CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-27904
https://notcve.org/view.php?id=CVE-2020-27904
A logic issue existed resulting in memory corruption. This was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1. An application may be able to execute arbitrary code with kernel privileges. Se presentó un problema lógico resultando en una corrupción de la memoria. • http://seclists.org/fulldisclosure/2020/Dec/32 http://seclists.org/fulldisclosure/2021/Feb/14 https://support.apple.com/en-us/HT211931 https://support.apple.com/kb/HT212147 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-27900
https://notcve.org/view.php?id=CVE-2020-27900
An issue existed in the handling of snapshots. The issue was resolved with improved permissions logic. This issue is fixed in macOS Big Sur 11.0.1. A malicious application may be able to preview files it does not have access to. Se presentó un problema en el manejo de snapshots. • http://seclists.org/fulldisclosure/2020/Dec/32 https://support.apple.com/en-us/HT211931 •
CVSS: 6.3EPSS: 0%CPEs: 18EXPL: 0CVE-2020-10014
https://notcve.org/view.php?id=CVE-2020-10014
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Big Sur 11.0.1. A malicious application may be able to break out of its sandbox. Se abordó un problema de análisis en el manejo de rutas de directorio con una comprobación de rutas mejorada. Este problema se corrigió en macOS Big Sur versión 11.0.1. • http://seclists.org/fulldisclosure/2020/Dec/26 http://seclists.org/fulldisclosure/2020/Dec/32 https://support.apple.com/en-us/HT211931 https://support.apple.com/kb/HT212011 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.1EPSS: 0%CPEs: 18EXPL: 0CVE-2020-10012
https://notcve.org/view.php?id=CVE-2020-10012
An access issue was addressed with improved access restrictions. This issue is fixed in macOS Big Sur 11.0.1. Processing a maliciously crafted document may lead to a cross site scripting attack. Se abordó un problema de acceso con unas restricciones de acceso mejoradas. Este problema se corrigió en macOS Big Sur versión 11.0.1. • http://seclists.org/fulldisclosure/2020/Dec/26 http://seclists.org/fulldisclosure/2020/Dec/32 https://support.apple.com/en-us/HT211931 https://support.apple.com/kb/HT212011 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2020-9972
https://notcve.org/view.php?id=CVE-2020-9972
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 14.0 and iPadOS 14.0. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution. Se abordó un problema de desbordamiento del búfer con un manejo de la memoria mejorada. Este problema se corrigió en iOS versión 14.0 y iPadOS versión 14.0. • https://support.apple.com/en-us/HT211850 https://support.apple.com/kb/HT212003 https://support.apple.com/kb/HT212005 https://support.apple.com/kb/HT212011 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •