Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Mac Os X Security Vulnerabilities - 2021

cve
cve

CVE-2021-1871

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issu...

9.8CVSS

8.6AI Score

0.012EPSS

2021-04-02 07:15 PM
1107
In Wild
9
cve
cve

CVE-2021-1873

An API issue in Accessibility TCC permissions was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave. A malicious application may be able to unexpectedly leak a user's credentials from secure text f...

6.5CVSS

6.5AI Score

0.002EPSS

2021-09-08 03:15 PM
66
cve
cve

CVE-2021-1875

A double free issue was addressed with improved memory management. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing a maliciously crafted file may lead to heap corruption.

7.8CVSS

7.3AI Score

0.001EPSS

2021-09-08 03:15 PM
69
cve
cve

CVE-2021-1876

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS

8.8AI Score

0.004EPSS

2021-09-08 03:15 PM
68
cve
cve

CVE-2021-1878

An integer overflow was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave. An attacker in a privileged network position may be able to leak sensitive user information.

6.5CVSS

6.5AI Score

0.002EPSS

2021-09-08 03:15 PM
66
cve
cve

CVE-2021-1881

An out-of-bounds read was addressed with improved input validation. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing a maliciously crafted font file may lead to arbitrary code ...

7.8CVSS

8AI Score

0.002EPSS

2021-09-08 03:15 PM
73
cve
cve

CVE-2021-1882

A memory corruption issue was addressed with improved validation. This issue is fixed in Security Update 2021-002 Catalina, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. An application may be able to gain elevated privileges.

9.8CVSS

8.2AI Score

0.005EPSS

2021-09-08 03:15 PM
76
cve
cve

CVE-2021-1883

This issue was addressed with improved checks. This issue is fixed in Security Update 2021-004 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, Security Update 2021-003 Catalina, tvOS 14.5, macOS Big Sur 11.3. Processing maliciously crafted server messages may lead to heap corruption.

5.5CVSS

5.8AI Score

0.001EPSS

2021-09-08 03:15 PM
69
cve
cve

CVE-2021-1884

A race condition was addressed with improved locking. This issue is fixed in Security Update 2021-004 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, Security Update 2021-003 Catalina, tvOS 14.5, macOS Big Sur 11.3. A remote attacker may be able to cause a denial of service.

5.9CVSS

6AI Score

0.012EPSS

2021-09-08 03:15 PM
65
cve
cve

CVE-2021-22925

curl supports the -t command line option, known as CURLOPT_TELNETOPTIONSin libcurl. This rarely used option is used to send variable=content pairs toTELNET servers.Due to flaw in the option parser for sending NEW_ENV variables, libcurlcould be made to pass on uninitialized data from a stack based b...

5.3CVSS

6.3AI Score

0.004EPSS

2021-08-05 09:15 PM
365
3
cve
cve

CVE-2021-30652

A race condition was addressed with additional validation. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. A malicious application may be able to gain root privileges.

7CVSS

7AI Score

0.001EPSS

2021-09-08 03:15 PM
77
cve
cve

CVE-2021-30655

An application may be able to execute arbitrary code with system privileges. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina. The issue was addressed with improved permissions logic.

9.8CVSS

8.7AI Score

0.002EPSS

2021-09-08 03:15 PM
56
cve
cve

CVE-2021-30657

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina. A malicious application may bypass Gatekeeper checks. Apple is aware of a report that this issue may have been actively exploited..

5.5CVSS

6.2AI Score

0.57EPSS

2021-09-08 03:15 PM
955
In Wild
3
cve
cve

CVE-2021-30669

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. A malicious application may bypass Gatekeeper checks.

5.5CVSS

6AI Score

0.001EPSS

2021-09-08 03:15 PM
62
cve
cve

CVE-2021-30671

A validation issue was addressed with improved logic. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina. A malicious application may be able to send unauthorized Apple events to Finder.

3.3CVSS

4.6AI Score

0.001EPSS

2021-09-08 03:15 PM
60
cve
cve

CVE-2021-30672

A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. A malicious application may be able to gain root privileges.

7.8CVSS

7.9AI Score

0.001EPSS

2021-09-08 03:15 PM
55
cve
cve

CVE-2021-30673

An access issue was addressed with improved access restrictions. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina. A malicious application may be able to access a user's call history.

5.5CVSS

5.8AI Score

0.001EPSS

2021-09-08 03:15 PM
64
cve
cve

CVE-2021-30676

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. A local user may be able to cause unexpected system termination or read kernel memory.

7.1CVSS

6.6AI Score

0.0004EPSS

2021-09-08 03:15 PM
70
cve
cve

CVE-2021-30677

This issue was addressed with improved environment sanitization. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to break out of its sandbox.

8.8CVSS

7.5AI Score

0.0004EPSS

2021-09-08 03:15 PM
85
cve
cve

CVE-2021-30678

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.

9.8CVSS

8.9AI Score

0.009EPSS

2021-09-08 03:15 PM
64
cve
cve

CVE-2021-30679

This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. An application may be able to gain elevated privileges.

7.8CVSS

8AI Score

0.001EPSS

2021-09-08 03:15 PM
67
cve
cve

CVE-2021-30681

A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be...

7.8CVSS

7.2AI Score

0.001EPSS

2021-09-08 03:15 PM
68
cve
cve

CVE-2021-30683

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. A malicious application could execute arbitrary code leading to compromise of user information.

7.8CVSS

8.2AI Score

0.001EPSS

2021-09-08 03:15 PM
70
cve
cve

CVE-2021-30684

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina. A remote attacker may cause an unexpected application termination or arbitrary code execution.

7.8CVSS

8.4AI Score

0.003EPSS

2021-09-08 03:15 PM
66
cve
cve

CVE-2021-30685

This issue was addressed with improved checks. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. Parsing a maliciously crafted audio file may lead to disclosure of user information.

5.5CVSS

5.4AI Score

0.001EPSS

2021-09-08 03:15 PM
82
cve
cve

CVE-2021-30686

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. Processing a maliciously crafted audio file may disclose restricted memory.

5.5CVSS

5.5AI Score

0.001EPSS

2021-09-08 03:15 PM
72
cve
cve

CVE-2021-30687

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 14.6, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. Processing a maliciously crafted image may lead to disclosure of user i...

5.5CVSS

5.7AI Score

0.001EPSS

2021-09-08 03:15 PM
79
cve
cve

CVE-2021-30688

A malicious application may be able to break out of its sandbox. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina. A path handling issue was addressed with improved validation.

8.8CVSS

7.7AI Score

0.0004EPSS

2021-09-08 03:15 PM
67
cve
cve

CVE-2021-30690

Multiple issues in apache were addressed by updating apache to version 2.4.46. This issue is fixed in Security Update 2021-004 Mojave. Multiple issues in apache.

9.8CVSS

9.1AI Score

0.002EPSS

2021-09-08 03:15 PM
40
cve
cve

CVE-2021-30691

An information disclosure issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted USD file may disclose memory contents.

5.5CVSS

5.5AI Score

0.001EPSS

2021-09-08 03:15 PM
64
cve
cve

CVE-2021-30692

An information disclosure issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted USD file may disclose memory contents.

5.5CVSS

5.5AI Score

0.001EPSS

2021-09-08 03:15 PM
68
cve
cve

CVE-2021-30693

A validation issue was addressed with improved logic. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted image may lead to arbitrary code execution.

7.8CVSS

8AI Score

0.001EPSS

2021-09-08 03:15 PM
77
cve
cve

CVE-2021-30694

An information disclosure issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted USD file may disclose memory contents.

5.5CVSS

5.5AI Score

0.001EPSS

2021-09-08 03:15 PM
72
cve
cve

CVE-2021-30695

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted USD file may disclose memory contents.

5.5CVSS

5.8AI Score

0.001EPSS

2021-09-08 03:15 PM
66
cve
cve

CVE-2021-30696

An attacker in a privileged network position may be able to misrepresent application state. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. A logic issue was addressed with improved state management.

5.9CVSS

6AI Score

0.001EPSS

2021-09-08 03:15 PM
60
cve
cve

CVE-2021-30697

A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. A local user may be able to leak sensitive user information.

5.5CVSS

5.4AI Score

0.0004EPSS

2021-09-08 03:15 PM
74
cve
cve

CVE-2021-30701

This issue was addressed with improved checks. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. Processing a maliciously crafted image may lead to arbitrary code execution.

7.8CVSS

7.7AI Score

0.001EPSS

2021-09-08 03:15 PM
74
cve
cve

CVE-2021-30702

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. A person with physical access to a Mac may be able to bypass Login Window.

4.6CVSS

4.9AI Score

0.001EPSS

2021-09-08 03:15 PM
72
cve
cve

CVE-2021-30703

A double free issue was addressed with improved memory management. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave, macOS Big Sur 11.4, watchOS 7.5. An application may be able to execute arbitrary code with kernel privil...

7.8CVSS

7.9AI Score

0.0004EPSS

2021-09-08 03:15 PM
67
cve
cve

CVE-2021-30704

A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. An application may be able to execute arbitrary code with kernel privileges.

7.8CVSS

7.8AI Score

0.0004EPSS

2021-09-08 03:15 PM
73
cve
cve

CVE-2021-30705

This issue was addressed with improved checks. This issue is fixed in tvOS 14.6, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. Processing a maliciously crafted ASTC file may disclose memory contents.

5.5CVSS

5.8AI Score

0.001EPSS

2021-09-08 03:15 PM
81
cve
cve

CVE-2021-30708

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted USD file may lead to unexpected application termination or ar...

7.8CVSS

8AI Score

0.001EPSS

2021-09-08 03:15 PM
68
cve
cve

CVE-2021-30709

This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted USD file may disclose memory contents.

5.5CVSS

5.8AI Score

0.001EPSS

2021-09-08 03:15 PM
67
cve
cve

CVE-2021-30710

A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 14.6, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. A malicious application may cause a denial of service or potential...

7.1CVSS

6.9AI Score

0.001EPSS

2021-09-08 03:15 PM
81
cve
cve

CVE-2021-30712

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.

7.8CVSS

8.3AI Score

0.003EPSS

2021-09-08 03:15 PM
72
cve
cve

CVE-2021-30713

A permissions issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.4. A malicious application may be able to bypass Privacy preferences. Apple is aware of a report that this issue may have been actively exploited..

7.8CVSS

6.8AI Score

0.006EPSS

2021-09-08 03:15 PM
952
In Wild
cve
cve

CVE-2021-30715

A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. Processing a maliciously crafted message may lead to a denial of service.

7.5CVSS

6.7AI Score

0.002EPSS

2021-09-08 03:15 PM
83
cve
cve

CVE-2021-30716

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. An attacker in a privileged network position may be able to perform denial of service.

5.9CVSS

6AI Score

0.001EPSS

2021-09-08 03:15 PM
73
cve
cve

CVE-2021-30717

A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. An attacker in a privileged network position may be able to execute arbitrary code.

8.1CVSS

8.1AI Score

0.004EPSS

2021-09-08 03:15 PM
67
cve
cve

CVE-2021-30719

A local user may be able to cause unexpected system termination or read kernel memory. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina. An out-of-bounds read issue was addressed by removing the vulnerable code.

7.1CVSS

7AI Score

0.0004EPSS

2021-09-08 03:15 PM
61
Total number of security vulnerabilities331