CVSS: 7.8EPSS: 0%CPEs: 32EXPL: 0CVE-2021-30693 – Apple macOS ModelIO USD Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-30693
26 May 2021 — A validation issue was addressed with improved logic. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted image may lead to arbitrary code execution. Se abordó un problema de comprobación con una lógica mejorada. Este problema es corregido en macOS Big Sur versión 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave, iOS versión 14.6 y iPadOS versión 14.6. • https://support.apple.com/en-us/HT212528 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 30EXPL: 0CVE-2021-30679 – Apple Security Advisory 2021-05-25-4
https://notcve.org/view.php?id=CVE-2021-30679
26 May 2021 — This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. An application may be able to gain elevated privileges. Se abordó este problema al eliminar el código vulnerable. Este problema es corregido en macOS Big Sur versión 11.4, Security Update 2021-003 Catalina y Security Update 2021-004 Mojave. • https://support.apple.com/en-us/HT212529 •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0CVE-2021-30686 – Apple macOS AudioCodecs LOAS File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-30686
26 May 2021 — An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. Processing a maliciously crafted audio file may disclose restricted memory. Se abordó una lectura fuera de límites con una comprobación de límites mejorada. Este problema es corregido en tvOS versión 14.6, iOS versión 14.6 y iPadOS versión 14.6, Security Update 2021-003 Catalina, macOS Big Sur versión 11.4, watchOS ... • https://support.apple.com/en-us/HT212528 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2021-30734 – Apple Safari Integer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-30734
26 May 2021 — Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to arbitrary code execution. Se abordaron múltiples problemas de corrupción de la memoria con un manejo de la memoria mejorada. Este problema se corrigió en tvOS versión 14.6, iOS versión 14.6 e iPadOS versión 14.6, Safari versión 14.1.1, macOS Big Sur versión 11.4, watch... • https://support.apple.com/en-us/HT212528 • CWE-20: Improper Input Validation CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2021-30673 – Apple Security Advisory 2021-05-25-4
https://notcve.org/view.php?id=CVE-2021-30673
26 May 2021 — An access issue was addressed with improved access restrictions. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina. A malicious application may be able to access a user's call history. Se abordó un problema de acceso con restricciones de acceso mejorado. Este problema es corregido en macOS Big Sur versión 11.4, Security Update 2021-003 Catalina. • https://support.apple.com/en-us/HT212529 •
CVSS: 8.1EPSS: 0%CPEs: 6EXPL: 0CVE-2021-30689 – webkitgtk: Logic issue leading to universal cross site scripting attack
https://notcve.org/view.php?id=CVE-2021-30689
26 May 2021 — A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to universal cross site scripting. Se abordó un problema lógico con una administración de estado mejorada. Este problema es corregido en tvOS versión 14.6, iOS versión 14.6 y iPadOS versión 14.6, Safari versión 14.1.1, macOS Big Sur versión 11.4, watchOS versión 7.5. • https://support.apple.com/en-us/HT212528 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-30700 – Apple Security Advisory 2021-05-25-1
https://notcve.org/view.php?id=CVE-2021-30700
26 May 2021 — This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.4, tvOS 14.6, watchOS 7.5, iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted image may lead to disclosure of user information. Se abordó este problema con comprobaciones mejoradas. Este problema es corregido en macOS Big Sur versión 11.4, tvOS versión 14.6, watchOS versión 7.5, iOS versión 14.6 y iPadOS versión 14.6. • https://support.apple.com/en-us/HT212528 •
CVSS: 7.8EPSS: 0%CPEs: 30EXPL: 0CVE-2021-30739 – Apple Security Advisory 2021-05-25-2
https://notcve.org/view.php?id=CVE-2021-30739
26 May 2021 — A local attacker may be able to elevate their privileges. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. A memory corruption issue was addressed with improved validation. Un atacante local puede ser capaz de elevar sus privilegios. Este problema se corrigió en macOS Big Sur versión 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. • https://support.apple.com/en-us/HT212529 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 0%CPEs: 6EXPL: 0CVE-2021-30720 – webkitgtk: Logic issue allowing access to restricted ports on arbitrary servers
https://notcve.org/view.php?id=CVE-2021-30720
26 May 2021 — A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious website may be able to access restricted ports on arbitrary servers. Se abordó un problema lógico con restricciones mejoradas. Este problema se corrigió en tvOS versión 14.6, iOS versión 14.6 e iPadOS versión 14.6, Safari versión 14.1.1, macOS Big Sur versión 11.4, watchOS versión 7.5. • https://support.apple.com/en-us/HT212528 • CWE-20: Improper Input Validation CWE-287: Improper Authentication •
CVSS: 7.8EPSS: 0%CPEs: 32EXPL: 0CVE-2021-30725 – Apple macOS ModelIO USD Parsing Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-30725
26 May 2021 — A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution. Se abordó un problema de corrupción de la memoria con una administración de estado mejorada. Este problema se corrigió en macOS Big Sur versión 11.4, Security Update 2021-003 Catalina, ... • https://support.apple.com/en-us/HT212528 • CWE-787: Out-of-bounds Write •