Macos Security Vulnerabilities and Issues — Macos CVE List

Lucene search

AppleMacos

38 matches found

CVE•added 2021/10/19 2:15 p.m.•1053 views

CVE-2021-30807

A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.5.1, iOS 14.7.1 and iPadOS 14.7.1, watchOS 7.6.1. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been acti...

9.3CVSS8AI score0.1775EPSS

CVE•added 2021/10/28 7:15 p.m.•630 views

CVE-2021-30836

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted audio file may disclose restricted memory.

5.5CVSS5.8AI score0.00221EPSS

CVE•added 2021/10/19 2:15 p.m.•282 views

CVE-2021-30849

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, watchOS 8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.

7.8CVSS8.5AI score0.00321EPSS

CVE•added 2021/10/19 2:15 p.m.•198 views

CVE-2021-30846

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution.

7.8CVSS8.3AI score0.00518EPSS

CVE•added 2021/10/28 7:15 p.m.•179 views

CVE-2021-30818

A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, Safari 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.6AI score0.00333EPSS

CVE•added 2021/10/28 7:15 p.m.•169 views

CVE-2021-30823

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 14.8 and iPadOS 14.8, tvOS 15, Safari 15, watchOS 8. An attacker in a privileged network position may be able to bypass HSTS.

6.5CVSS6AI score0.00502EPSS

CVE•added 2021/10/28 7:15 p.m.•168 views

CVE-2021-30809

A use after free issue was addressed with improved memory management. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.7AI score0.00589EPSS

CVE•added 2021/10/19 2:15 p.m.•163 views

CVE-2021-30848

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution.

7.8CVSS8AI score0.00326EPSS

CVE•added 2021/10/19 2:15 p.m.•103 views

CVE-2021-30835

This issue was addressed with improved checks. This issue is fixed in Security Update 2021-005 Catalina, iTunes 12.12 for Windows, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing a maliciously crafted image may lead to arbitrary code execution.

7.8CVSS7.9AI score0.00402EPSS

CVE•added 2021/10/19 2:15 p.m.•99 views

CVE-2021-30843

This issue was addressed with improved checks. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, Security Update 2021-005 Catalina, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing a maliciously crafted dfont file may lead to arbitrary code execution.

7.8CVSS7.7AI score0.0027EPSS

CVE•added 2021/10/19 2:15 p.m.•94 views

CVE-2021-30847

This issue was addressed with improved checks. This issue is fixed in watchOS 8, macOS Big Sur 11.6, Security Update 2021-005 Catalina, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for Windows. Processing a maliciously crafted image may lead to arbitrary code execution.

7.8CVSS7.7AI score0.00402EPSS

CVE•added 2021/10/28 7:15 p.m.•91 views

CVE-2021-30821

A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. A malicious application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.5AI score0.00292EPSS

CVE•added 2021/10/19 2:15 p.m.•90 views

CVE-2021-30832

A memory corruption issue was addressed with improved state management. This issue is fixed in Security Update 2021-005 Catalina, macOS Big Sur 11.6. A local attacker may be able to elevate their privileges.

7.8CVSS6.9AI score0.00067EPSS

CVE•added 2021/10/28 7:15 p.m.•89 views

CVE-2021-30831

An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted font may result in the disclosure of process memory.

5.5CVSS5.6AI score0.00244EPSS

CVE•added 2021/10/19 2:15 p.m.•88 views

CVE-2021-30841

7.8CVSS7.7AI score0.0027EPSS

CVE•added 2021/10/28 7:15 p.m.•87 views

CVE-2021-30833

This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.0.1. Unpacking a maliciously crafted archive may allow an attacker to write arbitrary files.

5.5CVSS5.6AI score0.02138EPSS

CVE•added 2021/10/19 2:15 p.m.•87 views

CVE-2021-30842

7.8CVSS7.7AI score0.0027EPSS

CVE•added 2021/10/19 2:15 p.m.•83 views

CVE-2021-30828

This issue was addressed with improved checks. This issue is fixed in Security Update 2021-005 Catalina, macOS Big Sur 11.6. A local user may be able to read arbitrary files as root.

5.5CVSS5.3AI score0.00042EPSS

CVE•added 2021/10/28 7:15 p.m.•83 views

CVE-2021-30834

A logic issue was addressed with improved state management. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, watchOS 8, Security Update 2021-007 Catalina. Processing a malicious audio file may result in unexpected application termination or arbitrary code execution.

7.8CVSS7.8AI score0.00344EPSS

CVE•added 2021/10/28 7:15 p.m.•82 views

CVE-2021-30808

This issue was addressed with improved checks. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. A malicious application may be able to modify protected parts of the file system.

5.5CVSS5.5AI score0.00289EPSS

CVE•added 2021/10/28 7:15 p.m.•79 views

CVE-2021-30814

A memory corruption issue was addressed with improved input validation. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted image may lead to arbitrary code execution.

7.8CVSS8.1AI score0.00634EPSS

CVE•added 2021/10/19 2:15 p.m.•78 views

CVE-2021-30850

An access issue was addressed with improved access restrictions. This issue is fixed in Security Update 2021-005 Catalina, macOS Big Sur 11.6, tvOS 15. A user may gain access to protected parts of the file system.

7.1CVSS5.5AI score0.00222EPSS

CVE•added 2021/10/28 7:15 p.m.•77 views

CVE-2021-30824

A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. A malicious application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.5AI score0.00292EPSS

CVE•added 2021/10/19 2:15 p.m.•76 views

CVE-2021-30811

This issue was addressed with improved checks. This issue is fixed in iOS 15 and iPadOS 15, watchOS 8. A local attacker may be able to read sensitive information.

5.5CVSS5.5AI score0.00096EPSS

CVE•added 2021/10/19 2:15 p.m.•75 views

CVE-2021-30844

A logic issue was addressed with improved state management. This issue is fixed in Security Update 2021-005 Catalina, macOS Big Sur 11.6. A remote attacker may be able to leak memory.

7.5CVSS6.6AI score0.00764EPSS

CVE•added 2021/10/28 7:15 p.m.•73 views

CVE-2021-30813

This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.0.1. A person with access to a host Mac may be able to bypass the Login Window in Remote Desktop for a locked instance of macOS.

6.5CVSS6.2AI score0.00055EPSS

CVE•added 2021/10/28 7:15 p.m.•70 views

CVE-2021-1821

A logic issue was addressed with improved state management. This issue is fixed in watchOS 7.6, macOS Big Sur 11.5. Visiting a maliciously crafted webpage may lead to a system denial of service.

7.1CVSS6.1AI score0.0022EPSS

CVE•added 2021/10/19 2:15 p.m.•69 views

CVE-2021-30827

A permissions issue existed. This issue was addressed with improved permission validation. This issue is fixed in Security Update 2021-005 Catalina, macOS Big Sur 11.6. A local attacker may be able to elevate their privileges.

7.8CVSS6.6AI score0.00025EPSS

CVE•added 2021/10/28 7:15 p.m.•66 views

CVE-2020-10005

A resource exhaustion issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1. An attacker in a privileged network position may be able to perform denial of service.

6.5CVSS5.7AI score0.00243EPSS

CVE•added 2021/10/19 2:15 p.m.•65 views

CVE-2021-30819

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 15 and iPadOS 15. Processing a maliciously crafted USD file may disclose memory contents.

5.5CVSS5.8AI score0.00245EPSS

CVE•added 2021/10/28 7:15 p.m.•65 views

CVE-2021-30840

This issue was addressed with improved checks. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted dfont file may lead to arbitrary code execution.

7.8CVSS7.8AI score0.00376EPSS

CVE•added 2021/10/19 2:15 p.m.•63 views

CVE-2021-30829

A URI parsing issue was addressed with improved parsing. This issue is fixed in Security Update 2021-005 Catalina, macOS Big Sur 11.6. A local user may be able to execute arbitrary files.

7.8CVSS7AI score0.00039EPSS

CVE•added 2021/10/19 2:15 p.m.•63 views

CVE-2021-30838

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 15 and iPadOS 15. A malicious application may be able to execute arbitrary code with system privileges on devices with an Apple Neural Engine.

9.3CVSS8AI score0.00235EPSS

CVE•added 2021/10/19 2:15 p.m.•61 views

CVE-2021-30830

A memory corruption issue was addressed with improved memory handling. This issue is fixed in Security Update 2021-005 Catalina, macOS Big Sur 11.6. A malicious application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.5AI score0.00195EPSS

CVE•added 2021/10/28 7:15 p.m.•59 views

CVE-2020-9897

An out-of-bounds write was addressed with improved input validation. This issue is fixed in iOS 14.2 and iPadOS 14.2, macOS Big Sur 11.0.1. Processing a maliciously crafted PDF may lead to arbitrary code execution.

7.8CVSS7.7AI score0.00299EPSS

CVE•added 2021/10/19 2:15 p.m.•57 views

CVE-2021-30845

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.6. A local user may be able to read kernel memory.

5.5CVSS5.4AI score0.00053EPSS

CVE•added 2021/10/28 7:15 p.m.•56 views

CVE-2020-29629

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1. A malicious application may be able to read restricted memory.

5.5CVSS5.5AI score0.003EPSS

CVE•added 2021/10/28 7:15 p.m.•53 views

CVE-2021-30817

A permissions issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.5. A malicious application may be able to access data about the accounts the user is using Family Sharing with.

5.5CVSS5.8AI score0.00171EPSS