVE
added 2021/04/02 6:6 p.m.1318 views

CVE-2021-1870

CVE-2021-1870 affects WebKitGTK/WebKitGTK-based packages (e.g., Arch Linux webkitgtk4) prior to version 2.30.6. A remote attacker could craft web content to cause arbitrary code execution. Upstream fix is in 2.30.6; Arch advisories (ASA-202103-24/25) and CVE listings confirm the vulnerability and...

9.8CVSS8.6AI score0.07921EPSS
In wildExploits0References6Affected Software4
Debian CVE
Debian CVE
added 2021/04/02 6:6 p.m.53 views

CVE-2021-1870

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this...

9.8CVSS3.3AI score0.07921EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2021/04/02 6:6 p.m.54 views

CVE-2021-1870

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this...

9.8CVSS9.3AI score0.07921EPSS
Exploits0
Cvelist
Cvelist
added 2021/04/02 6:5 p.m.33 views

CVE-2021-1801

This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Maliciously crafted web content may violate iframe sandboxing policy...

7AI score0.01515EPSS
Exploits0References7
AlpineLinux
AlpineLinux
added 2021/04/02 6:5 p.m.48 views

CVE-2021-1801

This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Maliciously crafted web content may violate iframe sandboxing policy...

6.5CVSS7.2AI score0.01515EPSS
Exploits0
CVE
CVE
added 2021/04/02 6:4 p.m.344 views

CVE-2021-1799

The CVE-2021-1799 entry describes a port redirection issue in WebKitGTK/WebKit allowing a malicious website to access restricted ports on arbitrary servers. Connected advisories confirm this impacts WebKitGTK and WPE WebKit upstream, with fixes implemented in WebKitGTK prior to 2.30.6 (and in ven...

6.5CVSS6.6AI score0.01771EPSS
Exploits0References8Affected Software6
Rows per page
Query Builder