Macos Security Vulnerabilities and Issues — Page 6 of Macos CVE List

6.5CVSS6.5AI score0.00501EPSS

CVE-2021-1878

An integer overflow was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave. An attacker in a privileged network position may be able to leak sensitive user information.

5.9CVSS6AI score0.01006EPSS

CVE-2021-1884

A race condition was addressed with improved locking. This issue is fixed in Security Update 2021-004 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, Security Update 2021-003 Catalina, tvOS 14.5, macOS Big Sur 11.3. A remote attacker may be able to cause a denial of service.

7.8CVSS8.4AI score0.00429EPSS

CVE-2021-30684

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina. A remote attacker may cause an unexpected application termination or arbitrary code execution.

7.8CVSS7.9AI score0.0032EPSS

CVE-2021-30703

A double free issue was addressed with improved memory management. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave, macOS Big Sur 11.4, watchOS 7.5. An application may be able to execute arbitrary code with kernel privil...

CVE•added 2021/08/24 7:15 p.m.•80 views

CVE-2021-30899

A race condition was addressed with improved state handling. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. A malicious application may be able to execute arbitrary code with kernel privileges.

7.6CVSS6.8AI score0.002EPSS

CVE•added 2021/08/24 7:15 p.m.•80 views

CVE-2021-30924

A denial of service issue was addressed with improved state handling. This issue is fixed in macOS Monterey 12.0.1. A remote attacker can cause a device to unexpectedly restart.

7.8CVSS6.9AI score0.0088EPSS

CVE•added 2021/08/24 7:15 p.m.•80 views

CVE-2021-30960

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, tvOS 15.2. Parsing a maliciously crafted audio file may lead to disclosure of user information.

5.5CVSS5.9AI score0.00439EPSS

CVE•added 2021/04/02 6:15 p.m.•79 views

CVE-2020-27931

A memory corruption issue existed in the processing of font files. This issue was addressed with improved input validation. This issue is fixed in iOS 14.0 and iPadOS 14.0, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1, watchOS 7.0, tvO...

7.8CVSS7.9AI score0.00433EPSS

CVE•added 2021/04/02 6:15 p.m.•79 views

CVE-2021-1737

An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Processing a maliciously crafted image may lead to arbitrary code execution.

7.8CVSS8.3AI score0.00364EPSS

CVE•added 2021/09/08 3:15 p.m.•79 views

CVE-2021-30676

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. A local user may be able to cause unexpected system termination or read kernel memory.

7.1CVSS6.6AI score0.00041EPSS

CVE•added 2021/09/08 3:15 p.m.•79 views

CVE-2021-30688

A malicious application may be able to break out of its sandbox. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina. A path handling issue was addressed with improved validation.

8.8CVSS7.7AI score0.00108EPSS

CVE•added 2021/09/08 2:15 p.m.•79 views

CVE-2021-30722

An information disclosure issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. An attacker in a privileged network position may be able to leak sensitive user information.

5.9CVSS5.6AI score0.00481EPSS

CVE•added 2021/09/08 2:15 p.m.•79 views

CVE-2021-30759

A stack overflow was addressed with improved input validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-005 Mojave, Security Update 2021-004 Catalina. Processing a maliciously crafted font file may lead to arbitrary code execution.

7.8CVSS8.2AI score0.01003EPSS

CVE•added 2021/09/08 2:15 p.m.•79 views

CVE-2021-30798

A logic issue was addressed with improved state management. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6. A malicious application may be able to bypass certain Privacy preferences.

7.8CVSS6.9AI score0.00352EPSS

CVE•added 2021/10/28 7:15 p.m.•79 views

CVE-2021-30814

A memory corruption issue was addressed with improved input validation. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted image may lead to arbitrary code execution.

7.8CVSS8.1AI score0.00634EPSS

CVE•added 2021/08/24 7:15 p.m.•79 views

CVE-2021-30901

Multiple out-of-bounds write issues were addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. A malicious application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.5AI score0.00258EPSS

CVE•added 2021/08/24 7:15 p.m.•79 views

CVE-2021-30975

This issue was addressed by disabling execution of JavaScript when viewing a scripting dictionary. This issue is fixed in macOS Monterey 12.1, Security Update 2021-008 Catalina, macOS Big Sur 11.6.2. A malicious OSAX scripting addition may bypass Gatekeeper checks and circumvent sandbox restriction...

8.6CVSS7.9AI score0.00264EPSS

7.8CVSS6.9AI score0.00352EPSS

CVE-2020-29614

This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. Processing a mal...

7.8CVSS8AI score0.00462EPSS

CVE-2021-1742

This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted image may lead to arbitrary code execution.

5.5CVSS5.7AI score0.00173EPSS

CVE-2021-1773

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted image may lead to a denial of service.

7.8CVSS8AI score0.00402EPSS

CVE-2021-1774

CVE•added 2021/09/08 3:15 p.m.•78 views

CVE-2021-1824

This issue was addressed with improved entitlements. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina. A malicious application with root privileges may be able to access private information.

4.9CVSS5.4AI score0.0005EPSS

CVE•added 2021/09/08 3:15 p.m.•78 views

CVE-2021-30709

This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted USD file may disclose memory contents.

5.5CVSS5.8AI score0.00244EPSS

CVE•added 2021/09/08 3:15 p.m.•78 views

CVE-2021-30719

A local user may be able to cause unexpected system termination or read kernel memory. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina. An out-of-bounds read issue was addressed by removing the vulnerable code.

7.1CVSS7AI score0.00031EPSS

CVE•added 2021/09/08 2:15 p.m.•78 views

CVE-2021-30739

A local attacker may be able to elevate their privileges. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. A memory corruption issue was addressed with improved validation.

7.8CVSS7.6AI score0.00069EPSS

CVE•added 2021/09/08 2:15 p.m.•78 views

CVE-2021-30792

An out-of-bounds write was addressed with improved input validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5. Processing a maliciously crafted image may lead to arbitrary code execution.

7.8CVSS8.1AI score0.00475EPSS

CVE•added 2021/10/19 2:15 p.m.•78 views

CVE-2021-30850

An access issue was addressed with improved access restrictions. This issue is fixed in Security Update 2021-005 Catalina, macOS Big Sur 11.6, tvOS 15. A user may gain access to protected parts of the file system.

7.1CVSS5.5AI score0.00222EPSS

CVE•added 2021/08/24 7:15 p.m.•78 views

CVE-2021-30873

A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1. A malicious application may be able to elevate privileges.

7.8CVSS6.7AI score0.00223EPSS

CVE•added 2021/08/24 7:15 p.m.•78 views

CVE-2021-30912

The issue was addressed with improved permissions logic. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. A malicious application may gain access to a user's Keychain items.

5.5CVSS5.3AI score0.00178EPSS

CVE•added 2021/08/24 7:15 p.m.•78 views

CVE-2021-30980

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. An application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.7AI score0.00591EPSS

7.8CVSS7AI score0.00352EPSS

CVE-2020-29617

An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 14.3, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, iCloud for Windows 12.0, watchOS 7.2. Processing a maliciously crafted image may le...

7.8CVSS7.6AI score0.00395EPSS

CVE-2020-9956

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, tvOS 14.0, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, watchOS 7.0, iOS 14.0 and iPadOS 14.0. Processing a maliciously crafted font file may l...

4.5CVSS4.8AI score0.00157EPSS

CVE-2020-9978

This issue was addressed with improved setting propagation. This issue is fixed in macOS Big Sur 11.0.1, tvOS 14.0, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, watchOS 7.0, iOS 14.0 and iPadOS 14.0. An attacker in a privileged network position may be able...

7.8CVSS7AI score0.0012EPSS

CVE-2021-1757

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A local attacker may be able to elevate their privileges.

7.5CVSS7.2AI score0.01185EPSS

CVE-2021-1764

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause a denial of service.

5.5CVSS5.6AI score0.00173EPSS

CVE-2021-1778

An out-of-bounds read issue existed in the curl. This issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted ...