CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-30757
https://notcve.org/view.php?id=CVE-2021-30757
08 Sep 2021 — This issue was addressed by enabling hardened runtime. This issue is fixed in iMovie 10.2.4. Entitlements and privacy permissions granted to this app may be used by a malicious app. Se abordó este problema al habilitar el tiempo de ejecución endurecido. Este problema se corrigió en iMovie versión 10.2.4. • https://support.apple.com/en-us/HT212549 •
CVSS: 7.1EPSS: 19%CPEs: 14EXPL: 2CVE-2007-0646 – Apple Mac OSX 10.4.x - iMovie HD '.imovieproj' Filename Format String
https://notcve.org/view.php?id=CVE-2007-0646
01 Feb 2007 — Format string vulnerability in iMovie HD 6.0.3, and Safari in Apple Mac OS X 10.4 through 10.4.10, allows remote user-assisted attackers to cause a denial of service (crash) via format string specifiers in a filename, which is not properly handled when calling the NSRunCriticalAlertPanel Apple AppKit function. Una vulnerabilidad de cadena de formato en iMovie HD versión 6.0.3 y Safari en Apple Mac OS X versiones 10.4 hasta 10.4.10, permite a atacantes remotos asistidos por el usuario causar una denegación d... • https://www.exploit-db.com/exploits/29551 • CWE-134: Use of Externally-Controlled Format String •